diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..95a9032 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +*.vhd filter=lfs diff=lfs merge=lfs -text +*.ova filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text diff --git a/README.md b/README.md deleted file mode 100644 index 931e052..0000000 --- a/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# tiny10-bimmertools - -bimmertools voor programmeren en coden van bimmers \ No newline at end of file diff --git a/bimmertools.ova b/bimmertools.ova new file mode 100644 index 0000000..795e664 --- /dev/null +++ b/bimmertools.ova @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dac0a11d3d85470bffc4a14c871883cfbdeaa7acd0be1325b53d76973dabcd5e +size 5641586176 diff --git a/bimmertools/Logs/VBox.log b/bimmertools/Logs/VBox.log new file mode 100644 index 0000000..920cf76 --- /dev/null +++ b/bimmertools/Logs/VBox.log @@ -0,0 +1,3759 @@ +00:00:00.227877 VirtualBox VM 7.1.4 r165100 win.amd64 (Oct 10 2024 18:57:17) release log +00:00:00.227879 Log opened 2024-11-18T19:56:00.028420000Z +00:00:00.227879 Build Type: release +00:00:00.227881 OS Product: Windows 11 +00:00:00.227882 OS Release: 10.0.22631 +00:00:00.227882 OS Service Pack: +00:00:00.281911 DMI Product Name: MS-7D89 +00:00:00.284169 DMI Product Version: 1.0 +00:00:00.284176 Firmware type: UEFI +00:00:00.284516 Secure Boot: Enabled +00:00:00.284524 Host RAM: 32532MB (31.7GB) total, 13633MB (13.3GB) available +00:00:00.284526 Executable: C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +00:00:00.284526 Process ID: 40064 +00:00:00.284526 Package type: WINDOWS_64BITS_GENERIC +00:00:00.284527 Windows Features: +00:00:00.284527 Core Isolation (Memory Integrity): ENABLED +00:00:00.285084 Installed Extension Packs: +00:00:00.285103 None installed! +00:00:00.285410 Console: Machine state changed to 'Starting' +00:00:00.428206 SUP: seg #0: R 0x00000000 LB 0x00001000 +00:00:00.428228 SUP: seg #1: R X 0x00001000 LB 0x001f7000 +00:00:00.428233 SUP: seg #2: R 0x001f8000 LB 0x00055000 +00:00:00.428238 SUP: seg #3: RW 0x0024d000 LB 0x00013000 +00:00:00.428243 SUP: seg #4: R 0x00260000 LB 0x00014000 +00:00:00.428247 SUP: seg #5: RW 0x00274000 LB 0x00004000 +00:00:00.428252 SUP: seg #6: R 0x00278000 LB 0x00009000 +00:00:00.428256 SUP: seg #7: R X 0x00281000 LB 0x00002000 +00:00:00.428273 SUP: seg #8: R 0x00283000 LB 0x00007000 +00:00:00.430316 SUP: Loaded VMMR0.r0 (C:\Program Files\Oracle\VirtualBox/VMMR0.r0) at 0xXXXXXXXXXXXXXXXX - ModuleInit at XXXXXXXXXXXXXXXX and ModuleTerm at XXXXXXXXXXXXXXXX using the native ring-0 loader +00:00:00.430336 SUP: VMMR0EntryEx located at XXXXXXXXXXXXXXXX and VMMR0EntryFast at XXXXXXXXXXXXXXXX +00:00:00.430341 SUP: windbg> .reload /f C:\Program Files\Oracle\VirtualBox/VMMR0.r0=0xXXXXXXXXXXXXXXXX +00:00:00.437613 Guest architecture: x86 +00:00:00.437644 Guest OS type: 'Windows10_64' +00:00:00.437930 fHMForced=true - No raw-mode support in this build! +00:00:00.437948 Using execution engine 1 +00:00:00.439664 File system of 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' is ntfs +00:00:00.440000 File system of 'F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso' (DVD) is ntfs +00:00:00.440402 File system of 'F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso' (DVD) is ntfs +00:00:00.502913 Shared Clipboard: Initialized OLE +00:00:00.502953 Shared Clipboard: Service loaded +00:00:00.502961 Shared Clipboard: Mode: Off +00:00:00.503010 Shared Clipboard: Service running in headless mode +00:00:00.508795 Drag and drop service loaded +00:00:00.508809 Drag and drop mode: Off +00:00:00.509326 Audio: Detected default audio driver type is 'HostAudioWas' +00:00:00.571632 ************************* CFGM dump ************************* +00:00:00.571634 [/] (level 0) +00:00:00.571635 CpuExecutionCap = 0x0000000000000064 (100) +00:00:00.571636 EnablePAE = 0x0000000000000001 (1) +00:00:00.571637 HMEnabled = 0x0000000000000001 (1) +00:00:00.571637 MemBalloonSize = 0x0000000000000000 (0, 0 B) +00:00:00.571641 Name = "bimmertools" (cb=12) +00:00:00.571641 NumCPUs = 0x0000000000000001 (1) +00:00:00.571642 PageFusionAllowed = 0x0000000000000000 (0) +00:00:00.571642 RamHoleSize = 0x0000000020000000 (536 870 912, 512.0 MiB) +00:00:00.571643 RamSize = 0x0000000080000000 (2 147 483 648, 2.0 GiB) +00:00:00.571643 TimerMillies = 0x000000000000000a (10) +00:00:00.571643 UUID = "d2 e0 88 01 1a 8e a1 4c 82 fc 76 b7 7e 2a c9 76" (cb=16) +00:00:00.571645 +00:00:00.571645 [/CPUM/] (level 1) +00:00:00.571645 Enable64bit = 0x0000000000000001 (1) +00:00:00.571645 GuestCpuName = "host" (cb=5) +00:00:00.571646 NestedHWVirt = 0x0000000000000000 (0) +00:00:00.571646 PortableCpuIdLevel = 0x0000000000000000 (0) +00:00:00.571646 SpecCtrl = 0x0000000000000000 (0) +00:00:00.571647 +00:00:00.571647 [/CPUM/IsaExts/] (level 2) +00:00:00.571647 +00:00:00.571647 [/DBGC/] (level 1) +00:00:00.571647 GlobalInitScript = "C:\Users\Sepp\.VirtualBox/dbgc-init" (cb=36) +00:00:00.571648 HistoryFile = "C:\Users\Sepp\.VirtualBox/dbgc-history" (cb=39) +00:00:00.571648 LocalInitScript = "F:\VHDs\Tiny10-Bimmer-Tools\bimmertools/dbgc-init" (cb=50) +00:00:00.571648 +00:00:00.571648 [/DBGF/] (level 1) +00:00:00.571649 Path = "F:\VHDs\Tiny10-Bimmer-Tools\bimmertools/debug/;F:\VHDs\Tiny10-Bimmer-Tools\bimmertools/;cache*F:\VHDs\Tiny10-Bimmer-Tools\bimmertools/dbgcache/;C:\Users\Sepp\" (cb=159) +00:00:00.571649 +00:00:00.571649 [/Devices/] (level 1) +00:00:00.571649 +00:00:00.571649 [/Devices/3c501/] (level 2) +00:00:00.571650 +00:00:00.571650 [/Devices/8237A/] (level 2) +00:00:00.571650 +00:00:00.571650 [/Devices/8237A/0/] (level 3) +00:00:00.571651 Trusted = 0x0000000000000001 (1) +00:00:00.571651 +00:00:00.571651 [/Devices/GIMDev/] (level 2) +00:00:00.571651 +00:00:00.571651 [/Devices/GIMDev/0/] (level 3) +00:00:00.571652 Trusted = 0x0000000000000001 (1) +00:00:00.571652 +00:00:00.571652 [/Devices/VMMDev/] (level 2) +00:00:00.571652 +00:00:00.571652 [/Devices/VMMDev/0/] (level 3) +00:00:00.571653 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571653 PCIDeviceNo = 0x0000000000000004 (4) +00:00:00.571653 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571654 Trusted = 0x0000000000000001 (1) +00:00:00.571654 +00:00:00.571654 [/Devices/VMMDev/0/Config/] (level 4) +00:00:00.571654 GuestCoreDumpDir = "F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Snapshots" (cb=50) +00:00:00.571655 +00:00:00.571655 [/Devices/VMMDev/0/LUN#0/] (level 4) +00:00:00.571655 Driver = "HGCM" (cb=5) +00:00:00.571655 +00:00:00.571655 [/Devices/VMMDev/0/LUN#0/Config/] (level 5) +00:00:00.571656 +00:00:00.571656 [/Devices/VMMDev/0/LUN#999/] (level 4) +00:00:00.571656 Driver = "MainStatus" (cb=11) +00:00:00.571656 +00:00:00.571657 [/Devices/VMMDev/0/LUN#999/Config/] (level 5) +00:00:00.571657 First = 0x0000000000000000 (0) +00:00:00.571657 HasMediumAttachments = 0x0000000000000000 (0) +00:00:00.571658 Last = 0x0000000000000000 (0) +00:00:00.571658 iLedSet = 0x0000000000000004 (4) +00:00:00.571658 +00:00:00.571658 [/Devices/acpi/] (level 2) +00:00:00.571659 +00:00:00.571659 [/Devices/acpi/0/] (level 3) +00:00:00.571659 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571659 PCIDeviceNo = 0x0000000000000007 (7) +00:00:00.571660 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571660 Trusted = 0x0000000000000001 (1) +00:00:00.571660 +00:00:00.571660 [/Devices/acpi/0/Config/] (level 4) +00:00:00.571661 CpuHotPlug = 0x0000000000000000 (0) +00:00:00.571661 FdcEnabled = 0x0000000000000000 (0) +00:00:00.571661 HostBusPciAddress = 0x0000000000000000 (0) +00:00:00.571661 HpetEnabled = 0x0000000000000000 (0) +00:00:00.571662 IOAPIC = 0x0000000000000001 (1) +00:00:00.571662 IocPciAddress = 0x0000000000010000 (65 536) +00:00:00.571662 NumCPUs = 0x0000000000000001 (1) +00:00:00.571663 Parallel0IoPortBase = 0x0000000000000000 (0) +00:00:00.571663 Parallel0Irq = 0x0000000000000000 (0) +00:00:00.571663 Parallel1IoPortBase = 0x0000000000000000 (0) +00:00:00.571663 Parallel1Irq = 0x0000000000000000 (0) +00:00:00.571664 Serial0IoPortBase = 0x0000000000000000 (0) +00:00:00.571664 Serial0Irq = 0x0000000000000000 (0) +00:00:00.571664 Serial1IoPortBase = 0x0000000000000000 (0) +00:00:00.571664 Serial1Irq = 0x0000000000000000 (0) +00:00:00.571665 ShowCpu = 0x0000000000000001 (1) +00:00:00.571665 ShowRtc = 0x0000000000000000 (0) +00:00:00.571665 SmcEnabled = 0x0000000000000000 (0) +00:00:00.571665 +00:00:00.571665 [/Devices/acpi/0/LUN#0/] (level 4) +00:00:00.571666 Driver = "ACPIHost" (cb=9) +00:00:00.571666 +00:00:00.571666 [/Devices/acpi/0/LUN#0/Config/] (level 5) +00:00:00.571667 +00:00:00.571667 [/Devices/ahci/] (level 2) +00:00:00.571667 +00:00:00.571667 [/Devices/ahci/0/] (level 3) +00:00:00.571668 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571668 PCIDeviceNo = 0x000000000000000d (13) +00:00:00.571668 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571668 Trusted = 0x0000000000000001 (1) +00:00:00.571668 +00:00:00.571669 [/Devices/ahci/0/Config/] (level 4) +00:00:00.571669 Bootable = 0x0000000000000001 (1) +00:00:00.571669 PortCount = 0x0000000000000003 (3) +00:00:00.571669 +00:00:00.571669 [/Devices/ahci/0/Config/Port0/] (level 5) +00:00:00.571670 Hotpluggable = 0x0000000000000000 (0) +00:00:00.571670 +00:00:00.571670 [/Devices/ahci/0/Config/Port1/] (level 5) +00:00:00.571671 Hotpluggable = 0x0000000000000000 (0) +00:00:00.571671 +00:00:00.571671 [/Devices/ahci/0/Config/Port2/] (level 5) +00:00:00.571671 Hotpluggable = 0x0000000000000000 (0) +00:00:00.571671 +00:00:00.571672 [/Devices/ahci/0/LUN#0/] (level 4) +00:00:00.571672 Driver = "VD" (cb=3) +00:00:00.571672 +00:00:00.571672 [/Devices/ahci/0/LUN#0/Config/] (level 5) +00:00:00.571673 BlockCache = 0x0000000000000001 (1) +00:00:00.571673 Format = "VHD" (cb=4) +00:00:00.571673 Mountable = 0x0000000000000000 (0) +00:00:00.571673 Path = "F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd" (cb=56) +00:00:00.571674 Type = "HardDisk" (cb=9) +00:00:00.571674 UseNewIo = 0x0000000000000001 (1) +00:00:00.571674 +00:00:00.571674 [/Devices/ahci/0/LUN#1/] (level 4) +00:00:00.571674 Driver = "SCSI" (cb=5) +00:00:00.571675 +00:00:00.571675 [/Devices/ahci/0/LUN#1/AttachedDriver/] (level 5) +00:00:00.571675 Driver = "VD" (cb=3) +00:00:00.571676 +00:00:00.571676 [/Devices/ahci/0/LUN#1/AttachedDriver/Config/] (level 6) +00:00:00.571676 Format = "RAW" (cb=4) +00:00:00.571676 Mountable = 0x0000000000000001 (1) +00:00:00.571676 Path = "F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso" (cb=62) +00:00:00.571677 ReadOnly = 0x0000000000000001 (1) +00:00:00.571677 Type = "DVD" (cb=4) +00:00:00.571677 UseNewIo = 0x0000000000000001 (1) +00:00:00.571677 +00:00:00.571677 [/Devices/ahci/0/LUN#2/] (level 4) +00:00:00.571678 Driver = "SCSI" (cb=5) +00:00:00.571678 +00:00:00.571678 [/Devices/ahci/0/LUN#2/AttachedDriver/] (level 5) +00:00:00.571679 Driver = "VD" (cb=3) +00:00:00.571679 +00:00:00.571679 [/Devices/ahci/0/LUN#2/AttachedDriver/Config/] (level 6) +00:00:00.571679 Format = "VBoxIsoMaker" (cb=13) +00:00:00.571680 Mountable = 0x0000000000000001 (1) +00:00:00.571680 Path = "F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso" (cb=101) +00:00:00.571680 ReadOnly = 0x0000000000000001 (1) +00:00:00.571680 Type = "DVD" (cb=4) +00:00:00.571681 UseNewIo = 0x0000000000000001 (1) +00:00:00.571681 +00:00:00.571681 [/Devices/ahci/0/LUN#2/AttachedDriver/Config/VDConfig/] (level 7) +00:00:00.571681 UnattendedInstall = "1" (cb=2) +00:00:00.571682 +00:00:00.571682 [/Devices/ahci/0/LUN#999/] (level 4) +00:00:00.571682 Driver = "MainStatus" (cb=11) +00:00:00.571682 +00:00:00.571682 [/Devices/ahci/0/LUN#999/Config/] (level 5) +00:00:00.571683 DeviceInstance = "ahci/0" (cb=7) +00:00:00.571683 First = 0x0000000000000000 (0) +00:00:00.571683 HasMediumAttachments = 0x0000000000000001 (1) +00:00:00.571683 Last = 0x0000000000000002 (2) +00:00:00.571684 iLedSet = 0x0000000000000002 (2) +00:00:00.571684 +00:00:00.571684 [/Devices/apic/] (level 2) +00:00:00.571684 +00:00:00.571684 [/Devices/apic/0/] (level 3) +00:00:00.571685 Trusted = 0x0000000000000001 (1) +00:00:00.571685 +00:00:00.571685 [/Devices/apic/0/Config/] (level 4) +00:00:00.571685 IOAPIC = 0x0000000000000001 (1) +00:00:00.571686 Mode = 0x0000000000000002 (2) +00:00:00.571686 NumCPUs = 0x0000000000000001 (1) +00:00:00.571686 +00:00:00.571686 [/Devices/dp8390/] (level 2) +00:00:00.571686 +00:00:00.571687 [/Devices/e1000/] (level 2) +00:00:00.571687 +00:00:00.571687 [/Devices/e1000/0/] (level 3) +00:00:00.571687 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571687 PCIDeviceNo = 0x0000000000000003 (3) +00:00:00.571688 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571688 Trusted = 0x0000000000000001 (1) +00:00:00.571688 +00:00:00.571688 [/Devices/e1000/0/Config/] (level 4) +00:00:00.571689 AdapterType = 0x0000000000000000 (0) +00:00:00.571689 CableConnected = 0x0000000000000001 (1) +00:00:00.571689 LineSpeed = 0x0000000000000000 (0) +00:00:00.571689 MAC = "08 00 27 84 ee 0a" (cb=6) +00:00:00.571690 +00:00:00.571690 [/Devices/e1000/0/LUN#0/] (level 4) +00:00:00.571690 Driver = "NAT" (cb=4) +00:00:00.571690 +00:00:00.571690 [/Devices/e1000/0/LUN#0/Config/] (level 5) +00:00:00.571691 AliasMode = 0x0000000000000000 (0) +00:00:00.571691 BootFile = "bimmertools.pxe" (cb=16) +00:00:00.571691 DNSProxy = 0x0000000000000000 (0) +00:00:00.571692 LocalhostReachable = 0x0000000000000000 (0) +00:00:00.571692 Network = "10.0.2.0/24" (cb=12) +00:00:00.571692 PassDomain = 0x0000000000000001 (1) +00:00:00.571692 TFTPPrefix = "C:\Users\Sepp\.VirtualBox\TFTP" (cb=31) +00:00:00.571693 UseHostResolver = 0x0000000000000000 (0) +00:00:00.571693 +00:00:00.571693 [/Devices/e1000/0/LUN#999/] (level 4) +00:00:00.571693 Driver = "MainStatus" (cb=11) +00:00:00.571694 +00:00:00.571694 [/Devices/e1000/0/LUN#999/Config/] (level 5) +00:00:00.571694 First = 0x0000000000000000 (0) +00:00:00.571694 HasMediumAttachments = 0x0000000000000000 (0) +00:00:00.571694 Last = 0x0000000000000000 (0) +00:00:00.571695 iLedSet = 0x0000000000000003 (3) +00:00:00.571695 +00:00:00.571695 [/Devices/efi/] (level 2) +00:00:00.571695 +00:00:00.571695 [/Devices/efi/0/] (level 3) +00:00:00.571696 Trusted = 0x0000000000000001 (1) +00:00:00.571696 +00:00:00.571696 [/Devices/efi/0/Config/] (level 4) +00:00:00.571697 64BitEntry = 0x0000000000000001 (1) +00:00:00.571697 APIC = 0x0000000000000001 (1) +00:00:00.571697 BootArgs = "" (cb=1) +00:00:00.571697 DeviceProps = "" (cb=1) +00:00:00.571698 DmiSystemSerial = "VirtualBox-" (cb=27) +00:00:00.571698 EfiRom = "VBoxEFI64.fd" (cb=13) +00:00:00.571698 IOAPIC = 0x0000000000000001 (1) +00:00:00.571698 McfgBase = 0x0000000000000000 (0) +00:00:00.571699 McfgLength = 0x0000000000000000 (0) +00:00:00.571699 NumCPUs = 0x0000000000000001 (1) +00:00:00.571699 NvramFile = "F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\bimmertools.nvram" (cb=58) +00:00:00.571699 UUID = "d2 e0 88 01 1a 8e a1 4c 82 fc 76 b7 7e 2a c9 76" (cb=16) +00:00:00.571700 UuidLe = 0x0000000000000001 (1) +00:00:00.571700 +00:00:00.571700 [/Devices/efi/0/LUN#0/] (level 4) +00:00:00.571701 Driver = "NvramStore" (cb=11) +00:00:00.571701 +00:00:00.571701 [/Devices/hda/] (level 2) +00:00:00.571701 +00:00:00.571701 [/Devices/hda/0/] (level 3) +00:00:00.571702 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571702 PCIDeviceNo = 0x0000000000000005 (5) +00:00:00.571702 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571702 Trusted = 0x0000000000000001 (1) +00:00:00.571703 +00:00:00.571703 [/Devices/hda/0/AudioConfig/] (level 4) +00:00:00.571703 +00:00:00.571703 [/Devices/hda/0/Config/] (level 4) +00:00:00.571704 DebugEnabled = 0x0000000000000000 (0) +00:00:00.571704 +00:00:00.571704 [/Devices/hda/0/LUN#0/] (level 4) +00:00:00.571704 Driver = "AUDIO" (cb=6) +00:00:00.571705 +00:00:00.571705 [/Devices/hda/0/LUN#0/AttachedDriver/] (level 5) +00:00:00.571705 Driver = "HostAudioWas" (cb=13) +00:00:00.571705 +00:00:00.571705 [/Devices/hda/0/LUN#0/AttachedDriver/Config/] (level 6) +00:00:00.571706 VmName = "bimmertools" (cb=12) +00:00:00.571706 VmUuid = "0188e0d2-8e1a-4ca1-82fc-76b77e2ac976" (cb=37) +00:00:00.571706 +00:00:00.571706 [/Devices/hda/0/LUN#0/Config/] (level 5) +00:00:00.571707 DriverName = "HostAudioWas" (cb=13) +00:00:00.571707 InputEnabled = 0x0000000000000000 (0) +00:00:00.571707 OutputEnabled = 0x0000000000000001 (1) +00:00:00.571707 +00:00:00.571707 [/Devices/hda/0/LUN#1/] (level 4) +00:00:00.571708 Driver = "AUDIO" (cb=6) +00:00:00.571708 +00:00:00.571708 [/Devices/hda/0/LUN#2/] (level 4) +00:00:00.571708 Driver = "AUDIO" (cb=6) +00:00:00.571708 +00:00:00.571708 [/Devices/i8254/] (level 2) +00:00:00.571709 +00:00:00.571709 [/Devices/i8254/0/] (level 3) +00:00:00.571709 +00:00:00.571709 [/Devices/i8254/0/Config/] (level 4) +00:00:00.571710 +00:00:00.571710 [/Devices/i8259/] (level 2) +00:00:00.571710 +00:00:00.571710 [/Devices/i8259/0/] (level 3) +00:00:00.571710 Trusted = 0x0000000000000001 (1) +00:00:00.571710 +00:00:00.571710 [/Devices/i8259/0/Config/] (level 4) +00:00:00.571711 +00:00:00.571711 [/Devices/ioapic/] (level 2) +00:00:00.571711 +00:00:00.571711 [/Devices/ioapic/0/] (level 3) +00:00:00.571712 Trusted = 0x0000000000000001 (1) +00:00:00.571712 +00:00:00.571712 [/Devices/ioapic/0/Config/] (level 4) +00:00:00.571712 NumCPUs = 0x0000000000000001 (1) +00:00:00.571712 +00:00:00.571712 [/Devices/mc146818/] (level 2) +00:00:00.571713 +00:00:00.571713 [/Devices/mc146818/0/] (level 3) +00:00:00.571713 +00:00:00.571713 [/Devices/mc146818/0/Config/] (level 4) +00:00:00.571713 UseUTC = 0x0000000000000000 (0) +00:00:00.571714 +00:00:00.571714 [/Devices/parallel/] (level 2) +00:00:00.571714 +00:00:00.571714 [/Devices/pcarch/] (level 2) +00:00:00.571714 +00:00:00.571714 [/Devices/pcarch/0/] (level 3) +00:00:00.571715 Trusted = 0x0000000000000001 (1) +00:00:00.571715 +00:00:00.571715 [/Devices/pcarch/0/Config/] (level 4) +00:00:00.571715 +00:00:00.571716 [/Devices/pci/] (level 2) +00:00:00.571716 +00:00:00.571716 [/Devices/pci/0/] (level 3) +00:00:00.571716 Trusted = 0x0000000000000001 (1) +00:00:00.571716 +00:00:00.571716 [/Devices/pci/0/Config/] (level 4) +00:00:00.571717 IOAPIC = 0x0000000000000001 (1) +00:00:00.571717 +00:00:00.571717 [/Devices/pcibridge/] (level 2) +00:00:00.571717 +00:00:00.571717 [/Devices/pckbd/] (level 2) +00:00:00.571718 +00:00:00.571718 [/Devices/pckbd/0/] (level 3) +00:00:00.571718 Trusted = 0x0000000000000001 (1) +00:00:00.571718 +00:00:00.571718 [/Devices/pckbd/0/Config/] (level 4) +00:00:00.571719 +00:00:00.571719 [/Devices/pckbd/0/LUN#0/] (level 4) +00:00:00.571719 Driver = "KeyboardQueue" (cb=14) +00:00:00.571719 +00:00:00.571719 [/Devices/pckbd/0/LUN#0/AttachedDriver/] (level 5) +00:00:00.571720 Driver = "MainKeyboard" (cb=13) +00:00:00.571720 +00:00:00.571720 [/Devices/pckbd/0/LUN#0/Config/] (level 5) +00:00:00.571720 QueueSize = 0x0000000000000040 (64, 64 B) +00:00:00.571721 +00:00:00.571721 [/Devices/pckbd/0/LUN#1/] (level 4) +00:00:00.571721 Driver = "MouseQueue" (cb=11) +00:00:00.571721 +00:00:00.571721 [/Devices/pckbd/0/LUN#1/AttachedDriver/] (level 5) +00:00:00.571722 Driver = "MainMouse" (cb=10) +00:00:00.571722 +00:00:00.571722 [/Devices/pckbd/0/LUN#1/Config/] (level 5) +00:00:00.571722 QueueSize = 0x0000000000000080 (128, 128 B) +00:00:00.571723 +00:00:00.571723 [/Devices/pcnet/] (level 2) +00:00:00.571723 +00:00:00.571723 [/Devices/serial/] (level 2) +00:00:00.571723 +00:00:00.571723 [/Devices/usb-xhci/] (level 2) +00:00:00.571724 +00:00:00.571724 [/Devices/usb-xhci/0/] (level 3) +00:00:00.571724 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571724 PCIDeviceNo = 0x000000000000000c (12) +00:00:00.571725 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571725 Trusted = 0x0000000000000001 (1) +00:00:00.571725 +00:00:00.571725 [/Devices/usb-xhci/0/Config/] (level 4) +00:00:00.571725 +00:00:00.571726 [/Devices/usb-xhci/0/LUN#0/] (level 4) +00:00:00.571726 Driver = "VUSBRootHub" (cb=12) +00:00:00.571726 +00:00:00.571726 [/Devices/usb-xhci/0/LUN#0/Config/] (level 5) +00:00:00.571726 +00:00:00.571727 [/Devices/usb-xhci/0/LUN#1/] (level 4) +00:00:00.571727 Driver = "VUSBRootHub" (cb=12) +00:00:00.571727 +00:00:00.571727 [/Devices/usb-xhci/0/LUN#1/Config/] (level 5) +00:00:00.571727 +00:00:00.571728 [/Devices/usb-xhci/0/LUN#999/] (level 4) +00:00:00.571728 Driver = "MainStatus" (cb=11) +00:00:00.571728 +00:00:00.571728 [/Devices/usb-xhci/0/LUN#999/Config/] (level 5) +00:00:00.571729 First = 0x0000000000000000 (0) +00:00:00.571729 HasMediumAttachments = 0x0000000000000000 (0) +00:00:00.571729 Last = 0x0000000000000001 (1) +00:00:00.571729 iLedSet = 0x0000000000000001 (1) +00:00:00.571730 +00:00:00.571730 [/Devices/vga/] (level 2) +00:00:00.571730 +00:00:00.571730 [/Devices/vga/0/] (level 3) +00:00:00.571730 PCIBusNo = 0x0000000000000000 (0) +00:00:00.571731 PCIDeviceNo = 0x0000000000000002 (2) +00:00:00.571731 PCIFunctionNo = 0x0000000000000000 (0) +00:00:00.571731 Trusted = 0x0000000000000001 (1) +00:00:00.571731 +00:00:00.571731 [/Devices/vga/0/Config/] (level 4) +00:00:00.571732 3DEnabled = 0x0000000000000000 (0) +00:00:00.571732 CustomVideoModes = 0x0000000000000000 (0) +00:00:00.571732 FadeIn = 0x0000000000000001 (1) +00:00:00.571732 FadeOut = 0x0000000000000001 (1) +00:00:00.571733 HeightReduction = 0x0000000000000000 (0) +00:00:00.571733 LogoFile = "" (cb=1) +00:00:00.571733 LogoTime = 0x0000000000000000 (0) +00:00:00.571734 MonitorCount = 0x0000000000000001 (1) +00:00:00.571734 ShowBootMenu = 0x0000000000000002 (2) +00:00:00.571734 VMSVGA3dEnabled = 0x0000000000000000 (0) +00:00:00.571734 VMSVGAEnabled = 0x0000000000000001 (1) +00:00:00.571735 VRamSize = 0x0000000008000000 (134 217 728, 128.0 MiB) +00:00:00.571735 VmSvga3 = 0x0000000000000000 (0) +00:00:00.571735 VmSvgaExposeLegacyVga = 0x0000000000000001 (1) +00:00:00.571736 +00:00:00.571736 [/Devices/vga/0/LUN#0/] (level 4) +00:00:00.571736 Driver = "MainDisplay" (cb=12) +00:00:00.571736 +00:00:00.571736 [/Devices/vga/0/LUN#0/Config/] (level 5) +00:00:00.571737 +00:00:00.571737 [/Devices/vga/0/LUN#999/] (level 4) +00:00:00.571737 Driver = "MainStatus" (cb=11) +00:00:00.571737 +00:00:00.571737 [/Devices/vga/0/LUN#999/Config/] (level 5) +00:00:00.571738 First = 0x0000000000000000 (0) +00:00:00.571738 HasMediumAttachments = 0x0000000000000000 (0) +00:00:00.571738 Last = 0x0000000000000000 (0) +00:00:00.571738 iLedSet = 0x0000000000000000 (0) +00:00:00.571739 +00:00:00.571739 [/Devices/virtio-net/] (level 2) +00:00:00.571739 +00:00:00.571739 [/EM/] (level 1) +00:00:00.571739 TripleFaultReset = 0x0000000000000000 (0) +00:00:00.571740 +00:00:00.571740 [/GCM/] (level 1) +00:00:00.571740 +00:00:00.571740 [/GIM/] (level 1) +00:00:00.571740 Provider = "HyperV" (cb=7) +00:00:00.571740 +00:00:00.571741 [/HM/] (level 1) +00:00:00.571741 64bitEnabled = 0x0000000000000001 (1) +00:00:00.571741 EnableLargePages = 0x0000000000000001 (1) +00:00:00.571741 EnableNestedPaging = 0x0000000000000001 (1) +00:00:00.571742 EnableUX = 0x0000000000000001 (1) +00:00:00.571742 EnableVPID = 0x0000000000000001 (1) +00:00:00.571742 Exclusive = 0x0000000000000000 (0) +00:00:00.571742 HMForced = 0x0000000000000001 (1) +00:00:00.571743 IBPBOnVMEntry = 0x0000000000000000 (0) +00:00:00.571743 IBPBOnVMExit = 0x0000000000000000 (0) +00:00:00.571743 L1DFlushOnSched = 0x0000000000000001 (1) +00:00:00.571743 L1DFlushOnVMEntry = 0x0000000000000000 (0) +00:00:00.571743 MDSClearOnSched = 0x0000000000000001 (1) +00:00:00.571744 MDSClearOnVMEntry = 0x0000000000000000 (0) +00:00:00.571744 SpecCtrlByHost = 0x0000000000000000 (0) +00:00:00.571744 SvmVirtVmsaveVmload = 0x0000000000000000 (0) +00:00:00.571744 UseNEMInstead = 0x0000000000000000 (0) +00:00:00.571745 +00:00:00.571745 [/MM/] (level 1) +00:00:00.571745 CanUseLargerHeap = 0x0000000000000000 (0) +00:00:00.571745 +00:00:00.571745 [/NEM/] (level 1) +00:00:00.571745 Allow64BitGuests = 0x0000000000000001 (1) +00:00:00.571746 +00:00:00.571746 [/PDM/] (level 1) +00:00:00.571746 +00:00:00.571746 [/PDM/AsyncCompletion/] (level 2) +00:00:00.571746 +00:00:00.571746 [/PDM/AsyncCompletion/File/] (level 3) +00:00:00.571747 +00:00:00.571747 [/PDM/AsyncCompletion/File/BwGroups/] (level 4) +00:00:00.571747 +00:00:00.571747 [/PDM/BlkCache/] (level 2) +00:00:00.571747 CacheSize = 0x0000000000500000 (5 242 880, 5.0 MiB) +00:00:00.571748 +00:00:00.571748 [/PDM/Devices/] (level 2) +00:00:00.571748 +00:00:00.571748 [/PDM/Drivers/] (level 2) +00:00:00.571749 +00:00:00.571749 [/PDM/Drivers/VBoxC/] (level 3) +00:00:00.571749 Path = "VBoxC" (cb=6) +00:00:00.571749 +00:00:00.571749 [/PDM/NetworkShaper/] (level 2) +00:00:00.571749 +00:00:00.571750 [/PDM/NetworkShaper/BwGroups/] (level 3) +00:00:00.571750 +00:00:00.571750 [/TM/] (level 1) +00:00:00.571750 UTCOffset = 0x0000000000000000 (0) +00:00:00.571750 +00:00:00.571750 [/USB/] (level 1) +00:00:00.571751 +00:00:00.571751 [/USB/HidMouse/] (level 2) +00:00:00.571751 +00:00:00.571751 [/USB/HidMouse/0/] (level 3) +00:00:00.571751 +00:00:00.571751 [/USB/HidMouse/0/Config/] (level 4) +00:00:00.571752 Mode = "absolute" (cb=9) +00:00:00.571752 +00:00:00.571752 [/USB/HidMouse/0/LUN#0/] (level 4) +00:00:00.571752 Driver = "MouseQueue" (cb=11) +00:00:00.571753 +00:00:00.571753 [/USB/HidMouse/0/LUN#0/AttachedDriver/] (level 5) +00:00:00.571753 Driver = "MainMouse" (cb=10) +00:00:00.571753 +00:00:00.571753 [/USB/HidMouse/0/LUN#0/Config/] (level 5) +00:00:00.571754 QueueSize = 0x0000000000000080 (128, 128 B) +00:00:00.571754 +00:00:00.571754 [/USB/USBProxy/] (level 2) +00:00:00.571754 +00:00:00.571754 [/USB/USBProxy/GlobalConfig/] (level 3) +00:00:00.571755 +00:00:00.571755 ********************* End of CFGM dump ********************** +00:00:00.571800 HM: HMR3Init: Attempting fall back to NEM: VT-x is not available +00:00:00.621934 NEM: info: Found optional import WinHvPlatform.dll!WHvQueryGpaRangeDirtyBitmap. +00:00:00.621946 NEM: info: Found optional import vid.dll!VidGetHvPartitionId. +00:00:00.621951 NEM: info: Found optional import vid.dll!VidGetPartitionProperty. +00:00:00.621986 NEM: WHvCapabilityCodeHypervisorPresent is TRUE, so this might work... +00:00:00.621993 NEM: WHvCapabilityCodeExtendedVmExits = 0x0000000000007fff +00:00:00.621999 NEM: fExtendedMsrExit: 1 +00:00:00.622003 NEM: fExtendedCpuIdExit: 1 +00:00:00.622007 NEM: fExtendedXcptExit: 1 +00:00:00.622012 NEM: Warning! Unknown VM exit definitions: 0x7fff +00:00:00.622016 NEM: Warning! Unknown feature definitions: 0x2ff +00:00:00.622020 NEM: Supported exception exit bitmap: 0xf7dfb +00:00:00.622026 NEM: WHvCapabilityCodeProcessorVendor = 1 - Intel +00:00:00.622036 NEM: WHvCapabilityCodeProcessorFeatures = 0x3e1b7bcfe7f7859f +00:00:00.622042 NEM: Sse3Support: 1 +00:00:00.622046 NEM: LahfSahfSupport: 1 +00:00:00.622050 NEM: Ssse3Support: 1 +00:00:00.622054 NEM: Sse4_1Support: 1 +00:00:00.622059 NEM: Sse4_2Support: 1 +00:00:00.622063 NEM: Sse4aSupport: 0 +00:00:00.622067 NEM: XopSupport: 0 +00:00:00.622072 NEM: PopCntSupport: 1 +00:00:00.622076 NEM: Cmpxchg16bSupport: 1 +00:00:00.622080 NEM: Altmovcr8Support: 0 +00:00:00.622084 NEM: LzcntSupport: 1 +00:00:00.622087 NEM: MisAlignSseSupport: 0 +00:00:00.622087 NEM: MmxExtSupport: 0 +00:00:00.622087 NEM: Amd3DNowSupport: 0 +00:00:00.622087 NEM: ExtendedAmd3DNowSupport: 0 +00:00:00.622087 NEM: Page1GbSupport: 1 +00:00:00.622087 NEM: AesSupport: 1 +00:00:00.622087 NEM: PclmulqdqSupport: 1 +00:00:00.622087 NEM: PcidSupport: 1 +00:00:00.622087 NEM: Fma4Support: 0 +00:00:00.622087 NEM: F16CSupport: 1 +00:00:00.622087 NEM: RdRandSupport: 1 +00:00:00.622149 NEM: RdWrFsGsSupport: 1 +00:00:00.622153 NEM: SmepSupport: 1 +00:00:00.622157 NEM: EnhancedFastStringSupport: 1 +00:00:00.622161 NEM: Bmi1Support: 1 +00:00:00.622166 NEM: Bmi2Support: 1 +00:00:00.622170 NEM: MovbeSupport: 1 +00:00:00.622174 NEM: Npiep1Support: 1 +00:00:00.622178 NEM: DepX87FPUSaveSupport: 1 +00:00:00.622183 NEM: RdSeedSupport: 1 +00:00:00.622187 NEM: AdxSupport: 1 +00:00:00.622191 NEM: IntelPrefetchSupport: 1 +00:00:00.622196 NEM: SmapSupport: 1 +00:00:00.622200 NEM: HleSupport: 0 +00:00:00.622204 NEM: RtmSupport: 0 +00:00:00.622208 NEM: RdtscpSupport: 1 +00:00:00.622213 NEM: ClflushoptSupport: 1 +00:00:00.622217 NEM: ClwbSupport: 1 +00:00:00.622222 NEM: ShaSupport: 1 +00:00:00.622226 NEM: X87PointersSavedSupport: 0 +00:00:00.622230 NEM: Warning! Unknown CPU features: 0x3e1b7bcfe7f7859f +00:00:00.622237 NEM: WHvCapabilityCodeProcessorClFlushSize = 2^8 +00:00:00.622242 NEM: Warning! Unknown capability 0x4 returning: 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622247 NEM: Warning! Unknown capability 0x5 returning: 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622258 NEM: Warning! Unknown capability 0x6 returning: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622702 NEM: Warning! Unknown capability 0x1003 returning: 1f 38 58 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622724 NEM: Warning! Unknown capability 0x1004 returning: 19 1c 87 b2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622730 NEM: Warning! Unknown capability 0x1005 returning: 00 c2 eb 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622735 NEM: Warning! Unknown capability 0x1006 returning: 02 00 00 00 00 00 00 00 9f 85 f7 e7 cf 7b 1b 3e 43 77 17 00 00 00 02 00 +00:00:00.622741 NEM: Warning! Unknown capability 0x1007 returning: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622747 NEM: Warning! Unknown capability 0x1008 returning: 01 00 00 00 00 00 00 00 ff 8f 44 7f 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.622754 NEM: Warning! Unknown capability 0x1009 returning: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:00.623065 NEM: Created partition 0000022071c237e0. +00:00:00.623086 PGM: Enabling NEM mode +00:00:00.623116 NEM: +00:00:00.623117 NEM: NEMR3Init: Snail execution mode is active! +00:00:00.623117 NEM: Note! VirtualBox is not able to run at its full potential in this execution mode. +00:00:00.623117 NEM: To see VirtualBox run at max speed you need to disable all Windows features +00:00:00.623117 NEM: making use of Hyper-V. That is a moving target, so google how and carefully +00:00:00.623117 NEM: consider the consequences of disabling these features. +00:00:00.623117 NEM: +00:00:00.623138 CPUM: No hardware-virtualization capability detected +00:00:00.623144 CPUM: fXStateHostMask=0x7; initial: 0x7; host XCR0=0x7 +00:00:00.624500 CPUM: Matched host CPU INTEL 0x6/0xb7/0x1 Intel_Atom_Unknown with CPU DB entry 'Intel Pentium N3530 2.16GHz' (INTEL 0x6/0x37/0x8 Intel_Atom_Silvermont) +00:00:00.624522 CPUM: MXCSR_MASK=0xffff (host: 0xffff) +00:00:00.624537 CPUM: Microcode revision 0x00000129 +00:00:00.624553 CPUM: MSR/CPUID reconciliation insert: 0x0000010b IA32_FLUSH_CMD +00:00:00.624558 CPUM: MSR/CPUID reconciliation insert: 0x0000010a IA32_ARCH_CAPABILITIES +00:00:00.624563 CPUM: MSR fudge: 0x00000001 IA32_P5_MC_TYPE +00:00:00.624567 CPUM: MSR fudge: 0x00000017 IA32_PLATFORM_ID +00:00:00.624572 CPUM: MSR fudge: 0x0000001b IA32_APIC_BASE +00:00:00.624576 CPUM: MSR fudge: 0x0000008b BIOS_SIGN +00:00:00.624580 CPUM: MSR fudge: 0x000000fe IA32_MTRRCAP +00:00:00.624584 CPUM: MSR fudge: 0x00000179 IA32_MCG_CAP +00:00:00.624588 CPUM: MSR fudge: 0x0000017a IA32_MCG_STATUS +00:00:00.624592 CPUM: MSR fudge: 0x000001a0 IA32_MISC_ENABLE +00:00:00.624596 CPUM: MSR fudge: 0x000001d9 IA32_DEBUGCTL +00:00:00.624600 CPUM: MSR fudge: 0x000001db P6_LAST_BRANCH_FROM_IP +00:00:00.624604 CPUM: MSR fudge: 0x000001dc P6_LAST_BRANCH_TO_IP +00:00:00.624608 CPUM: MSR fudge: 0x000001dd P6_LAST_INT_FROM_IP +00:00:00.624613 CPUM: MSR fudge: 0x000001de P6_LAST_INT_TO_IP +00:00:00.624617 CPUM: MSR fudge: 0x00000277 IA32_PAT +00:00:00.624621 CPUM: MSR fudge: 0x000002ff IA32_MTRR_DEF_TYPE +00:00:00.624625 CPUM: MSR fudge: 0x00000400 IA32_MCi_CTL_STATUS_ADDR_MISC +00:00:00.624629 CPUM: MSR fudge: 0xc0000103 AMD64_TSC_AUX +00:00:00.624633 CPUM: MSR fudge: 0x00000122 IA32_TSX_CTRL +00:00:00.624642 CPUM: SetGuestCpuIdFeature: Enabled SYSENTER/EXIT +00:00:00.624647 CPUM: SetGuestCpuIdFeature: Enabled SYSCALL/RET +00:00:00.624651 CPUM: SetGuestCpuIdFeature: Enabled PAE +00:00:00.624655 CPUM: SetGuestCpuIdFeature: Enabled LAHF/SAHF +00:00:00.624659 CPUM: SetGuestCpuIdFeature: Enabled NX +00:00:00.624663 CPUM: SetGuestCpuIdFeature: Enabled LONG MODE +00:00:00.624667 CPUM: Enabled MTRR read-write support +00:00:00.624675 CPUM: Enabled fixed-range MTRRs and 16 (virtualized) variable-range MTRRs +00:00:00.629324 NEM: HvPartitionPropertyProcessorVendor=0x1 (1) +00:00:00.629516 NEM: Successfully set up partition (device handle 0000000000000cd5, partition ID 0x0) +00:00:00.629633 PGM: Host paging mode: AMD64+PGE+NX +00:00:00.629644 PGM: PGMPool: cMaxPages=1280 (u64MaxPages=1058) +00:00:00.629650 PGM: pgmR3PoolInit: cMaxPages=0x500 cMaxUsers=0xa00 cMaxPhysExts=0xa00 fCacheEnable=true +00:00:00.697988 SUPLib: MEM_LARGE_PAGES privilege not held. +00:00:00.722996 TM: GIP - u32Mode=3 (Invariant) u32UpdateHz=93 u32UpdateIntervalNS=10741500 enmUseTscDelta=2 (Practically Zero) fGetGipCpu=0x1b cCpus=32 +00:00:00.723023 TM: GIP - u64CpuHz=2 995 198 975 (0xb2871bff) SUPGetCpuHzFromGip => 2 995 198 975 +00:00:00.723029 TM: GIP - CPU: iCpuSet=0x0 idCpu=0x0 idApic=0x0 iGipCpu=0x0 i64TSCDelta=0 enmState=3 u64CpuHz=2995198975(*) cErrors=0 +00:00:00.723034 TM: GIP - CPU: iCpuSet=0x1 idCpu=0x1 idApic=0x1 iGipCpu=0xe i64TSCDelta=0 enmState=3 u64CpuHz=2995198975(*) cErrors=0 +00:00:00.723038 TM: GIP - CPU: iCpuSet=0x2 idCpu=0x2 idApic=0x8 iGipCpu=0xc i64TSCDelta=0 enmState=3 u64CpuHz=2995199001(*) cErrors=0 +00:00:00.723043 TM: GIP - CPU: iCpuSet=0x3 idCpu=0x3 idApic=0x9 iGipCpu=0x11 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723047 TM: GIP - CPU: iCpuSet=0x4 idCpu=0x4 idApic=0x10 iGipCpu=0x8 i64TSCDelta=0 enmState=3 u64CpuHz=2995198960(*) cErrors=0 +00:00:00.723051 TM: GIP - CPU: iCpuSet=0x5 idCpu=0x5 idApic=0x11 iGipCpu=0x9 i64TSCDelta=0 enmState=3 u64CpuHz=2995198961(*) cErrors=0 +00:00:00.723055 TM: GIP - CPU: iCpuSet=0x6 idCpu=0x6 idApic=0x18 iGipCpu=0x4 i64TSCDelta=0 enmState=3 u64CpuHz=2995199019(*) cErrors=0 +00:00:00.723060 TM: GIP - CPU: iCpuSet=0x7 idCpu=0x7 idApic=0x19 iGipCpu=0x2 i64TSCDelta=0 enmState=3 u64CpuHz=2995199925(*) cErrors=0 +00:00:00.723064 TM: GIP - CPU: iCpuSet=0x8 idCpu=0x8 idApic=0x20 iGipCpu=0xd i64TSCDelta=0 enmState=3 u64CpuHz=2995199005(*) cErrors=0 +00:00:00.723068 TM: GIP - CPU: iCpuSet=0x9 idCpu=0x9 idApic=0x21 iGipCpu=0x10 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723072 TM: GIP - CPU: iCpuSet=0xa idCpu=0xa idApic=0x28 iGipCpu=0x1e i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723077 TM: GIP - CPU: iCpuSet=0xb idCpu=0xb idApic=0x29 iGipCpu=0x18 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723081 TM: GIP - CPU: iCpuSet=0xc idCpu=0xc idApic=0x30 iGipCpu=0x3 i64TSCDelta=0 enmState=3 u64CpuHz=2995198876(*) cErrors=0 +00:00:00.723085 TM: GIP - CPU: iCpuSet=0xd idCpu=0xd idApic=0x31 iGipCpu=0x16 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723089 TM: GIP - CPU: iCpuSet=0xe idCpu=0xe idApic=0x38 iGipCpu=0x14 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723094 TM: GIP - CPU: iCpuSet=0xf idCpu=0xf idApic=0x39 iGipCpu=0x5 i64TSCDelta=0 enmState=3 u64CpuHz=2995199036(*) cErrors=0 +00:00:00.723098 TM: GIP - CPU: iCpuSet=0x10 idCpu=0x10 idApic=0x40 iGipCpu=0xb i64TSCDelta=0 enmState=3 u64CpuHz=2995198992(*) cErrors=0 +00:00:00.723102 TM: GIP - CPU: iCpuSet=0x11 idCpu=0x11 idApic=0x42 iGipCpu=0x13 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723106 TM: GIP - CPU: iCpuSet=0x12 idCpu=0x12 idApic=0x44 iGipCpu=0x7 i64TSCDelta=0 enmState=3 u64CpuHz=2995199019(*) cErrors=0 +00:00:00.723111 TM: GIP - CPU: iCpuSet=0x13 idCpu=0x13 idApic=0x46 iGipCpu=0x1 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723115 TM: GIP - CPU: iCpuSet=0x14 idCpu=0x14 idApic=0x48 iGipCpu=0x1d i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723119 TM: GIP - CPU: iCpuSet=0x15 idCpu=0x15 idApic=0x4a iGipCpu=0x6 i64TSCDelta=0 enmState=3 u64CpuHz=2995199043(*) cErrors=0 +00:00:00.723123 TM: GIP - CPU: iCpuSet=0x16 idCpu=0x16 idApic=0x4c iGipCpu=0x1b i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723128 TM: GIP - CPU: iCpuSet=0x17 idCpu=0x17 idApic=0x4e iGipCpu=0x19 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723132 TM: GIP - CPU: iCpuSet=0x18 idCpu=0x18 idApic=0x50 iGipCpu=0x1f i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723136 TM: GIP - CPU: iCpuSet=0x19 idCpu=0x19 idApic=0x52 iGipCpu=0xa i64TSCDelta=0 enmState=3 u64CpuHz=2995198973(*) cErrors=0 +00:00:00.723140 TM: GIP - CPU: iCpuSet=0x1a idCpu=0x1a idApic=0x54 iGipCpu=0x15 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723148 TM: GIP - CPU: iCpuSet=0x1b idCpu=0x1b idApic=0x56 iGipCpu=0x17 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723153 TM: GIP - CPU: iCpuSet=0x1c idCpu=0x1c idApic=0x58 iGipCpu=0x12 i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723157 TM: GIP - CPU: iCpuSet=0x1d idCpu=0x1d idApic=0x5a iGipCpu=0x1c i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723161 TM: GIP - CPU: iCpuSet=0x1e idCpu=0x1e idApic=0x5c iGipCpu=0xf i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723166 TM: GIP - CPU: iCpuSet=0x1f idCpu=0x1f idApic=0x5e iGipCpu=0x1a i64TSCDelta=0 enmState=3 u64CpuHz=2995093067(*) cErrors=0 +00:00:00.723173 TM: NEM overrides the /TM/TSCModeSwitchAllowed setting. +00:00:00.723186 TM: cTSCTicksPerSecond=2 995 198 975 (0xb2871bff) enmTSCMode=4 (NativeApi) TSCMultiplier=1 +00:00:00.723187 TM: cTSCTicksPerSecondHost=2 995 198 975 (0xb2871bff) +00:00:00.723187 TM: TSCTiedToExecution=false TSCNotTiedToHalt=false +00:00:00.723720 EMR3Init: fIemExecutesAll=false fGuruOnTripleFault=true +00:00:00.723792 IEM: TargetCpu=CURRENT, Microarch=Intel_Atom_Unknown aidxTargetCpuEflFlavour={1,0} +00:00:00.724019 GIM: Using provider 'HyperV' (Implementation version: 0) +00:00:00.724026 GIM: HyperV: Reporting vendor as 'VBoxVBoxVBox' +00:00:00.724031 CPUM: SetGuestCpuIdFeature: Enabled Hypervisor Present bit +00:00:00.724047 GCM: Initialized - Fixer bits: 0x0 +00:00:00.724086 AIOMgr: Default manager type is 'Async' +00:00:00.724091 AIOMgr: Default file backend is 'NonBuffered' +00:00:00.724129 BlkCache: Cache successfully initialized. Cache size is 5242880 bytes +00:00:00.724134 BlkCache: Cache commit interval is 10000 ms +00:00:00.724138 BlkCache: Cache commit threshold is 2621440 bytes +00:00:00.900703 EFI: boot args = +00:00:00.900714 EFI: device props = +00:00:00.900730 Found EFI FW Volume, 540672 bytes (132 4096-byte blocks) +00:00:00.903679 EFI: Registered 528KB flash at 00000000ffc00000 +00:00:00.903852 CPUM: SetGuestCpuIdFeature: Enabled xAPIC +00:00:00.904231 IOAPIC: Version=2.0 ChipType=ICH9 +00:00:00.904272 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0) +00:00:00.904991 VMMDev: cbDefaultBudget: 1 073 741 824 (40000000) +00:00:00.950221 Shared Folders service loaded +00:00:00.956048 Guest Control service loaded +00:00:01.135447 VGA: Using the 386+ BIOS image. +00:00:01.136540 DrvVD: Flushes will be ignored +00:00:01.136562 DrvVD: Async flushes will be passed to the disk +00:00:01.137231 VD: VDInit finished with VINF_SUCCESS +00:00:01.137876 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0723) created successfully +00:00:01.138670 VD: Opening the disk took 1438826 ns +00:00:01.138725 AHCI: LUN#0: disk, PCHS=16383/16/63, total number of sectors 31998160 +00:00:01.138861 DrvVD: Flushes will be ignored +00:00:01.138874 DrvVD: Async flushes will be passed to the disk +00:00:01.140101 AIOMgr: Endpoint for file 'F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso' (flags 000c0781) created successfully +00:00:01.140113 VD: Opening the disk took 215127 ns +00:00:01.140153 AHCI: LUN#1: CD/DVD +00:00:01.140266 DrvVD: Flushes will be ignored +00:00:01.140280 DrvVD: Async flushes will be passed to the disk +00:00:01.141082 VMSetError: D:\tinderbox\win-rel\src\VBox\Storage\VD.cpp(5518) int __cdecl VDOpen(struct VDISK *,const char *,const char *,unsigned int,struct VDINTERFACE *); rc=VERR_NOT_SUPPORTED +00:00:01.141087 VMSetError: VD: Backend 'VBoxIsoMaker' does not support async I/O +00:00:01.141308 AIOMgr: Endpoint for file 'F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso' (flags 00040781) created successfully +00:00:01.141317 VISO: Handling file 'F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso' +00:00:01.141682 VISO: 378 880 bytes (0x5c800) - F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso +00:00:01.141817 VD: Opening the disk took 744452 ns +00:00:01.141859 AHCI: LUN#2: CD/DVD +00:00:01.141963 AHCI#0: Reset the HBA +00:00:01.141969 VD#0: Cancelling all active requests +00:00:01.141997 E1000#0: Chip=82540EM LinkUpDelay=5000ms EthernetCRC=on GSO=enabled Itr=disabled ItrRx=enabled TID=disabled R0=disabled RC=disabled +00:00:01.156935 Audio: Found 8 devices for driver 'WasAPI' +00:00:01.156953 Audio: Device 'Speakers (Realtek USB2.0 Audio)': +00:00:01.156953 Audio: ID = {0.0.0.00000000}.{f0d598e2-38dd-49d2-93cd-caebd6fef4a6} +00:00:01.156954 Audio: Usage = output +00:00:01.156958 Audio: Flags = DEFAULT_OUT +00:00:01.156959 Audio: Input channels = 0 +00:00:01.156959 Audio: Output channels = 2 +00:00:01.156964 Audio: Device 'LG ULTRAGEAR (NVIDIA High Definition Audio)': +00:00:01.156964 Audio: ID = {0.0.0.00000000}.{0724135a-22d9-48ce-86a6-5ac26aa15195} +00:00:01.156964 Audio: Usage = output +00:00:01.156965 Audio: Flags = NONE +00:00:01.156965 Audio: Input channels = 0 +00:00:01.156965 Audio: Output channels = 2 +00:00:01.156969 Audio: Device 'SPDIF Interface (Realtek USB2.0 Audio)': +00:00:01.156969 Audio: ID = {0.0.0.00000000}.{37ad3e65-9142-41e0-a253-4716e22cf384} +00:00:01.156969 Audio: Usage = output +00:00:01.156969 Audio: Flags = NONE +00:00:01.156970 Audio: Input channels = 0 +00:00:01.156970 Audio: Output channels = 2 +00:00:01.156974 Audio: Device 'LG ULTRAWIDE (NVIDIA High Definition Audio)': +00:00:01.156974 Audio: ID = {0.0.0.00000000}.{68df7ac8-ac3b-4adb-adae-6913c55a8dbd} +00:00:01.156974 Audio: Usage = output +00:00:01.156974 Audio: Flags = NONE +00:00:01.156974 Audio: Input channels = 0 +00:00:01.156974 Audio: Output channels = 2 +00:00:01.156978 Audio: Device 'Speakers (Realtek USB2.0 Audio)': +00:00:01.156979 Audio: ID = {0.0.0.00000000}.{f0d598e2-38dd-49d2-93cd-caebd6fef4a6} +00:00:01.156979 Audio: Usage = output +00:00:01.156979 Audio: Flags = NONE +00:00:01.156979 Audio: Input channels = 0 +00:00:01.156979 Audio: Output channels = 2 +00:00:01.156983 Audio: Device 'Microphone (2- Antlion USB Microphone)': +00:00:01.156983 Audio: ID = {0.0.1.00000000}.{328c67a0-ee07-4e7d-83d9-c729104014f8} +00:00:01.156983 Audio: Usage = input +00:00:01.156984 Audio: Flags = DEFAULT_IN +00:00:01.156984 Audio: Input channels = 1 +00:00:01.156984 Audio: Output channels = 0 +00:00:01.156988 Audio: Device 'Microphone (2- Antlion USB Microphone)': +00:00:01.156988 Audio: ID = {0.0.1.00000000}.{328c67a0-ee07-4e7d-83d9-c729104014f8} +00:00:01.156988 Audio: Usage = input +00:00:01.156988 Audio: Flags = NONE +00:00:01.156988 Audio: Input channels = 1 +00:00:01.156988 Audio: Output channels = 0 +00:00:01.156992 Audio: Device 'Line (Realtek USB2.0 Audio)': +00:00:01.156993 Audio: ID = {0.0.1.00000000}.{4fc1e418-df55-49bb-a9f6-0daed6102958} +00:00:01.156993 Audio: Usage = input +00:00:01.156993 Audio: Flags = NONE +00:00:01.156993 Audio: Input channels = 2 +00:00:01.156993 Audio: Output channels = 0 +00:00:01.157079 Audio Mixer: Setting master volume of 'HDA Mixer' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:01.157089 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:01.157096 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:01.157109 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:01.157114 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:01.157133 HDA: Codec reset +00:00:01.157140 HDA: Reset +00:00:01.157522 GIMDev: Registered Hyper-V hypercall page +00:00:01.157542 GIMDev: Registered Hyper-V TSC page +00:00:01.157664 VUSB: Attached 'HidMouse' to port 1 on RootHub#1 (FullSpeed) +00:00:01.157675 PGM: The CPU physical address width is 39 bits +00:00:01.157681 PGM: PGMR3InitFinalize: 4 MB PSE mask 0000007fffffffff -> VINF_SUCCESS +00:00:01.157687 TM: TMR3InitFinalize: fTSCModeSwitchAllowed=false +00:00:01.166882 CPUM: Mapped 2.1 TiB (1048576 bytes) of RAM using fixed-range MTRRs +00:00:01.166902 CPUM: Mapped 2.0 GiB (2147483648 bytes) of RAM using 1 variable-range MTRRs +00:00:01.167108 VMM: Thread-context hooks unavailable +00:00:01.167113 VMM: RTThreadPreemptIsPending() can be trusted +00:00:01.167117 VMM: Kernel preemption is possible +00:00:01.167127 EM: Exit history optimizations: enabled=true enabled-r0=true enabled-r0-no-preemption=false +00:00:01.167138 APIC: fPostedIntrsEnabled=false fVirtApicRegsEnabled=false fSupportsTscDeadline=false +00:00:01.167143 TMR3UtcNow: nsNow=1 731 959 760 967 835 000 nsPrev=0 -> cNsDelta=1 731 959 760 967 835 000 (offLag=0 offVirtualSync=0 offVirtualSyncGivenUp=0, NowAgain=1 731 959 760 967 835 000) +00:00:01.167179 VMM: fUsePeriodicPreemptionTimers=true +00:00:01.167185 APIC: Enabling Hyper-V x2APIC compatibility mode +00:00:01.167224 CPUM: Logical host processors: 32 present, 32 max, 32 online, online mask: 00000000ffffffff +00:00:01.167225 CPUM: Physical host cores: 24 +00:00:01.167225 ************************* CPUID dump ************************ +00:00:01.167231 Raw Standard CPUID Leaves +00:00:01.167231 Leaf/sub-leaf eax ebx ecx edx +00:00:01.167231 Gst: 00000000/0000 00000016 756e6547 6c65746e 49656e69 +00:00:01.167232 Hst: 00000020 756e6547 6c65746e 49656e69 +00:00:01.167233 Gst: 00000001/0000 000b0671 00010800 c2da2203 178bfbff +00:00:01.167233 Hst: 000b0671 18800800 fffaf38b bfcbfbff +00:00:01.167234 Gst: 00000002/0000 00feff01 000000f0 00000000 00000000 +00:00:01.167234 Hst: 00feff01 000000f0 00000000 00000000 +00:00:01.167235 Gst: 00000003/0000 00000000 00000000 00000000 00000000 +00:00:01.167235 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167236 Gst: 00000004/0000 00000121 02c0003f 0000003f 00000000 +00:00:01.167236 Hst: fc004121 02c0003f 0000003f 00000000 +00:00:01.167237 Gst: 00000004/0001 00000122 01c0003f 0000003f 00000000 +00:00:01.167237 Hst: fc004122 01c0003f 0000003f 00000000 +00:00:01.167238 Gst: 00000004/0002 00000143 03c0003f 000007ff 00000000 +00:00:01.167239 Hst: fc01c143 03c0003f 000007ff 00000000 +00:00:01.167239 Gst: 00000004/0003 00000163 02c0003f 0000bfff 00000004 +00:00:01.167240 Hst: fc1fc163 02c0003f 0000bfff 00000004 +00:00:01.167240 Gst: 00000004/0004 00000000 00000000 00000000 00000000 +00:00:01.167241 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167241 Gst: 00000005/0000 00000000 00000000 00000000 00000000 +00:00:01.167242 Hst: 00000040 00000040 00000003 00002020 +00:00:01.167245 Gst: 00000006/0000 00000004 00000000 00000000 00000000 +00:00:01.167246 Hst: 009f8ff3 00000002 00000401 00030003 +00:00:01.167246 Gst: 00000007/0000 00000000 208c2509 00000000 30000400 +00:00:01.167247 Hst: 00000002 239c27a9 184027a4 bc18c410 +00:00:01.167247 Gst: 00000007/0001 00000000 00000000 00000000 00000000 +00:00:01.167248 Hst: 00400810 00000000 00000000 00000000 +00:00:01.167248 Gst: 00000007/0002 00000000 00000000 00000000 00000000 +00:00:01.167248 Hst: 00000000 00000000 00000000 00000010 +00:00:01.167249 Gst: 00000007/0003 00000000 00000000 00000000 00000000 +00:00:01.167249 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167250 Gst: 00000008/0000 00000000 00000000 00000000 00000000 +00:00:01.167250 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167251 Gst: 00000009/0000 00000000 00000000 00000000 00000000 +00:00:01.167251 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167251 Gst: 0000000a/0000 00000000 00000000 00000000 00000000 +00:00:01.167252 Hst: 07300605 00000000 00000007 00008603 +00:00:01.167252 Gst: 0000000b/0000 00000000 00000001 00000100 00000000 +00:00:01.167253 Hst: 00000001 00000002 00000100 00000018 +00:00:01.167253 Gst: 0000000b/0001 00000001 00000001 00000201 00000000 +00:00:01.167254 Hst: 00000007 00000020 00000201 00000018 +00:00:01.167254 Gst: 0000000b/0002 00000000 00000000 00000002 00000000 +00:00:01.167255 Hst: 00000000 00000000 00000002 00000018 +00:00:01.167255 Gst: 0000000c/0000 00000000 00000000 00000000 00000000 +00:00:01.167255 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167256 Gst: 0000000d/0000 00000000 00000000 00000000 00000000 +00:00:01.167256 Hst: 00000007 00000340 00000340 00000000 +00:00:01.167257 Gst: 0000000d/0001 00000000 00000000 00000000 00000000 +00:00:01.167258 Hst: 0000000f 00000350 00001800 00000000 +00:00:01.167258 Gst: 0000000d/0002 00000000 00000000 00000000 00000000 +00:00:01.167259 Hst: 00000100 00000240 00000000 00000000 +00:00:01.167259 Gst: 0000000d/0003 00000000 00000000 00000000 00000000 +00:00:01.167259 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167260 Gst: 0000000d/0004 00000000 00000000 00000000 00000000 +00:00:01.167260 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167261 Gst: 0000000d/0005 00000000 00000000 00000000 00000000 +00:00:01.167261 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167262 Gst: 0000000d/0006 00000000 00000000 00000000 00000000 +00:00:01.167262 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167263 Gst: 0000000d/0007 00000000 00000000 00000000 00000000 +00:00:01.167263 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167263 Gst: 0000000d/0008 00000000 00000000 00000000 00000000 +00:00:01.167264 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167264 Gst: 0000000d/0009 00000000 00000000 00000000 00000000 +00:00:01.167265 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167265 Gst: 0000000d/000a 00000000 00000000 00000000 00000000 +00:00:01.167265 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167266 Gst: 0000000d/000b 00000000 00000000 00000000 00000000 +00:00:01.167266 Hst: 00000010 00000000 00000001 00000000 +00:00:01.167267 Gst: 0000000d/000c 00000000 00000000 00000000 00000000 +00:00:01.167267 Hst: 00000018 00000000 00000001 00000000 +00:00:01.167268 Gst: 0000000d/000d 00000000 00000000 00000000 00000000 +00:00:01.167268 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167298 Gst: 0000000e/0000 00000000 00000000 00000000 00000000 +00:00:01.167299 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167299 Gst: 0000000f/0000 00000000 00000000 00000000 00000000 +00:00:01.167299 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167300 Gst: 00000010/0000 00000000 00000000 00000000 00000000 +00:00:01.167300 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167301 Gst: 00000011/0000 00000000 00000000 00000000 00000000 +00:00:01.167301 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167302 Gst: 00000012/0000 00000000 00000000 00000000 00000000 +00:00:01.167302 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167302 Gst: 00000013/0000 00000000 00000000 00000000 00000000 +00:00:01.167303 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167304 Gst: 00000014/0000 00000000 00000000 00000000 00000000 +00:00:01.167304 Hst: 00000001 0000005f 00000007 00000000 +00:00:01.167305 Hst: 00000015/0000 00000002 0000009c 0249f000 00000000 +00:00:01.167305 Hst: 00000016/0000 00000000 00000000 00000000 00000000 +00:00:01.167306 Hst: 00000017/0000 00000000 00000000 00000000 00000000 +00:00:01.167307 Hst: 00000018/0000 00000000 00000000 00000000 00000000 +00:00:01.167307 Hst: 00000019/0000 00000000 00000000 00000000 00000000 +00:00:01.167308 Hst: 0000001a/0000 40000001 00000000 00000000 00000000 +00:00:01.167309 Hst: 0000001b/0000 00000000 00000000 00000000 00000000 +00:00:01.167309 Hst: 0000001c/0000 4000000b 00000007 00000007 00000000 +00:00:01.167310 Hst: 0000001d/0000 00000000 00000000 00000000 00000000 +00:00:01.167311 Hst: 0000001e/0000 00000000 00000000 00000000 00000000 +00:00:01.167311 Hst: 0000001f/0000 00000001 00000002 00000100 00000018 +00:00:01.167312 Hst: 00000020/0000 00000000 00000001 00000000 00000000 +00:00:01.167312 Name: GenuineIntel +00:00:01.167313 Supports: 0x00000000-0x00000016 +00:00:01.167315 Family: 6 Extended: 0 Effective: 6 +00:00:01.167316 Model: 7 Extended: 11 Effective: 183 +00:00:01.167316 Stepping: 1 +00:00:01.167317 Type: 0 (primary) +00:00:01.167317 APIC ID: 0x00 +00:00:01.167317 Logical CPUs: 1 +00:00:01.167318 CLFLUSH Size: 8 +00:00:01.167318 Brand ID: 0x00 +00:00:01.167319 Features +00:00:01.167321 Mnemonic - Description = guest (host) +00:00:01.167321 FPU - x87 FPU on Chip = 1 (1) +00:00:01.167322 VME - Virtual 8086 Mode Enhancements = 1 (1) +00:00:01.167322 DE - Debugging extensions = 1 (1) +00:00:01.167323 PSE - Page Size Extension = 1 (1) +00:00:01.167323 TSC - Time Stamp Counter = 1 (1) +00:00:01.167323 MSR - Model Specific Registers = 1 (1) +00:00:01.167324 PAE - Physical Address Extension = 1 (1) +00:00:01.167324 MCE - Machine Check Exception = 1 (1) +00:00:01.167324 CX8 - CMPXCHG8B instruction = 1 (1) +00:00:01.167325 APIC - APIC On-Chip = 1 (1) +00:00:01.167325 SEP - SYSENTER and SYSEXIT Present = 1 (1) +00:00:01.167326 MTRR - Memory Type Range Registers = 1 (1) +00:00:01.167326 PGE - PTE Global Bit = 1 (1) +00:00:01.167326 MCA - Machine Check Architecture = 1 (1) +00:00:01.167327 CMOV - Conditional Move instructions = 1 (1) +00:00:01.167327 PAT - Page Attribute Table = 1 (1) +00:00:01.167328 PSE-36 - 36-bit Page Size Extension = 1 (1) +00:00:01.167328 PSN - Processor Serial Number = 0 (0) +00:00:01.167328 CLFSH - CLFLUSH instruction = 1 (1) +00:00:01.167329 DS - Debug Store = 0 (0) +00:00:01.167329 ACPI - Thermal Mon. & Soft. Clock Ctrl. = 0 (1) +00:00:01.167330 MMX - Intel MMX Technology = 1 (1) +00:00:01.167330 FXSR - FXSAVE and FXRSTOR instructions = 1 (1) +00:00:01.167330 SSE - SSE support = 1 (1) +00:00:01.167331 SSE2 - SSE2 support = 1 (1) +00:00:01.167331 SS - Self Snoop = 0 (1) +00:00:01.167332 HTT - Hyper-Threading Technology = 1 (1) +00:00:01.167332 TM - Therm. Monitor = 0 (1) +00:00:01.167332 PBE - Pending Break Enabled = 0 (1) +00:00:01.167335 SSE3 - SSE3 support = 1 (1) +00:00:01.167335 PCLMUL - PCLMULQDQ support (for AES-GCM) = 1 (1) +00:00:01.167335 DTES64 - DS Area 64-bit Layout = 0 (0) +00:00:01.167336 MONITOR - MONITOR/MWAIT instructions = 0 (1) +00:00:01.167336 CPL-DS - CPL Qualified Debug Store = 0 (0) +00:00:01.167336 VMX - Virtual Machine Extensions = 0 (0) +00:00:01.167337 SMX - Safer Mode Extensions = 0 (0) +00:00:01.167337 EST - Enhanced SpeedStep Technology = 0 (1) +00:00:01.167337 TM2 - Terminal Monitor 2 = 0 (1) +00:00:01.167338 SSSE3 - Supplemental Streaming SIMD Extensions 3 = 1 (1) +00:00:01.167338 CNTX-ID - L1 Context ID = 0 (0) +00:00:01.167339 SDBG - Silicon Debug interface = 0 (0) +00:00:01.167339 FMA - Fused Multiply Add extensions = 0 (1) +00:00:01.167339 CX16 - CMPXCHG16B instruction = 1 (1) +00:00:01.167340 TPRUPDATE - xTPR Update Control = 0 (1) +00:00:01.167340 PDCM - Perf/Debug Capability MSR = 0 (1) +00:00:01.167341 PCID - Process Context Identifiers = 1 (1) +00:00:01.167341 DCA - Direct Cache Access = 0 (0) +00:00:01.167341 SSE4_1 - SSE4_1 support = 1 (1) +00:00:01.167342 SSE4_2 - SSE4_2 support = 1 (1) +00:00:01.167342 X2APIC - x2APIC support = 0 (1) +00:00:01.167342 MOVBE - MOVBE instruction = 1 (1) +00:00:01.167343 POPCNT - POPCNT instruction = 1 (1) +00:00:01.167343 TSCDEADL - Time Stamp Counter Deadline = 0 (1) +00:00:01.167344 AES - AES instructions = 1 (1) +00:00:01.167344 XSAVE - XSAVE instruction = 0 (1) +00:00:01.167344 OSXSAVE - OSXSAVE instruction = 0 (1) +00:00:01.167345 AVX - AVX support = 0 (1) +00:00:01.167345 F16C - 16-bit floating point conversion instructions = 0 (1) +00:00:01.167345 RDRAND - RDRAND instruction = 1 (1) +00:00:01.167346 HVP - Hypervisor Present (we're a guest) = 1 (1) +00:00:01.167346 Structured Extended Feature Flags Enumeration (leaf 7): +00:00:01.167347 Mnemonic - Description = guest (host) +00:00:01.167347 FSGSBASE - RDFSBASE/RDGSBASE/WRFSBASE/WRGSBASE instr. = 1 (1) +00:00:01.167347 TSCADJUST - Supports MSR_IA32_TSC_ADJUST = 0 (0) +00:00:01.167348 SGX - Supports Software Guard Extensions = 0 (0) +00:00:01.167348 BMI1 - Advanced Bit Manipulation extension 1 = 1 (1) +00:00:01.167348 HLE - Hardware Lock Elision = 0 (0) +00:00:01.167349 AVX2 - Advanced Vector Extensions 2 = 0 (1) +00:00:01.167349 FDP_EXCPTN_ONLY - FPU DP only updated on exceptions = 0 (0) +00:00:01.167349 SMEP - Supervisor Mode Execution Prevention = 0 (1) +00:00:01.167350 BMI2 - Advanced Bit Manipulation extension 2 = 1 (1) +00:00:01.167350 ERMS - Enhanced REP MOVSB/STOSB instructions = 0 (1) +00:00:01.167350 INVPCID - INVPCID instruction = 1 (1) +00:00:01.167351 RTM - Restricted Transactional Memory = 0 (0) +00:00:01.167351 PQM - Platform Quality of Service Monitoring = 0 (0) +00:00:01.167351 DEPFPU_CS_DS - Deprecates FPU CS, FPU DS values if set = 1 (1) +00:00:01.167352 MPE - Intel Memory Protection Extensions = 0 (0) +00:00:01.167352 PQE - Platform Quality of Service Enforcement = 0 (0) +00:00:01.167352 AVX512F - AVX512 Foundation instructions = 0 (0) +00:00:01.167353 RDSEED - RDSEED instruction = 1 (1) +00:00:01.167353 ADX - ADCX/ADOX instructions = 1 (1) +00:00:01.167353 SMAP - Supervisor Mode Access Prevention = 0 (1) +00:00:01.167354 CLFLUSHOPT - CLFLUSHOPT (Cache Line Flush) instruction = 1 (1) +00:00:01.167354 CLWB - CLWB instruction = 0 (1) +00:00:01.167354 INTEL_PT - Intel Processor Trace = 0 (1) +00:00:01.167355 AVX512PF - AVX512 Prefetch instructions = 0 (0) +00:00:01.167355 AVX512ER - AVX512 Exponential & Reciprocal instructions = 0 (0) +00:00:01.167355 AVX512CD - AVX512 Conflict Detection instructions = 0 (0) +00:00:01.167356 SHA - Secure Hash Algorithm extensions = 1 (1) +00:00:01.167356 PREFETCHWT1 - PREFETCHWT1 instruction = 0 (0) +00:00:01.167356 UMIP - User mode insturction prevention = 0 (1) +00:00:01.167357 PKU - Protection Key for Usermode pages = 0 (0) +00:00:01.167357 OSPKE - CR4.PKU mirror = 0 (0) +00:00:01.167357 5 - Reserved = 0 (1) +00:00:01.167358 7 - Reserved = 0 (1) +00:00:01.167358 8 - Reserved = 0 (1) +00:00:01.167359 9 - Reserved = 0 (1) +00:00:01.167359 10 - Reserved = 0 (1) +00:00:01.167360 13 - Reserved = 0 (1) +00:00:01.167360 MAWAU - Value used by BNDLDX & BNDSTX = 0x0 (0x0) +00:00:01.167361 RDPID - Read processor ID support = 0 (1) +00:00:01.167361 27 - Reserved = 0 (1) +00:00:01.167361 28 - Reserved = 0 (1) +00:00:01.167362 SGX_LC - Supports SGX Launch Configuration = 0 (0) +00:00:01.167362 4 - Reserved = 0 (1) +00:00:01.167365 MD_CLEAR - Supports MDS related buffer clearing = 1 (1) +00:00:01.167365 14 - Reserved = 0 (1) +00:00:01.167365 15 - Reserved = 0 (1) +00:00:01.167366 19 - Reserved = 0 (1) +00:00:01.167366 20 - Reserved = 0 (1) +00:00:01.167367 IBRS_IBPB - IA32_SPEC_CTRL.IBRS and IA32_PRED_CMD.IBPB = 0 (1) +00:00:01.167367 STIBP - Supports IA32_SPEC_CTRL.STIBP = 0 (1) +00:00:01.167367 FLUSH_CMD - Supports IA32_FLUSH_CMD = 1 (1) +00:00:01.167368 ARCHCAP - Supports IA32_ARCH_CAP = 1 (1) +00:00:01.167368 CORECAP - Supports IA32_CORE_CAP = 0 (0) +00:00:01.167368 SSBD - Supports IA32_SPEC_CTRL.SSBD = 0 (1) +00:00:01.167370 Processor Extended State Enumeration (leaf 0xd): +00:00:01.167371 XSAVE area cur/max size by XCR0, guest: 0x0/0x0 +00:00:01.167371 XSAVE area cur/max size by XCR0, host: 0x340/0x340 +00:00:01.167372 Valid XCR0 bits, guest: 0x00000000`00000000 +00:00:01.167372 Valid XCR0 bits, host: 0x00000000`00000007 ( x87 SSE YMM_Hi128 ) +00:00:01.167373 XSAVE features, guest: +00:00:01.167374 XSAVE features, host: XSAVEOPT XSAVEC XGETBC1 XSAVES +00:00:01.167374 XSAVE area cur size XCR0|XSS, guest: 0x0 +00:00:01.167375 XSAVE area cur size XCR0|XSS, host: 0x350 +00:00:01.167375 Valid IA32_XSS bits, guest: 0x00000000`00000000 +00:00:01.167375 Valid IA32_XSS bits, host: 0x00001800`00000000 ( 43 44 ) +00:00:01.167376 State #2, host: off=0x0240, cb=0x0100 IA32_XSS-bit -- YMM_Hi128 +00:00:01.167379 State #11, host: off=0x0000, cb=0x0010 XCR0-bit -- 11 +00:00:01.167380 State #12, host: off=0x0000, cb=0x0018 XCR0-bit -- 12 +00:00:01.167394 Unknown CPUID Leaves +00:00:01.167395 Leaf/sub-leaf eax ebx ecx edx +00:00:01.167395 Gst: 00000014/0001 00000000 00000000 00000000 00000000 +00:00:01.167396 Hst: 02490002 003f003f 00000000 00000000 +00:00:01.167396 Gst: 00000014/0002 00000000 00000000 00000000 00000000 +00:00:01.167397 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167397 Gst: 00000015/0000 00000000 00000000 00000000 00000000 +00:00:01.167398 Hst: 00000002 0000009c 0249f000 00000000 +00:00:01.167398 Gst: 00000016/0000 00000000 00000000 00000000 00000000 +00:00:01.167398 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167399 Raw Hypervisor CPUID Leaves +00:00:01.167399 Leaf/sub-leaf eax ebx ecx edx +00:00:01.167400 Gst: 40000000/0000 40000006 786f4256 786f4256 786f4256 +00:00:01.167400 Hst: 4000000c 7263694d 666f736f 76482074 +00:00:01.167401 Gst: 40000001/0000 31237648 00000000 00000000 00000000 +00:00:01.167401 Hst: 31237648 00000000 00000000 00000000 +00:00:01.167402 Gst: 40000002/0000 00000000 00000000 00000000 00000000 +00:00:01.167402 Hst: 0000585d 000a0000 00000004 000010dd +00:00:01.167403 Gst: 40000003/0000 00000af2 00100000 00000000 00000500 +00:00:01.167403 Hst: 0000bfff 002bb9ff 00000062 75fefbf6 +00:00:01.167404 Gst: 40000004/0000 00000130 ffffffff 00000000 00000000 +00:00:01.167405 Hst: 00060e14 00000000 0000002e 00000000 +00:00:01.167405 Gst: 40000005/0000 00000000 00000000 00000000 00000000 +00:00:01.167406 Hst: 00000400 00000400 00001780 00000000 +00:00:01.167406 Gst: 40000006/0000 00000000 00000000 00000000 00000000 +00:00:01.167407 Hst: 018200af 00000027 00000000 00000000 +00:00:01.167407 Raw Extended CPUID Leaves +00:00:01.167407 Leaf/sub-leaf eax ebx ecx edx +00:00:01.167408 Gst: 80000000/0000 80000008 00000000 00000000 00000000 +00:00:01.167408 Hst: 80000008 00000000 00000000 00000000 +00:00:01.167409 Gst: 80000001/0000 00000000 00000000 00000121 28100800 +00:00:01.167409 Hst: 00000000 00000000 00000121 2c100800 +00:00:01.167410 Gst: 80000002/0000 68743331 6e654720 746e4920 52286c65 +00:00:01.167410 Hst: 68743331 6e654720 746e4920 52286c65 +00:00:01.167411 Gst: 80000003/0000 6f432029 54286572 6920294d 33312d39 +00:00:01.167411 Hst: 6f432029 54286572 6920294d 33312d39 +00:00:01.167412 Gst: 80000004/0000 4b303039 00000000 00000000 00000000 +00:00:01.167412 Hst: 4b303039 00000000 00000000 00000000 +00:00:01.167412 Gst: 80000005/0000 00000000 00000000 00000000 00000000 +00:00:01.167413 Hst: 00000000 00000000 00000000 00000000 +00:00:01.167413 Gst: 80000006/0000 00000000 00000000 08007040 00000000 +00:00:01.167414 Hst: 00000000 00000000 08007040 00000000 +00:00:01.167414 Gst: 80000007/0000 00000000 00000000 00000000 00000100 +00:00:01.167415 Hst: 00000000 00000000 00000000 00000100 +00:00:01.167415 Gst: 80000008/0000 00003027 00000000 00000000 00000000 +00:00:01.167415 Hst: 00003027 00000000 00000000 00000000 +00:00:01.167416 Ext Name: +00:00:01.167416 Ext Supports: 0x80000000-0x80000008 +00:00:01.167416 Family: 0 Extended: 0 Effective: 0 +00:00:01.167417 Model: 0 Extended: 0 Effective: 0 +00:00:01.167417 Stepping: 0 +00:00:01.167417 Brand ID: 0x000 +00:00:01.167419 Ext Features +00:00:01.167420 Mnemonic - Description = guest (host) +00:00:01.167420 FPU - x87 FPU on Chip = 0 (0) +00:00:01.167420 VME - Virtual 8086 Mode Enhancements = 0 (0) +00:00:01.167421 DE - Debugging extensions = 0 (0) +00:00:01.167421 PSE - Page Size Extension = 0 (0) +00:00:01.167422 TSC - Time Stamp Counter = 0 (0) +00:00:01.167422 MSR - K86 Model Specific Registers = 0 (0) +00:00:01.167422 PAE - Physical Address Extension = 0 (0) +00:00:01.167423 MCE - Machine Check Exception = 0 (0) +00:00:01.167423 CX8 - CMPXCHG8B instruction = 0 (0) +00:00:01.167423 APIC - APIC On-Chip = 0 (0) +00:00:01.167424 SEP - SYSCALL/SYSRET = 1 (1) +00:00:01.167424 MTRR - Memory Type Range Registers = 0 (0) +00:00:01.167425 PGE - PTE Global Bit = 0 (0) +00:00:01.167425 MCA - Machine Check Architecture = 0 (0) +00:00:01.167425 CMOV - Conditional Move instructions = 0 (0) +00:00:01.167426 PAT - Page Attribute Table = 0 (0) +00:00:01.167426 PSE-36 - 36-bit Page Size Extension = 0 (0) +00:00:01.167426 NX - No-Execute/Execute-Disable = 1 (1) +00:00:01.167427 AXMMX - AMD Extensions to MMX instructions = 0 (0) +00:00:01.167427 MMX - Intel MMX Technology = 0 (0) +00:00:01.167427 FXSR - FXSAVE and FXRSTOR Instructions = 0 (0) +00:00:01.167428 FFXSR - AMD fast FXSAVE and FXRSTOR instructions = 0 (0) +00:00:01.167428 Page1GB - 1 GB large page = 0 (1) +00:00:01.167428 RDTSCP - RDTSCP instruction = 1 (1) +00:00:01.167429 LM - AMD64 Long Mode = 1 (1) +00:00:01.167429 3DNOWEXT - AMD Extensions to 3DNow = 0 (0) +00:00:01.167430 3DNOW - AMD 3DNow = 0 (0) +00:00:01.167430 LahfSahf - LAHF/SAHF support in 64-bit mode = 1 (1) +00:00:01.167430 CmpLegacy - Core multi-processing legacy mode = 0 (0) +00:00:01.167431 SVM - AMD Secure Virtual Machine extensions = 0 (0) +00:00:01.167431 EXTAPIC - AMD Extended APIC registers = 0 (0) +00:00:01.167431 CR8L - AMD LOCK MOV CR0 means MOV CR8 = 0 (0) +00:00:01.167432 ABM - AMD Advanced Bit Manipulation = 1 (1) +00:00:01.167432 SSE4A - SSE4A instructions = 0 (0) +00:00:01.167433 MISALIGNSSE - AMD Misaligned SSE mode = 0 (0) +00:00:01.167433 3DNOWPRF - AMD PREFETCH and PREFETCHW instructions = 1 (1) +00:00:01.167433 OSVW - AMD OS Visible Workaround = 0 (0) +00:00:01.167434 IBS - Instruct Based Sampling = 0 (0) +00:00:01.167434 XOP - Extended Operation support = 0 (0) +00:00:01.167434 SKINIT - SKINIT, STGI, and DEV support = 0 (0) +00:00:01.167435 WDT - AMD Watchdog Timer support = 0 (0) +00:00:01.167437 LWP - Lightweight Profiling support = 0 (0) +00:00:01.167437 FMA4 - Four operand FMA instruction support = 0 (0) +00:00:01.167437 TCE - Translation Cache Extension support = 0 (0) +00:00:01.167438 NodeId - NodeId in MSR C001_100C = 0 (0) +00:00:01.167438 TBM - Trailing Bit Manipulation instructions = 0 (0) +00:00:01.167438 TOPOEXT - Topology Extensions = 0 (0) +00:00:01.167439 PRFEXTCORE - Performance Counter Extensions support = 0 (0) +00:00:01.167439 PRFEXTNB - NB Performance Counter Extensions support = 0 (0) +00:00:01.167439 DATABPEXT - Data-access Breakpoint Extension = 0 (0) +00:00:01.167440 PERFTSC - Performance Time Stamp Counter = 0 (0) +00:00:01.167440 PCX_L2I - L2I/L3 Performance Counter Extensions = 0 (0) +00:00:01.167440 MONITORX - MWAITX and MONITORX instructions = 0 (0) +00:00:01.167441 AddrMaskExt - BP Addressing masking extended to bit 31 = 0 (0) +00:00:01.167441 Full Name: "13th Gen Intel(R) Core(TM) i9-13900K" +00:00:01.167441 TLB 2/4M Instr/Uni: res0 0 entries +00:00:01.167441 TLB 2/4M Data: res0 0 entries +00:00:01.167442 TLB 4K Instr/Uni: res0 0 entries +00:00:01.167442 TLB 4K Data: res0 0 entries +00:00:01.167442 L1 Instr Cache Line Size: 0 bytes +00:00:01.167442 L1 Instr Cache Lines Per Tag: 0 +00:00:01.167442 L1 Instr Cache Associativity: res0 +00:00:01.167442 L1 Instr Cache Size: 0 KB +00:00:01.167443 L1 Data Cache Line Size: 0 bytes +00:00:01.167443 L1 Data Cache Lines Per Tag: 0 +00:00:01.167443 L1 Data Cache Associativity: res0 +00:00:01.167443 L1 Data Cache Size: 0 KB +00:00:01.167443 L2 TLB 2/4M Instr/Uni: off 0 entries +00:00:01.167443 L2 TLB 2/4M Data: off 0 entries +00:00:01.167444 L2 TLB 4K Instr/Uni: off 0 entries +00:00:01.167444 L2 TLB 4K Data: off 0 entries +00:00:01.167444 L2 Cache Line Size: 64 bytes +00:00:01.167444 L2 Cache Lines Per Tag: 0 +00:00:01.167444 L2 Cache Associativity: res7 +00:00:01.167444 L2 Cache Size: 2048 KB +00:00:01.167444 L3 Cache Line Size: 0 bytes +00:00:01.167445 L3 Cache Lines Per Tag: 0 +00:00:01.167445 L3 Cache Associativity: off +00:00:01.167445 L3 Cache Size: 0 KB +00:00:01.167445 TS - Temperature Sensor = 0 (0) +00:00:01.167446 FID - Frequency ID control = 0 (0) +00:00:01.167446 VID - Voltage ID control = 0 (0) +00:00:01.167447 TTP - Thermal Trip = 0 (0) +00:00:01.167447 TM - Hardware Thermal Control (HTC) = 0 (0) +00:00:01.167448 100MHzSteps - 100 MHz Multiplier control = 0 (0) +00:00:01.167448 HwPstate - Hardware P-state control = 0 (0) +00:00:01.167448 TscInvariant - Invariant Time Stamp Counter = 1 (1) +00:00:01.167449 CPB - Core Performance Boost = 0 (0) +00:00:01.167449 EffFreqRO - Read-only Effective Frequency Interface = 0 (0) +00:00:01.167449 ProcFdbkIf - Processor Feedback Interface = 0 (0) +00:00:01.167450 ProcPwrRep - Core power reporting interface support = 0 (0) +00:00:01.167450 ConnectedStandby - Connected Standby = 0 (0) +00:00:01.167450 RAPL - Running average power limit = 0 (0) +00:00:01.167451 Physical Address Width: 39 bits +00:00:01.167451 Virtual Address Width: 48 bits +00:00:01.167452 Guest Physical Address Width: 0 bits +00:00:01.167452 Physical Core Count: 1 +00:00:01.167453 +00:00:01.167453 ******************** End of CPUID dump ********************** +00:00:01.167479 VMEmt: Halt method global1 (5) +00:00:01.167536 VMEmt: HaltedGlobal1 config: cNsSpinBlockThresholdCfg=50000 +00:00:01.167542 Changing the VM state from 'CREATING' to 'CREATED' +00:00:01.168759 NAT: DNS settings changed, triggering update +00:00:01.168977 Changing the VM state from 'CREATED' to 'POWERING_ON' +00:00:01.169084 AIOMgr: Endpoints without assigned bandwidth groups: +00:00:01.169092 AIOMgr: F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso +00:00:01.169097 AIOMgr: F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd +00:00:01.169171 Changing the VM state from 'POWERING_ON' to 'RUNNING' +00:00:01.169190 Console: Machine state changed to 'Running' +00:00:01.171441 EFI: debug point SEC_PREMEM +00:00:01.279741 EFI: VBoxDbg> loadimage64 'SecMain.efi' 0xfffcc094 LB 0x0 +00:00:01.280674 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x2020120 LB 0x0 +00:00:01.281658 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x2026fe0 LB 0x2720 +00:00:01.282437 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterPei.efi' 0x20297a0 LB 0xa00 +00:00:01.282612 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerPei.efi' 0x202a220 LB 0x7e0 +00:00:01.282756 EFI: VBoxDbg> loadimage64 'PlatformPei.efi' 0x202aaa0 LB 0xfa60 +00:00:01.287335 VBoxHeadless: starting event loop +00:00:01.307758 EFI: debug point SEC_POSTMEM +00:00:01.308074 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x7f167000 LB 0x6d00 +00:00:01.309034 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x7f164000 LB 0x2720 +00:00:01.309805 EFI: VBoxDbg> loadimage64 'DxeIpl.efi' 0x7f161000 LB 0x23c0 +00:00:01.309989 EFI: VBoxDbg> loadimage64 'S3Resume2Pei.efi' 0x7f15e000 LB 0x2280 +00:00:01.310306 EFI: VBoxDbg> loadimage64 'CpuMpPei.efi' 0x7f14f000 LB 0xe460 +00:00:01.312198 EFI: VBoxDbg> loadimage64 'TpmMmioSevDecryptPei.efi' 0x7f13b000 LB 0x17a0 +00:00:01.312441 EFI: VBoxDbg> loadimage64 'Tcg2ConfigPei.efi' 0x7f139000 LB 0x1a60 +00:00:01.312707 EFI: VBoxDbg> loadimage64 'TcgPei.efi' 0x7f136000 LB 0x2f40 +00:00:01.312993 EFI: VBoxDbg> loadimage64 'Tcg2Pei.efi' 0x7f12c000 LB 0x93a0 +00:00:01.313249 EFI: VBoxDbg> loadimage64 'Tcg2PlatformPei.efi' 0x7f129000 LB 0x23a0 +00:00:01.313735 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x24080 +00:00:01.314736 EFI: debug point DXE_CORE +00:00:01.315786 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x0 +00:00:01.324552 EFI: VBoxDbg> loadimage64 'DevicePathDxe.efi' 0x7e5f3000 LB 0x9ec0 +00:00:01.324732 EFI: VBoxDbg> loadimage64 'PcdDxe.efi' 0x7e600000 LB 0x2f00 +00:00:01.324933 EFI: VBoxDbg> loadimage64 'FvbServicesRuntimeDxe.efi' 0x7ecea000 LB 0x2600 +00:00:01.326696 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterRuntimeDxe.efi' 0x7ece8000 LB 0x1440 +00:00:01.326910 EFI: VBoxDbg> loadimage64 'RuntimeDxe.efi' 0x7ece6000 LB 0x13e0 +00:00:01.329622 EFI: VBoxDbg> loadimage64 'SecurityStubDxe.efi' 0x7e44f000 LB 0xd1aa0 +00:00:01.329822 EFI: VBoxDbg> loadimage64 'EbcDxe.efi' 0x7e5e9000 LB 0x4120 +00:00:01.330029 EFI: VBoxDbg> loadimage64 'CpuIo2Dxe.efi' 0x7e5ee000 LB 0x1360 +00:00:01.330213 EFI: VBoxDbg> loadimage64 'IncompatiblePciDeviceSupportDxe.efi' 0x7e5f1000 LB 0x800 +00:00:01.330375 EFI: VBoxDbg> loadimage64 'PciHotPlugInitDxe.efi' 0x7e5e3000 LB 0x2ac0 +00:00:01.330571 EFI: VBoxDbg> loadimage64 'ResetSystemRuntimeDxe.efi' 0x7ece4000 LB 0x16c0 +00:00:01.330769 EFI: VBoxDbg> loadimage64 'Metronome.efi' 0x7e5e6000 LB 0xd00 +00:00:01.330956 EFI: VBoxDbg> loadimage64 'RngDxe.efi' 0x7e5df000 LB 0x19a0 +00:00:01.331156 EFI: VBoxDbg> loadimage64 'HiiDatabase.efi' 0x7e5a9000 LB 0x1a5c0 +00:00:01.331326 EFI: VBoxDbg> loadimage64 'AcpiTableDxe.efi' 0x7e5d5000 LB 0x4d60 +00:00:01.331490 EFI: VBoxDbg> loadimage64 'TdxDxe.efi' 0x7e5d2000 LB 0x20a0 +00:00:01.331689 EFI: VBoxDbg> loadimage64 'DpcDxe.efi' 0x7e5dd000 LB 0xb20 +00:00:01.331842 EFI: VBoxDbg> loadimage64 'IoMmuDxe.efi' 0x7e5ca000 LB 0x3700 +00:00:01.332040 EFI: VBoxDbg> loadimage64 'EmuVariableFvbRuntimeDxe.efi' 0x7ece3000 LB 0xe00 +00:00:01.332201 EFI: VBoxDbg> unload 'EmuVariableFvbRuntimeDxe.efi' # 0x7ece3000 LB 0xe00 +00:00:01.334989 EFI: VBoxDbg> loadimage64 'VariableRuntimeDxe.efi' 0x7ec0d000 LB 0xd67c0 +00:00:01.342471 EFI: VBoxDbg> loadimage64 'TcgDxe.efi' 0x7e55b000 LB 0x4060 +00:00:01.342666 EFI: VBoxDbg> unload 'TcgDxe.efi' # 0x7e55b000 LB 0x4060 +00:00:01.342902 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerRuntimeDxe.efi' 0x7ec0c000 LB 0xb80 +00:00:01.343077 EFI: VBoxDbg> loadimage64 'CpuDxe.efi' 0x7e52e000 LB 0x18e00 +00:00:01.344734 EFI: VBoxDbg> loadimage64 'SetupBrowser.efi' 0x7e029000 LB 0x12460 +00:00:01.344901 EFI: VBoxDbg> loadimage64 'SmbiosDxe.efi' 0x7e5c4000 LB 0x2fc0 +00:00:01.345184 EFI: VBoxDbg> loadimage64 'AcpiPlatform.efi' 0x7e5c8000 LB 0x720 +00:00:01.345422 EFI: VBoxDbg> unload 'AcpiPlatform.efi' # 0x7e5c8000 LB 0x720 +00:00:01.345583 EFI: VBoxDbg> loadimage64 'LogoDxe.efi' 0x7e043000 LB 0xb7a0 +00:00:01.345771 EFI: VBoxDbg> loadimage64 'FaultTolerantWriteDxe.efi' 0x7e548000 LB 0x2f20 +00:00:01.352544 EFI: VBoxDbg> loadimage64 'Tcg2Dxe.efi' 0x7e00f000 LB 0xcdc0 +00:00:01.352880 EFI: VBoxDbg> unload 'Tcg2Dxe.efi' # 0x7e00f000 LB 0xcdc0 +00:00:01.353081 EFI: VBoxDbg> loadimage64 'LocalApicTimerDxe.efi' 0x7e041000 LB 0x1420 +00:00:01.354123 EFI: VBoxDbg> loadimage64 'PciHostBridgeDxe.efi' 0x7e01d000 LB 0x5780 +00:00:01.355009 EFI: VBoxDbg> loadimage64 'PcRtc.efi' 0x7ec09000 LB 0x2840 +00:00:01.358326 EFI: VBoxDbg> loadimage64 'SecureBootConfigDxe.efi' 0x7dc94000 LB 0xb57c0 +00:00:01.358591 EFI: VBoxDbg> loadimage64 'MonotonicCounterRuntimeDxe.efi' 0x7ec08000 LB 0x860 +00:00:01.360662 EFI: VBoxDbg> loadimage64 'CapsuleRuntimeDxe.efi' 0x7ec07000 LB 0x920 +00:00:01.360860 EFI: VBoxDbg> loadimage64 'DriverHealthManagerDxe.efi' 0x7e018000 LB 0x4240 +00:00:01.361035 EFI: VBoxDbg> loadimage64 'BdsDxe.efi' 0x7dde9000 LB 0x16980 +00:00:01.361316 EFI: VBoxDbg> loadimage64 'RamDiskDxe.efi' 0x7e006000 LB 0x8240 +00:00:01.361525 EFI: VBoxDbg> loadimage64 'DisplayEngine.efi' 0x7ddc7000 LB 0x10800 +00:00:01.361780 EFI: VBoxDbg> loadimage64 'SmbiosPlatformDxe.efi' 0x7e010000 LB 0x1b40 +00:00:01.362085 EFI: VBoxDbg> unload 'SmbiosPlatformDxe.efi' # 0x7e010000 LB 0x1b40 +00:00:01.362289 EFI: VBoxDbg> loadimage64 'PlatformDxe.efi' 0x7e001000 LB 0x4100 +00:00:01.362481 EFI: VBoxDbg> loadimage64 'WatchdogTimer.efi' 0x7e011000 LB 0x7e0 +00:00:01.362658 EFI: VBoxDbg> loadimage64 'QemuKernelLoaderFsDxe.efi' 0x7dde3000 LB 0x2020 +00:00:01.362943 EFI: VBoxDbg> unload 'QemuKernelLoaderFsDxe.efi' # 0x7dde3000 LB 0x2020 +00:00:01.363066 EFI: VBoxDbg> loadimage64 'PciBusDxe.efi' 0x7ddbc000 LB 0xaea0 +00:00:01.363370 EFI: VBoxDbg> loadimage64 'VirtioPciDeviceDxe.efi' 0x7dde7000 LB 0x1120 +00:00:01.363546 EFI: VBoxDbg> loadimage64 'Virtio10.efi' 0x7dde1000 LB 0x2560 +00:00:01.363711 EFI: VBoxDbg> loadimage64 'VirtioScsiDxe.efi' 0x7dddf000 LB 0x1f40 +00:00:01.363873 EFI: VBoxDbg> loadimage64 'MptScsiDxe.efi' 0x7dddd000 LB 0x17e0 +00:00:01.364051 EFI: VBoxDbg> loadimage64 'ConPlatformDxe.efi' 0x7dddb000 LB 0x1c40 +00:00:01.364272 EFI: VBoxDbg> loadimage64 'ConSplitterDxe.efi' 0x7ddb0000 LB 0x5500 +00:00:01.364478 EFI: VBoxDbg> loadimage64 'GraphicsConsoleDxe.efi' 0x7ddac000 LB 0x3f40 +00:00:01.364660 EFI: VBoxDbg> loadimage64 'TerminalDxe.efi' 0x7dda2000 LB 0x4e80 +00:00:01.364830 EFI: VBoxDbg> loadimage64 'DiskIoDxe.efi' 0x7ddb6000 LB 0x1fa0 +00:00:01.365009 EFI: VBoxDbg> loadimage64 'PartitionDxe.efi' 0x7dd9d000 LB 0x4fa0 +00:00:01.365184 EFI: VBoxDbg> loadimage64 'EnglishDxe.efi' 0x7ddba000 LB 0xd80 +00:00:01.365346 EFI: VBoxDbg> loadimage64 'ScsiBus.efi' 0x7dda8000 LB 0x1ee0 +00:00:01.365510 EFI: VBoxDbg> loadimage64 'ScsiDisk.efi' 0x7dd8b000 LB 0x8c40 +00:00:01.365680 EFI: VBoxDbg> loadimage64 'SataController.efi' 0x7dd99000 LB 0x14a0 +00:00:01.365853 EFI: VBoxDbg> loadimage64 'AtaAtapiPassThruDxe.efi' 0x7dd7b000 LB 0x7600 +00:00:01.366040 EFI: VBoxDbg> loadimage64 'AtaBusDxe.efi' 0x7dd87000 LB 0x3ba0 +00:00:01.366366 EFI: VBoxDbg> loadimage64 'NvmExpressDxe.efi' 0x7dd6d000 LB 0x6c80 +00:00:01.366530 EFI: VBoxDbg> loadimage64 'SioBusDxe.efi' 0x7dd97000 LB 0x1520 +00:00:01.366715 EFI: VBoxDbg> loadimage64 'PciSioSerialDxe.efi' 0x7dd68000 LB 0x4dc0 +00:00:01.366893 EFI: VBoxDbg> loadimage64 'Ps2KeyboardDxe.efi' 0x7dd77000 LB 0x3960 +00:00:01.367085 EFI: VBoxDbg> loadimage64 'VBoxVgaDxe.efi' 0x7dd64000 LB 0x3720 +00:00:01.367282 EFI: VBoxDbg> loadimage64 'VBoxHfs.efi' 0x7dd56000 LB 0x6200 +00:00:01.367451 EFI: VBoxDbg> loadimage64 'VBoxSysTables.efi' 0x7dd95000 LB 0xa80 +00:00:01.373168 EFI: VBoxDbg> loadimage64 'VBoxAppleSim.efi' 0x7dd74000 LB 0x2a80 +00:00:01.378897 EFI: VBoxDbg> loadimage64 'VBoxApfsJmpStartDxe.efi' 0x7dd83000 LB 0x1140 +00:00:01.379111 EFI: VBoxDbg> loadimage64 'BootGraphicsResourceTableDxe.efi' 0x7dd85000 LB 0xf00 +00:00:01.379285 EFI: VBoxDbg> loadimage64 'Fat.efi' 0x7dd4f000 LB 0x6ec0 +00:00:01.379521 EFI: VBoxDbg> loadimage64 'UdfDxe.efi' 0x7dd4b000 LB 0x3dc0 +00:00:01.379761 EFI: VBoxDbg> loadimage64 'VirtioFsDxe.efi' 0x7dc8e000 LB 0x5ae0 +00:00:01.379958 EFI: VBoxDbg> loadimage64 'Hash2DxeCrypto.efi' 0x7dd5d000 LB 0x2a40 +00:00:01.380264 EFI: VBoxDbg> loadimage64 'SnpDxe.efi' 0x7dc82000 LB 0x54e0 +00:00:01.380480 EFI: VBoxDbg> loadimage64 'VlanConfigDxe.efi' 0x7dc7c000 LB 0x53e0 +00:00:01.380729 EFI: VBoxDbg> loadimage64 'MnpDxe.efi' 0x7dc6e000 LB 0x6da0 +00:00:01.380891 EFI: VBoxDbg> loadimage64 'ArpDxe.efi' 0x7dc78000 LB 0x3440 +00:00:01.381174 EFI: VBoxDbg> loadimage64 'Dhcp4Dxe.efi' 0x7dc5c000 LB 0x8020 +00:00:01.381560 EFI: VBoxDbg> loadimage64 'Ip4Dxe.efi' 0x7dc38000 LB 0x11940 +00:00:01.381838 EFI: VBoxDbg> loadimage64 'Udp4Dxe.efi' 0x7dc54000 LB 0x7160 +00:00:01.382310 EFI: VBoxDbg> loadimage64 'Mtftp4Dxe.efi' 0x7dc4c000 LB 0x76a0 +00:00:01.382537 EFI: VBoxDbg> loadimage64 'Dhcp6Dxe.efi' 0x7dc2f000 LB 0x81c0 +00:00:01.383006 EFI: VBoxDbg> loadimage64 'Ip6Dxe.efi' 0x7dbfd000 LB 0x18960 +00:00:01.383280 EFI: VBoxDbg> loadimage64 'Udp6Dxe.efi' 0x7dc28000 LB 0x6fa0 +00:00:01.383753 EFI: VBoxDbg> loadimage64 'Mtftp6Dxe.efi' 0x7dc20000 LB 0x7b60 +00:00:01.384137 EFI: VBoxDbg> loadimage64 'UefiPxeBcDxe.efi' 0x7dbdb000 LB 0x10100 +00:00:01.384301 EFI: VBoxDbg> loadimage64 'IScsiDxe.efi' 0x7dba3000 LB 0x1b260 +00:00:01.637027 EFI: VBoxDbg> loadimage64 'VirtioNetDxe.efi' 0x7dc18000 LB 0x3240 +00:00:01.637234 EFI: VBoxDbg> loadimage64 'E1kNetDxe.efi' 0x7dbfa000 LB 0x2ce0 +00:00:01.637469 EFI: VBoxDbg> loadimage64 'UhciDxe.efi' 0x7dbf0000 LB 0x42e0 +00:00:01.637655 EFI: VBoxDbg> loadimage64 'EhciDxe.efi' 0x7dbd6000 LB 0x4cc0 +00:00:01.637834 EFI: VBoxDbg> loadimage64 'XhciDxe.efi' 0x7dbc4000 LB 0x8240 +00:00:01.638063 EFI: VBoxDbg> loadimage64 'UsbBusDxe.efi' 0x7dbd1000 LB 0x4d40 +00:00:01.638283 EFI: VBoxDbg> loadimage64 'UsbKbDxe.efi' 0x7dbf6000 LB 0x3da0 +00:00:01.638488 EFI: VBoxDbg> loadimage64 'UsbMassStorageDxe.efi' 0x7dbec000 LB 0x3100 +00:00:01.638847 EFI: VBoxDbg> loadimage64 'TcpDxe.efi' 0x7db89000 LB 0xc980 +00:00:01.990359 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1024 h=768 bpp=32 cbLine=0x1000 flags=0x0 origin=0,0 +00:00:02.191079 PS2K: Selected scan set 2 +00:00:02.211555 xHCI: Hardware reset +00:00:02.216625 xHCI: USB Operational +00:00:02.221578 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:00:02.542941 AHCI#0: Reset the HBA +00:00:02.542976 VD#0: Cancelling all active requests +00:00:03.407463 EFI: VBoxDbg> loadimage64 'cdboot.efi' 0x10000000 LB 0x15f000 +00:00:06.600290 EFI: VBoxDbg> unload 'cdboot.efi' # 0x10000000 LB 0x15f000 +00:00:07.481894 NAT: Link up +00:00:07.536847 EFI: VBoxDbg> loadimage64 'cdboot.efi' 0x10000000 LB 0x15f000 +00:00:10.758203 EFI: VBoxDbg> unload 'cdboot.efi' # 0x10000000 LB 0x15f000 +00:00:12.254808 EFI: Boot failure +00:00:12.254831 VM: Raising runtime error 'VMBootFail' (fFlags=0x0) +00:00:12.254838 Console: VM runtime error: fatal=false, errorID=VMBootFail message="The VM failed to boot. This is possibly caused by not having an operating system installed or a misconfigured boot order. Maybe picking a guest OS install DVD will resolve the situation" +00:00:18.016997 Changing the VM state from 'RUNNING' to 'RESETTING' +00:00:18.017194 GIM: HyperV: Resetting MMIO2 regions and MSRs +00:00:18.019025 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0) +00:00:18.033480 AHCI#0: Reset the HBA +00:00:18.033480 VD#0: Cancelling all active requests +00:00:18.033480 HDA: Codec reset +00:00:18.033480 HDA: Reset +00:00:19.400813 Changing the VM state from 'RESETTING' to 'RUNNING' +00:00:19.400957 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:00:19.402945 EFI: debug point SEC_PREMEM +00:00:19.473927 EFI: VBoxDbg> loadimage64 'SecMain.efi' 0xfffcc094 LB 0x0 +00:00:19.474342 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x2020120 LB 0x0 +00:00:19.474733 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x2026fe0 LB 0x2720 +00:00:19.475176 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterPei.efi' 0x20297a0 LB 0xa00 +00:00:19.475670 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerPei.efi' 0x202a220 LB 0x7e0 +00:00:19.476061 EFI: VBoxDbg> loadimage64 'PlatformPei.efi' 0x202aaa0 LB 0xfa60 +00:00:19.481434 EFI: debug point SEC_POSTMEM +00:00:19.481886 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x7f167000 LB 0x6d00 +00:00:19.482269 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x7f164000 LB 0x2720 +00:00:19.482656 EFI: VBoxDbg> loadimage64 'DxeIpl.efi' 0x7f161000 LB 0x23c0 +00:00:19.483059 EFI: VBoxDbg> loadimage64 'S3Resume2Pei.efi' 0x7f15e000 LB 0x2280 +00:00:19.483652 EFI: VBoxDbg> loadimage64 'CpuMpPei.efi' 0x7f14f000 LB 0xe460 +00:00:19.489437 EFI: VBoxDbg> loadimage64 'TpmMmioSevDecryptPei.efi' 0x7f13b000 LB 0x17a0 +00:00:19.490150 EFI: VBoxDbg> loadimage64 'Tcg2ConfigPei.efi' 0x7f139000 LB 0x1a60 +00:00:19.490860 EFI: VBoxDbg> loadimage64 'TcgPei.efi' 0x7f136000 LB 0x2f40 +00:00:19.491502 EFI: VBoxDbg> loadimage64 'Tcg2Pei.efi' 0x7f12c000 LB 0x93a0 +00:00:19.492165 EFI: VBoxDbg> loadimage64 'Tcg2PlatformPei.efi' 0x7f129000 LB 0x23a0 +00:00:19.492829 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x24080 +00:00:19.493966 EFI: debug point DXE_CORE +00:00:19.494628 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x0 +00:00:19.496026 EFI: VBoxDbg> loadimage64 'DevicePathDxe.efi' 0x7e5f3000 LB 0x9ec0 +00:00:19.496427 EFI: VBoxDbg> loadimage64 'PcdDxe.efi' 0x7e600000 LB 0x2f00 +00:00:19.496867 EFI: VBoxDbg> loadimage64 'FvbServicesRuntimeDxe.efi' 0x7ecea000 LB 0x2600 +00:00:19.501866 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterRuntimeDxe.efi' 0x7ece8000 LB 0x1440 +00:00:19.502352 EFI: VBoxDbg> loadimage64 'RuntimeDxe.efi' 0x7ece6000 LB 0x13e0 +00:00:19.502958 EFI: VBoxDbg> loadimage64 'SecurityStubDxe.efi' 0x7e44f000 LB 0xd1aa0 +00:00:19.503442 EFI: VBoxDbg> loadimage64 'EbcDxe.efi' 0x7e5e9000 LB 0x4120 +00:00:19.503837 EFI: VBoxDbg> loadimage64 'CpuIo2Dxe.efi' 0x7e5ee000 LB 0x1360 +00:00:19.504284 EFI: VBoxDbg> loadimage64 'IncompatiblePciDeviceSupportDxe.efi' 0x7e5f1000 LB 0x800 +00:00:19.504693 EFI: VBoxDbg> loadimage64 'PciHotPlugInitDxe.efi' 0x7e5e3000 LB 0x2ac0 +00:00:19.505110 EFI: VBoxDbg> loadimage64 'ResetSystemRuntimeDxe.efi' 0x7ece4000 LB 0x16c0 +00:00:19.505669 EFI: VBoxDbg> loadimage64 'Metronome.efi' 0x7e5e6000 LB 0xd00 +00:00:19.506135 EFI: VBoxDbg> loadimage64 'RngDxe.efi' 0x7e5df000 LB 0x19a0 +00:00:19.506646 EFI: VBoxDbg> loadimage64 'HiiDatabase.efi' 0x7e5a9000 LB 0x1a5c0 +00:00:19.507072 EFI: VBoxDbg> loadimage64 'AcpiTableDxe.efi' 0x7e5d5000 LB 0x4d60 +00:00:19.507461 EFI: VBoxDbg> loadimage64 'TdxDxe.efi' 0x7e5d2000 LB 0x20a0 +00:00:19.507994 EFI: VBoxDbg> loadimage64 'DpcDxe.efi' 0x7e5dd000 LB 0xb20 +00:00:19.508391 EFI: VBoxDbg> loadimage64 'IoMmuDxe.efi' 0x7e5ca000 LB 0x3700 +00:00:19.508895 EFI: VBoxDbg> loadimage64 'EmuVariableFvbRuntimeDxe.efi' 0x7ece3000 LB 0xe00 +00:00:19.509307 EFI: VBoxDbg> unload 'EmuVariableFvbRuntimeDxe.efi' # 0x7ece3000 LB 0xe00 +00:00:19.509955 EFI: VBoxDbg> loadimage64 'VariableRuntimeDxe.efi' 0x7ec0d000 LB 0xd67c0 +00:00:19.522010 EFI: VBoxDbg> loadimage64 'TcgDxe.efi' 0x7e55b000 LB 0x4060 +00:00:19.522487 EFI: VBoxDbg> unload 'TcgDxe.efi' # 0x7e55b000 LB 0x4060 +00:00:19.522973 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerRuntimeDxe.efi' 0x7ec0c000 LB 0xb80 +00:00:19.523371 EFI: VBoxDbg> loadimage64 'CpuDxe.efi' 0x7e52e000 LB 0x18e00 +00:00:19.528312 EFI: VBoxDbg> loadimage64 'SetupBrowser.efi' 0x7e029000 LB 0x12460 +00:00:19.528725 EFI: VBoxDbg> loadimage64 'SmbiosDxe.efi' 0x7e5c4000 LB 0x2fc0 +00:00:19.529534 EFI: VBoxDbg> loadimage64 'AcpiPlatform.efi' 0x7e5c8000 LB 0x720 +00:00:19.530028 EFI: VBoxDbg> unload 'AcpiPlatform.efi' # 0x7e5c8000 LB 0x720 +00:00:19.530438 EFI: VBoxDbg> loadimage64 'LogoDxe.efi' 0x7e043000 LB 0xb7a0 +00:00:19.530997 EFI: VBoxDbg> loadimage64 'FaultTolerantWriteDxe.efi' 0x7e548000 LB 0x2f20 +00:00:19.531754 EFI: VBoxDbg> loadimage64 'Tcg2Dxe.efi' 0x7e00f000 LB 0xcdc0 +00:00:19.532478 EFI: VBoxDbg> unload 'Tcg2Dxe.efi' # 0x7e00f000 LB 0xcdc0 +00:00:19.532928 EFI: VBoxDbg> loadimage64 'LocalApicTimerDxe.efi' 0x7e041000 LB 0x1420 +00:00:19.536038 EFI: VBoxDbg> loadimage64 'PciHostBridgeDxe.efi' 0x7e01d000 LB 0x5780 +00:00:19.537982 EFI: VBoxDbg> loadimage64 'PcRtc.efi' 0x7ec09000 LB 0x2840 +00:00:19.541972 EFI: VBoxDbg> loadimage64 'SecureBootConfigDxe.efi' 0x7dc94000 LB 0xb57c0 +00:00:19.542605 EFI: VBoxDbg> loadimage64 'MonotonicCounterRuntimeDxe.efi' 0x7ec08000 LB 0x860 +00:00:19.549479 EFI: VBoxDbg> loadimage64 'CapsuleRuntimeDxe.efi' 0x7ec07000 LB 0x920 +00:00:19.549936 EFI: VBoxDbg> loadimage64 'DriverHealthManagerDxe.efi' 0x7e018000 LB 0x4240 +00:00:19.550863 EFI: VBoxDbg> loadimage64 'BdsDxe.efi' 0x7dde9000 LB 0x16980 +00:00:19.551670 EFI: VBoxDbg> loadimage64 'RamDiskDxe.efi' 0x7e006000 LB 0x8240 +00:00:19.552131 EFI: VBoxDbg> loadimage64 'DisplayEngine.efi' 0x7ddc7000 LB 0x10800 +00:00:19.552701 EFI: VBoxDbg> loadimage64 'SmbiosPlatformDxe.efi' 0x7e010000 LB 0x1b40 +00:00:19.553450 EFI: VBoxDbg> unload 'SmbiosPlatformDxe.efi' # 0x7e010000 LB 0x1b40 +00:00:19.554154 EFI: VBoxDbg> loadimage64 'PlatformDxe.efi' 0x7e001000 LB 0x4100 +00:00:19.554702 EFI: VBoxDbg> loadimage64 'WatchdogTimer.efi' 0x7e011000 LB 0x7e0 +00:00:19.555134 EFI: VBoxDbg> loadimage64 'QemuKernelLoaderFsDxe.efi' 0x7dde3000 LB 0x2020 +00:00:19.555887 EFI: VBoxDbg> unload 'QemuKernelLoaderFsDxe.efi' # 0x7dde3000 LB 0x2020 +00:00:19.556343 EFI: VBoxDbg> loadimage64 'PciBusDxe.efi' 0x7ddbc000 LB 0xaea0 +00:00:19.556766 EFI: VBoxDbg> loadimage64 'VirtioPciDeviceDxe.efi' 0x7dde7000 LB 0x1120 +00:00:19.557449 EFI: VBoxDbg> loadimage64 'Virtio10.efi' 0x7dde1000 LB 0x2560 +00:00:19.557852 EFI: VBoxDbg> loadimage64 'VirtioScsiDxe.efi' 0x7dddf000 LB 0x1f40 +00:00:19.558249 EFI: VBoxDbg> loadimage64 'MptScsiDxe.efi' 0x7dddd000 LB 0x17e0 +00:00:19.558738 EFI: VBoxDbg> loadimage64 'ConPlatformDxe.efi' 0x7dddb000 LB 0x1c40 +00:00:19.558833 EFI: VBoxDbg> loadimage64 'ConSplitterDxe.efi' 0x7ddb0000 LB 0x5500 +00:00:19.559700 EFI: VBoxDbg> loadimage64 'GraphicsConsoleDxe.efi' 0x7ddac000 LB 0x3f40 +00:00:19.560159 EFI: VBoxDbg> loadimage64 'TerminalDxe.efi' 0x7dda2000 LB 0x4e80 +00:00:19.560614 EFI: VBoxDbg> loadimage64 'DiskIoDxe.efi' 0x7ddb6000 LB 0x1fa0 +00:00:19.561334 EFI: VBoxDbg> loadimage64 'PartitionDxe.efi' 0x7dd9d000 LB 0x4fa0 +00:00:19.561773 EFI: VBoxDbg> loadimage64 'EnglishDxe.efi' 0x7ddba000 LB 0xd80 +00:00:19.562238 EFI: VBoxDbg> loadimage64 'ScsiBus.efi' 0x7dda8000 LB 0x1ee0 +00:00:19.562661 EFI: VBoxDbg> loadimage64 'ScsiDisk.efi' 0x7dd8b000 LB 0x8c40 +00:00:19.563095 EFI: VBoxDbg> loadimage64 'SataController.efi' 0x7dd99000 LB 0x14a0 +00:00:19.563535 EFI: VBoxDbg> loadimage64 'AtaAtapiPassThruDxe.efi' 0x7dd7b000 LB 0x7600 +00:00:19.564042 EFI: VBoxDbg> loadimage64 'AtaBusDxe.efi' 0x7dd87000 LB 0x3ba0 +00:00:19.564837 EFI: VBoxDbg> loadimage64 'NvmExpressDxe.efi' 0x7dd6d000 LB 0x6c80 +00:00:19.565243 EFI: VBoxDbg> loadimage64 'SioBusDxe.efi' 0x7dd97000 LB 0x1520 +00:00:19.565680 EFI: VBoxDbg> loadimage64 'PciSioSerialDxe.efi' 0x7dd68000 LB 0x4dc0 +00:00:19.566112 EFI: VBoxDbg> loadimage64 'Ps2KeyboardDxe.efi' 0x7dd77000 LB 0x3960 +00:00:19.566688 EFI: VBoxDbg> loadimage64 'VBoxVgaDxe.efi' 0x7dd64000 LB 0x3720 +00:00:19.567180 EFI: VBoxDbg> loadimage64 'VBoxHfs.efi' 0x7dd56000 LB 0x6200 +00:00:19.567596 EFI: VBoxDbg> loadimage64 'VBoxSysTables.efi' 0x7dd95000 LB 0xa80 +00:00:19.575252 EFI: VBoxDbg> loadimage64 'VBoxAppleSim.efi' 0x7dd74000 LB 0x2a80 +00:00:19.576404 EFI: VBoxDbg> loadimage64 'VBoxApfsJmpStartDxe.efi' 0x7dd83000 LB 0x1140 +00:00:19.576889 EFI: VBoxDbg> loadimage64 'BootGraphicsResourceTableDxe.efi' 0x7dd85000 LB 0xf00 +00:00:19.577305 EFI: VBoxDbg> loadimage64 'Fat.efi' 0x7dd4f000 LB 0x6ec0 +00:00:19.578012 EFI: VBoxDbg> loadimage64 'UdfDxe.efi' 0x7dd4b000 LB 0x3dc0 +00:00:19.578435 EFI: VBoxDbg> loadimage64 'VirtioFsDxe.efi' 0x7dc8e000 LB 0x5ae0 +00:00:19.578860 EFI: VBoxDbg> loadimage64 'Hash2DxeCrypto.efi' 0x7dd5d000 LB 0x2a40 +00:00:19.579365 EFI: VBoxDbg> loadimage64 'SnpDxe.efi' 0x7dc82000 LB 0x54e0 +00:00:19.579791 EFI: VBoxDbg> loadimage64 'VlanConfigDxe.efi' 0x7dc7c000 LB 0x53e0 +00:00:19.580205 EFI: VBoxDbg> loadimage64 'MnpDxe.efi' 0x7dc6e000 LB 0x6da0 +00:00:19.580610 EFI: VBoxDbg> loadimage64 'ArpDxe.efi' 0x7dc78000 LB 0x3440 +00:00:19.581329 EFI: VBoxDbg> loadimage64 'Dhcp4Dxe.efi' 0x7dc5c000 LB 0x8020 +00:00:19.581751 EFI: VBoxDbg> loadimage64 'Ip4Dxe.efi' 0x7dc38000 LB 0x11940 +00:00:19.582521 EFI: VBoxDbg> loadimage64 'Udp4Dxe.efi' 0x7dc54000 LB 0x7160 +00:00:19.595160 EFI: VBoxDbg> loadimage64 'Mtftp4Dxe.efi' 0x7dc4c000 LB 0x76a0 +00:00:19.595595 EFI: VBoxDbg> loadimage64 'Dhcp6Dxe.efi' 0x7dc2f000 LB 0x81c0 +00:00:19.596032 EFI: VBoxDbg> loadimage64 'Ip6Dxe.efi' 0x7dbfd000 LB 0x18960 +00:00:19.596790 EFI: VBoxDbg> loadimage64 'Udp6Dxe.efi' 0x7dc28000 LB 0x6fa0 +00:00:19.607986 EFI: VBoxDbg> loadimage64 'Mtftp6Dxe.efi' 0x7dc20000 LB 0x7b60 +00:00:19.608430 EFI: VBoxDbg> loadimage64 'UefiPxeBcDxe.efi' 0x7dbdb000 LB 0x10100 +00:00:19.609506 EFI: VBoxDbg> loadimage64 'IScsiDxe.efi' 0x7dba3000 LB 0x1b260 +00:00:19.611285 EFI: VBoxDbg> loadimage64 'VirtioNetDxe.efi' 0x7dc18000 LB 0x3240 +00:00:19.611702 EFI: VBoxDbg> loadimage64 'E1kNetDxe.efi' 0x7dbfa000 LB 0x2ce0 +00:00:19.612133 EFI: VBoxDbg> loadimage64 'UhciDxe.efi' 0x7dbf0000 LB 0x42e0 +00:00:19.612841 EFI: VBoxDbg> loadimage64 'EhciDxe.efi' 0x7dbd6000 LB 0x4cc0 +00:00:19.612894 EFI: VBoxDbg> loadimage64 'XhciDxe.efi' 0x7dbc4000 LB 0x8240 +00:00:19.613801 EFI: VBoxDbg> loadimage64 'UsbBusDxe.efi' 0x7dbd1000 LB 0x4d40 +00:00:19.614230 EFI: VBoxDbg> loadimage64 'UsbKbDxe.efi' 0x7dbf6000 LB 0x3da0 +00:00:19.614690 EFI: VBoxDbg> loadimage64 'UsbMassStorageDxe.efi' 0x7dbec000 LB 0x3100 +00:00:19.615132 EFI: VBoxDbg> loadimage64 'TcpDxe.efi' 0x7db89000 LB 0xc980 +00:00:21.000723 PS2K: Selected scan set 2 +00:00:21.005422 xHCI: Hardware reset +00:00:21.009681 xHCI: USB Operational +00:00:21.015510 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:00:21.399632 AHCI#0: Reset the HBA +00:00:21.399669 VD#0: Cancelling all active requests +00:00:22.041360 EFI: VBoxDbg> loadimage64 'cdboot.efi' 0x10000000 LB 0x15f000 +00:00:26.966689 xHCI: USB Suspended +00:00:26.967781 EFI: relocate module to 0xfffff80680c46000 from 0x7ecea000 +00:00:26.967849 EFI: relocate module to 0xfffff80680c44000 from 0x7ece8000 +00:00:26.967911 EFI: relocate module to 0xfffff80680c40000 from 0x7ece4000 +00:00:26.967973 EFI: relocate module to 0xfffff80680b69000 from 0x7ec0d000 +00:00:26.968064 EFI: relocate module to 0xfffff80680b68000 from 0x7ec0c000 +00:00:26.968126 EFI: relocate module to 0xfffff80680b65000 from 0x7ec09000 +00:00:26.968271 EFI: relocate module to 0xfffff80680b64000 from 0x7ec08000 +00:00:26.968350 EFI: relocate module to 0xfffff80680b63000 from 0x7ec07000 +00:00:27.346827 GIM: HyperV: Guest OS reported ID 0x1040a0000271b +00:00:27.346859 GIM: HyperV: Open-source=false Vendor=0x1 OS=0x4 (Windows NT or derivative) Major=10 Minor=0 ServicePack=0 Build=10011 +00:00:27.346921 GIM: HyperV: Enabled hypercall page at 0x000000000050e000 +00:00:27.347274 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x0000000002612000 +00:00:27.347340 GIM: HyperV: Queried boot zeroed guest memory as 2 ranges +00:00:27.347357 GIM: HyperV: RAM range [0] from 0x0000000000100000 to 0x000000007fffffff (524032 pages, 1.9 GiB) +00:00:27.347368 GIM: HyperV: RAM range [1] from 0x0000000000000000 to 0x000000000009ffff (160 pages, 640.0 KiB) +00:00:27.350584 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x0000000000007000 +00:00:27.350698 GIM: HyperV: Enabled TSC page at 0x000000000000c000 - u64TscScale=0xdacdb600000000 u64TscKHz=0x2db3fe (2 995 198) Seq=1 +00:00:27.350718 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored +00:00:27.350808 GIM0: HyperV: Enabled APIC-assist page at 0x000000000000d000 +00:00:27.362783 RTC: period=0x10 (16) 2048 Hz +00:00:27.631954 RTC: Stopped the periodic timer +00:00:28.156856 RTC: period=0x10 (16) 2048 Hz +00:00:28.389057 RTC: Stopped the periodic timer +00:00:28.389287 RTC: period=0x10 (16) 2048 Hz +00:00:28.390819 RTC: Stopped the periodic timer +00:00:28.391198 RTC: period=0x10 (16) 2048 Hz +00:00:28.392602 RTC: Stopped the periodic timer +00:00:28.392924 RTC: period=0x10 (16) 2048 Hz +00:00:28.500965 RTC: Stopped the periodic timer +00:00:28.501193 RTC: period=0x10 (16) 2048 Hz +00:00:28.530060 RTC: Stopped the periodic timer +00:00:28.530283 RTC: period=0x10 (16) 2048 Hz +00:00:28.533294 RTC: Stopped the periodic timer +00:00:28.533504 RTC: period=0x10 (16) 2048 Hz +00:00:28.560085 RTC: Stopped the periodic timer +00:00:28.560308 RTC: period=0x10 (16) 2048 Hz +00:00:28.565113 RTC: Stopped the periodic timer +00:00:28.565340 RTC: period=0x10 (16) 2048 Hz +00:00:28.593039 RTC: Stopped the periodic timer +00:00:28.593262 RTC: period=0x10 (16) 2048 Hz +00:00:28.596083 RTC: Stopped the periodic timer +00:00:28.596299 RTC: period=0x10 (16) 2048 Hz +00:00:28.606740 RTC: Stopped the periodic timer +00:00:28.606966 RTC: period=0x10 (16) 2048 Hz +00:00:28.608737 RTC: Stopped the periodic timer +00:00:28.608946 RTC: period=0x10 (16) 2048 Hz +00:00:28.609663 RTC: Stopped the periodic timer +00:00:28.609873 RTC: period=0x10 (16) 2048 Hz +00:00:28.610260 RTC: Stopped the periodic timer +00:00:28.610446 RTC: period=0x10 (16) 2048 Hz +00:00:28.630836 RTC: Stopped the periodic timer +00:00:28.631034 RTC: period=0x10 (16) 2048 Hz +00:00:28.641312 RTC: Stopped the periodic timer +00:00:28.641549 RTC: period=0x10 (16) 2048 Hz +00:00:28.658050 RTC: Stopped the periodic timer +00:00:28.658247 RTC: period=0x10 (16) 2048 Hz +00:00:28.673883 RTC: Stopped the periodic timer +00:00:28.674081 RTC: period=0x10 (16) 2048 Hz +00:00:28.698741 RTC: Stopped the periodic timer +00:00:28.698939 RTC: period=0x10 (16) 2048 Hz +00:00:28.708684 RTC: Stopped the periodic timer +00:00:28.708879 RTC: period=0x10 (16) 2048 Hz +00:00:28.722215 RTC: Stopped the periodic timer +00:00:28.722472 RTC: period=0x10 (16) 2048 Hz +00:00:28.737646 RTC: Stopped the periodic timer +00:00:28.737857 RTC: period=0x10 (16) 2048 Hz +00:00:28.752768 RTC: Stopped the periodic timer +00:00:28.752970 RTC: period=0x10 (16) 2048 Hz +00:00:28.767098 RTC: Stopped the periodic timer +00:00:28.767299 RTC: period=0x10 (16) 2048 Hz +00:00:28.790846 RTC: Stopped the periodic timer +00:00:28.791046 RTC: period=0x10 (16) 2048 Hz +00:00:28.800618 RTC: Stopped the periodic timer +00:00:28.800777 RTC: period=0x10 (16) 2048 Hz +00:00:28.813931 RTC: Stopped the periodic timer +00:00:28.814207 RTC: period=0x10 (16) 2048 Hz +00:00:28.833005 RTC: Stopped the periodic timer +00:00:28.833220 RTC: period=0x10 (16) 2048 Hz +00:00:28.848398 RTC: Stopped the periodic timer +00:00:28.848613 RTC: period=0x10 (16) 2048 Hz +00:00:28.870786 RTC: Stopped the periodic timer +00:00:28.870982 RTC: period=0x10 (16) 2048 Hz +00:00:28.881526 RTC: Stopped the periodic timer +00:00:29.310994 AHCI#0: Reset the HBA +00:00:29.311029 VD#0: Cancelling all active requests +00:00:29.514656 xHCI: Hardware reset +00:00:29.531015 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:00:29.726316 xHCI: USB Operational +00:00:30.009130 AIOMgr: Async flushes not supported +00:00:30.995523 HDA: Codec reset +00:00:30.995559 HDA: Reset +00:00:31.111654 HDA: Codec reset +00:00:31.111680 HDA: Reset +00:00:31.770142 HDA: Codec reset +00:00:31.815851 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:32.004259 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:32.006878 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:32.032217 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:32.033567 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:00:32.042719 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:00:32.044088 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:00:32.050687 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:32.063131 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:00:32.064602 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:00:32.072078 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:00:32.073516 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:00:32.094481 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:00:32.095397 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:00:32.096993 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff 01 ff ff ff ff ff ff ff ff ff ff +00:00:32.098407 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:32.099304 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:32.101719 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:00:32.106956 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:00:32.108010 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:00:32.109115 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:00:32.110063 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:11:28.520945 AHCI#0: Port 0 reset +00:11:28.522239 VD#0: Cancelling all active requests +00:13:08.651861 xHCI: USB Suspended +00:13:08.670870 HDA: Codec reset +00:13:08.670899 HDA: Reset +00:13:08.773089 GIM: HyperV: Reset initiated through MSR +00:13:08.773167 ACPI: Reset initiated by ACPI +00:13:08.773212 Changing the VM state from 'RUNNING' to 'RESETTING' +00:13:08.773286 GIM: HyperV: Resetting MMIO2 regions and MSRs +00:13:08.775109 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0) +00:13:08.787500 AHCI#0: Reset the HBA +00:13:08.787534 VD#0: Cancelling all active requests +00:13:08.787587 HDA: Codec reset +00:13:08.787594 HDA: Reset +00:13:08.788761 VMMDevNotifyGuest: fAddEvents=0x1 ignored because enmVMState=8 +00:13:08.970845 Changing the VM state from 'RESETTING' to 'RUNNING' +00:13:08.970897 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:13:08.973722 EFI: debug point SEC_PREMEM +00:13:09.053224 EFI: VBoxDbg> loadimage64 'SecMain.efi' 0xfffcc094 LB 0x0 +00:13:09.053407 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x2020120 LB 0x0 +00:13:09.053563 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x2026fe0 LB 0x2720 +00:13:09.053750 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterPei.efi' 0x20297a0 LB 0xa00 +00:13:09.053922 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerPei.efi' 0x202a220 LB 0x7e0 +00:13:09.054075 EFI: VBoxDbg> loadimage64 'PlatformPei.efi' 0x202aaa0 LB 0xfa60 +00:13:09.056322 EFI: debug point SEC_POSTMEM +00:13:09.056490 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x7f167000 LB 0x6d00 +00:13:09.057419 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x7f164000 LB 0x2720 +00:13:09.058269 EFI: VBoxDbg> loadimage64 'DxeIpl.efi' 0x7f161000 LB 0x23c0 +00:13:09.058468 EFI: VBoxDbg> loadimage64 'S3Resume2Pei.efi' 0x7f15e000 LB 0x2280 +00:13:09.058710 EFI: VBoxDbg> loadimage64 'CpuMpPei.efi' 0x7f14f000 LB 0xe460 +00:13:09.060557 EFI: VBoxDbg> loadimage64 'TpmMmioSevDecryptPei.efi' 0x7f13b000 LB 0x17a0 +00:13:09.060818 EFI: VBoxDbg> loadimage64 'Tcg2ConfigPei.efi' 0x7f139000 LB 0x1a60 +00:13:09.061071 EFI: VBoxDbg> loadimage64 'TcgPei.efi' 0x7f136000 LB 0x2f40 +00:13:09.061302 EFI: VBoxDbg> loadimage64 'Tcg2Pei.efi' 0x7f12c000 LB 0x93a0 +00:13:09.061540 EFI: VBoxDbg> loadimage64 'Tcg2PlatformPei.efi' 0x7f129000 LB 0x23a0 +00:13:09.061784 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x24080 +00:13:09.062333 EFI: debug point DXE_CORE +00:13:09.062574 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x0 +00:13:09.063224 EFI: VBoxDbg> loadimage64 'DevicePathDxe.efi' 0x7e5f3000 LB 0x9ec0 +00:13:09.063387 EFI: VBoxDbg> loadimage64 'PcdDxe.efi' 0x7e600000 LB 0x2f00 +00:13:09.063566 EFI: VBoxDbg> loadimage64 'FvbServicesRuntimeDxe.efi' 0x7ecea000 LB 0x2600 +00:13:09.065404 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterRuntimeDxe.efi' 0x7ece8000 LB 0x1440 +00:13:09.065618 EFI: VBoxDbg> loadimage64 'RuntimeDxe.efi' 0x7ece6000 LB 0x13e0 +00:13:09.065892 EFI: VBoxDbg> loadimage64 'SecurityStubDxe.efi' 0x7e44f000 LB 0xd1aa0 +00:13:09.066086 EFI: VBoxDbg> loadimage64 'EbcDxe.efi' 0x7e5e9000 LB 0x4120 +00:13:09.066243 EFI: VBoxDbg> loadimage64 'CpuIo2Dxe.efi' 0x7e5ee000 LB 0x1360 +00:13:09.066672 EFI: VBoxDbg> loadimage64 'IncompatiblePciDeviceSupportDxe.efi' 0x7e5f1000 LB 0x800 +00:13:09.066846 EFI: VBoxDbg> loadimage64 'PciHotPlugInitDxe.efi' 0x7e5e3000 LB 0x2ac0 +00:13:09.067046 EFI: VBoxDbg> loadimage64 'ResetSystemRuntimeDxe.efi' 0x7ece4000 LB 0x16c0 +00:13:09.067235 EFI: VBoxDbg> loadimage64 'Metronome.efi' 0x7e5e6000 LB 0xd00 +00:13:09.067426 EFI: VBoxDbg> loadimage64 'RngDxe.efi' 0x7e5df000 LB 0x19a0 +00:13:09.067629 EFI: VBoxDbg> loadimage64 'HiiDatabase.efi' 0x7e5a9000 LB 0x1a5c0 +00:13:09.067799 EFI: VBoxDbg> loadimage64 'AcpiTableDxe.efi' 0x7e5d5000 LB 0x4d60 +00:13:09.067949 EFI: VBoxDbg> loadimage64 'TdxDxe.efi' 0x7e5d2000 LB 0x20a0 +00:13:09.068207 EFI: VBoxDbg> loadimage64 'DpcDxe.efi' 0x7e5dd000 LB 0xb20 +00:13:09.068365 EFI: VBoxDbg> loadimage64 'IoMmuDxe.efi' 0x7e5ca000 LB 0x3700 +00:13:09.068558 EFI: VBoxDbg> loadimage64 'EmuVariableFvbRuntimeDxe.efi' 0x7ece3000 LB 0xe00 +00:13:09.068724 EFI: VBoxDbg> unload 'EmuVariableFvbRuntimeDxe.efi' # 0x7ece3000 LB 0xe00 +00:13:09.069423 EFI: VBoxDbg> loadimage64 'VariableRuntimeDxe.efi' 0x7ec0d000 LB 0xd67c0 +00:13:09.082417 EFI: VBoxDbg> loadimage64 'TcgDxe.efi' 0x7e55b000 LB 0x4060 +00:13:09.082913 EFI: VBoxDbg> unload 'TcgDxe.efi' # 0x7e55b000 LB 0x4060 +00:13:09.083635 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerRuntimeDxe.efi' 0x7ec0c000 LB 0xb80 +00:13:09.084073 EFI: VBoxDbg> loadimage64 'CpuDxe.efi' 0x7e52e000 LB 0x18e00 +00:13:09.089269 EFI: VBoxDbg> loadimage64 'SetupBrowser.efi' 0x7e029000 LB 0x12460 +00:13:09.089733 EFI: VBoxDbg> loadimage64 'SmbiosDxe.efi' 0x7e5c4000 LB 0x2fc0 +00:13:09.090493 EFI: VBoxDbg> loadimage64 'AcpiPlatform.efi' 0x7e5c8000 LB 0x720 +00:13:09.090943 EFI: VBoxDbg> unload 'AcpiPlatform.efi' # 0x7e5c8000 LB 0x720 +00:13:09.091352 EFI: VBoxDbg> loadimage64 'LogoDxe.efi' 0x7e043000 LB 0xb7a0 +00:13:09.091812 EFI: VBoxDbg> loadimage64 'FaultTolerantWriteDxe.efi' 0x7e548000 LB 0x2f20 +00:13:09.092570 EFI: VBoxDbg> loadimage64 'Tcg2Dxe.efi' 0x7e00f000 LB 0xcdc0 +00:13:09.093296 EFI: VBoxDbg> unload 'Tcg2Dxe.efi' # 0x7e00f000 LB 0xcdc0 +00:13:09.093755 EFI: VBoxDbg> loadimage64 'LocalApicTimerDxe.efi' 0x7e041000 LB 0x1420 +00:13:09.097394 EFI: VBoxDbg> loadimage64 'PciHostBridgeDxe.efi' 0x7e01d000 LB 0x5780 +00:13:09.099508 EFI: VBoxDbg> loadimage64 'PcRtc.efi' 0x7ec09000 LB 0x2840 +00:13:09.102804 EFI: VBoxDbg> loadimage64 'SecureBootConfigDxe.efi' 0x7dc94000 LB 0xb57c0 +00:13:09.103580 EFI: VBoxDbg> loadimage64 'MonotonicCounterRuntimeDxe.efi' 0x7ec08000 LB 0x860 +00:13:09.110457 EFI: VBoxDbg> loadimage64 'CapsuleRuntimeDxe.efi' 0x7ec07000 LB 0x920 +00:13:09.110907 EFI: VBoxDbg> loadimage64 'DriverHealthManagerDxe.efi' 0x7e018000 LB 0x4240 +00:13:09.111326 EFI: VBoxDbg> loadimage64 'BdsDxe.efi' 0x7dde9000 LB 0x16980 +00:13:09.112202 EFI: VBoxDbg> loadimage64 'RamDiskDxe.efi' 0x7e006000 LB 0x8240 +00:13:09.112653 EFI: VBoxDbg> loadimage64 'DisplayEngine.efi' 0x7ddc7000 LB 0x10800 +00:13:09.113073 EFI: VBoxDbg> loadimage64 'SmbiosPlatformDxe.efi' 0x7e010000 LB 0x1b40 +00:13:09.113652 EFI: VBoxDbg> unload 'SmbiosPlatformDxe.efi' # 0x7e010000 LB 0x1b40 +00:13:09.113921 EFI: VBoxDbg> loadimage64 'PlatformDxe.efi' 0x7e001000 LB 0x4100 +00:13:09.114210 EFI: VBoxDbg> loadimage64 'WatchdogTimer.efi' 0x7e011000 LB 0x7e0 +00:13:09.114481 EFI: VBoxDbg> loadimage64 'QemuKernelLoaderFsDxe.efi' 0x7dde3000 LB 0x2020 +00:13:09.115064 EFI: VBoxDbg> unload 'QemuKernelLoaderFsDxe.efi' # 0x7dde3000 LB 0x2020 +00:13:09.115370 EFI: VBoxDbg> loadimage64 'PciBusDxe.efi' 0x7ddbc000 LB 0xaea0 +00:13:09.115643 EFI: VBoxDbg> loadimage64 'VirtioPciDeviceDxe.efi' 0x7dde7000 LB 0x1120 +00:13:09.115994 EFI: VBoxDbg> loadimage64 'Virtio10.efi' 0x7dde1000 LB 0x2560 +00:13:09.116250 EFI: VBoxDbg> loadimage64 'VirtioScsiDxe.efi' 0x7dddf000 LB 0x1f40 +00:13:09.116673 EFI: VBoxDbg> loadimage64 'MptScsiDxe.efi' 0x7dddd000 LB 0x17e0 +00:13:09.117299 EFI: VBoxDbg> loadimage64 'ConPlatformDxe.efi' 0x7dddb000 LB 0x1c40 +00:13:09.117574 EFI: VBoxDbg> loadimage64 'ConSplitterDxe.efi' 0x7ddb0000 LB 0x5500 +00:13:09.117872 EFI: VBoxDbg> loadimage64 'GraphicsConsoleDxe.efi' 0x7ddac000 LB 0x3f40 +00:13:09.118138 EFI: VBoxDbg> loadimage64 'TerminalDxe.efi' 0x7dda2000 LB 0x4e80 +00:13:09.118390 EFI: VBoxDbg> loadimage64 'DiskIoDxe.efi' 0x7ddb6000 LB 0x1fa0 +00:13:09.118798 EFI: VBoxDbg> loadimage64 'PartitionDxe.efi' 0x7dd9d000 LB 0x4fa0 +00:13:09.119086 EFI: VBoxDbg> loadimage64 'EnglishDxe.efi' 0x7ddba000 LB 0xd80 +00:13:09.119333 EFI: VBoxDbg> loadimage64 'ScsiBus.efi' 0x7dda8000 LB 0x1ee0 +00:13:09.119607 EFI: VBoxDbg> loadimage64 'ScsiDisk.efi' 0x7dd8b000 LB 0x8c40 +00:13:09.120046 EFI: VBoxDbg> loadimage64 'SataController.efi' 0x7dd99000 LB 0x14a0 +00:13:09.120351 EFI: VBoxDbg> loadimage64 'AtaAtapiPassThruDxe.efi' 0x7dd7b000 LB 0x7600 +00:13:09.120699 EFI: VBoxDbg> loadimage64 'AtaBusDxe.efi' 0x7dd87000 LB 0x3ba0 +00:13:09.121061 EFI: VBoxDbg> loadimage64 'NvmExpressDxe.efi' 0x7dd6d000 LB 0x6c80 +00:13:09.121307 EFI: VBoxDbg> loadimage64 'SioBusDxe.efi' 0x7dd97000 LB 0x1520 +00:13:09.121594 EFI: VBoxDbg> loadimage64 'PciSioSerialDxe.efi' 0x7dd68000 LB 0x4dc0 +00:13:09.121880 EFI: VBoxDbg> loadimage64 'Ps2KeyboardDxe.efi' 0x7dd77000 LB 0x3960 +00:13:09.122482 EFI: VBoxDbg> loadimage64 'VBoxVgaDxe.efi' 0x7dd64000 LB 0x3720 +00:13:09.122808 EFI: VBoxDbg> loadimage64 'VBoxHfs.efi' 0x7dd56000 LB 0x6200 +00:13:09.123047 EFI: VBoxDbg> loadimage64 'VBoxSysTables.efi' 0x7dd95000 LB 0xa80 +00:13:09.129136 EFI: VBoxDbg> loadimage64 'VBoxAppleSim.efi' 0x7dd74000 LB 0x2a80 +00:13:09.130163 EFI: VBoxDbg> loadimage64 'VBoxApfsJmpStartDxe.efi' 0x7dd83000 LB 0x1140 +00:13:09.130503 EFI: VBoxDbg> loadimage64 'BootGraphicsResourceTableDxe.efi' 0x7dd85000 LB 0xf00 +00:13:09.130839 EFI: VBoxDbg> loadimage64 'Fat.efi' 0x7dd4f000 LB 0x6ec0 +00:13:09.131116 EFI: VBoxDbg> loadimage64 'UdfDxe.efi' 0x7dd4b000 LB 0x3dc0 +00:13:09.131363 EFI: VBoxDbg> loadimage64 'VirtioFsDxe.efi' 0x7dc8e000 LB 0x5ae0 +00:13:09.131630 EFI: VBoxDbg> loadimage64 'Hash2DxeCrypto.efi' 0x7dd5d000 LB 0x2a40 +00:13:09.131969 EFI: VBoxDbg> loadimage64 'SnpDxe.efi' 0x7dc82000 LB 0x54e0 +00:13:09.132232 EFI: VBoxDbg> loadimage64 'VlanConfigDxe.efi' 0x7dc7c000 LB 0x53e0 +00:13:09.132481 EFI: VBoxDbg> loadimage64 'MnpDxe.efi' 0x7dc6e000 LB 0x6da0 +00:13:09.132723 EFI: VBoxDbg> loadimage64 'ArpDxe.efi' 0x7dc78000 LB 0x3440 +00:13:09.133036 EFI: VBoxDbg> loadimage64 'Dhcp4Dxe.efi' 0x7dc5c000 LB 0x8020 +00:13:09.133296 EFI: VBoxDbg> loadimage64 'Ip4Dxe.efi' 0x7dc38000 LB 0x11940 +00:13:09.133880 EFI: VBoxDbg> loadimage64 'Udp4Dxe.efi' 0x7dc54000 LB 0x7160 +00:13:09.135201 EFI: VBoxDbg> loadimage64 'Mtftp4Dxe.efi' 0x7dc4c000 LB 0x76a0 +00:13:09.135462 EFI: VBoxDbg> loadimage64 'Dhcp6Dxe.efi' 0x7dc2f000 LB 0x81c0 +00:13:09.135737 EFI: VBoxDbg> loadimage64 'Ip6Dxe.efi' 0x7dbfd000 LB 0x18960 +00:13:09.136313 EFI: VBoxDbg> loadimage64 'Udp6Dxe.efi' 0x7dc28000 LB 0x6fa0 +00:13:09.137828 EFI: VBoxDbg> loadimage64 'Mtftp6Dxe.efi' 0x7dc20000 LB 0x7b60 +00:13:09.138098 EFI: VBoxDbg> loadimage64 'UefiPxeBcDxe.efi' 0x7dbdb000 LB 0x10100 +00:13:09.139030 EFI: VBoxDbg> loadimage64 'IScsiDxe.efi' 0x7dba3000 LB 0x1b260 +00:13:09.140743 EFI: VBoxDbg> loadimage64 'VirtioNetDxe.efi' 0x7dc18000 LB 0x3240 +00:13:09.140991 EFI: VBoxDbg> loadimage64 'E1kNetDxe.efi' 0x7dbfa000 LB 0x2ce0 +00:13:09.141255 EFI: VBoxDbg> loadimage64 'UhciDxe.efi' 0x7dbf0000 LB 0x42e0 +00:13:09.141522 EFI: VBoxDbg> loadimage64 'EhciDxe.efi' 0x7dbd6000 LB 0x4cc0 +00:13:09.141787 EFI: VBoxDbg> loadimage64 'XhciDxe.efi' 0x7dbc4000 LB 0x8240 +00:13:09.142146 EFI: VBoxDbg> loadimage64 'UsbBusDxe.efi' 0x7dbd1000 LB 0x4d40 +00:13:09.142432 EFI: VBoxDbg> loadimage64 'UsbKbDxe.efi' 0x7dbf6000 LB 0x3da0 +00:13:09.142726 EFI: VBoxDbg> loadimage64 'UsbMassStorageDxe.efi' 0x7dbec000 LB 0x3100 +00:13:09.143039 EFI: VBoxDbg> loadimage64 'TcpDxe.efi' 0x7db89000 LB 0xc980 +00:13:10.472638 PS2K: Selected scan set 2 +00:13:10.478735 xHCI: Hardware reset +00:13:10.483036 xHCI: USB Operational +00:13:10.488878 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:13:10.830711 AHCI#0: Reset the HBA +00:13:10.830736 VD#0: Cancelling all active requests +00:13:11.541453 EFI: VBoxDbg> loadimage64 'bootmgfw.efi' 0x10000000 LB 0x1c7000 +00:13:16.509650 Changing the VM state from 'RUNNING' to 'SUSPENDING' +00:13:16.509707 PDMR3Suspend: after 0 ms, 1 loops: 1 async tasks - ahci/0 +00:13:16.577527 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0781) created successfully +00:13:16.578849 PDMR3Suspend: 69 159 405 ns run time +00:13:16.578857 Changing the VM state from 'SUSPENDING' to 'SUSPENDED' +00:13:16.580122 DrvVD: Flushes will be ignored +00:13:16.580138 DrvVD: Async flushes will be passed to the disk +00:13:16.580876 ************************* CFGM dump ************************* +00:13:16.580877 [/Devices/ahci/0/LUN#2/AttachedDriver/] (level 0) +00:13:16.580879 Driver = "VD" (cb=3) +00:13:16.580880 +00:13:16.580880 [/Devices/ahci/0/LUN#2/AttachedDriver/Config/] (level 1) (restricted root) +00:13:16.580881 EmptyDrive = 0x0000000000000001 (1) +00:13:16.580882 Mountable = 0x0000000000000001 (1) +00:13:16.580882 Type = "DVD" (cb=4) +00:13:16.580882 +00:13:16.580882 ********************* End of CFGM dump ********************** +00:13:16.580889 Changing the VM state from 'SUSPENDED' to 'RESUMING' +00:13:16.581541 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0723) created successfully +00:13:16.582082 Changing the VM state from 'RESUMING' to 'RUNNING' +00:13:16.725713 xHCI: USB Suspended +00:13:16.728788 EFI: relocate module to 0xfffff8045aa46000 from 0x7ecea000 +00:13:16.729008 EFI: relocate module to 0xfffff8045aa44000 from 0x7ece8000 +00:13:16.729228 EFI: relocate module to 0xfffff8045aa40000 from 0x7ece4000 +00:13:16.729447 EFI: relocate module to 0xfffff8045a969000 from 0x7ec0d000 +00:13:16.729696 EFI: relocate module to 0xfffff8045a968000 from 0x7ec0c000 +00:13:16.729959 EFI: relocate module to 0xfffff8045a965000 from 0x7ec09000 +00:13:16.730261 EFI: relocate module to 0xfffff8045a964000 from 0x7ec08000 +00:13:16.730497 EFI: relocate module to 0xfffff8045a963000 from 0x7ec07000 +00:13:17.116310 GIM: HyperV: Guest OS reported ID 0x1040a0000271b +00:13:17.116335 GIM: HyperV: Open-source=false Vendor=0x1 OS=0x4 (Windows NT or derivative) Major=10 Minor=0 ServicePack=0 Build=10011 +00:13:17.116358 GIM: HyperV: Enabled hypercall page at 0x00000000001f4000 +00:13:17.116470 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x00000000007bb000 +00:13:17.116492 GIM: HyperV: Queried boot zeroed guest memory as 2 ranges +00:13:17.116498 GIM: HyperV: RAM range [0] from 0x0000000000100000 to 0x000000007fffffff (524032 pages, 1.9 GiB) +00:13:17.116503 GIM: HyperV: RAM range [1] from 0x0000000000000000 to 0x000000000009ffff (160 pages, 640.0 KiB) +00:13:17.117674 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x0000000000007000 +00:13:17.117721 GIM: HyperV: Enabled TSC page at 0x000000000000c000 - u64TscScale=0xdacdb600000000 u64TscKHz=0x2db3fe (2 995 198) Seq=1 +00:13:17.117728 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored +00:13:17.117762 GIM0: HyperV: Enabled APIC-assist page at 0x000000000000d000 +00:13:18.954686 AHCI#0: Reset the HBA +00:13:18.954720 VD#0: Cancelling all active requests +00:13:19.052994 xHCI: Hardware reset +00:13:19.069234 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:13:19.178633 xHCI: USB Operational +00:13:19.566694 AIOMgr: Async flushes not supported +00:13:20.539723 Changing the VM state from 'RUNNING' to 'SUSPENDING' +00:13:20.539775 PDMR3Suspend: after 0 ms, 1 loops: 1 async tasks - ahci/0 +00:13:20.611405 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0781) created successfully +00:13:20.611973 PDMR3Suspend: 72 214 619 ns run time +00:13:20.611986 Changing the VM state from 'SUSPENDING' to 'SUSPENDED' +00:13:20.612892 DrvVD: Flushes will be ignored +00:13:20.612908 DrvVD: Async flushes will be passed to the disk +00:13:20.613607 ************************* CFGM dump ************************* +00:13:20.613608 [/Devices/ahci/0/LUN#1/AttachedDriver/] (level 0) +00:13:20.613609 Driver = "VD" (cb=3) +00:13:20.613610 +00:13:20.613610 [/Devices/ahci/0/LUN#1/AttachedDriver/Config/] (level 1) (restricted root) +00:13:20.613610 EmptyDrive = 0x0000000000000001 (1) +00:13:20.613611 Mountable = 0x0000000000000001 (1) +00:13:20.613611 Type = "DVD" (cb=4) +00:13:20.613612 +00:13:20.613612 ********************* End of CFGM dump ********************** +00:13:20.613660 Changing the VM state from 'SUSPENDED' to 'RESUMING' +00:13:20.613896 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0723) created successfully +00:13:20.614379 Changing the VM state from 'RESUMING' to 'RUNNING' +00:13:22.759648 AIOMgr: Async flushes not supported +00:13:25.351673 HDA: Codec reset +00:13:25.351709 HDA: Reset +00:13:25.404862 HDA: Codec reset +00:13:25.404895 HDA: Reset +00:13:30.466238 HDA: Codec reset +00:13:30.505613 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:13:30.623373 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:13:30.625840 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:13:30.675274 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:13:30.675554 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:13:30.680212 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:13:30.681931 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:13:30.689564 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:13:30.700832 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:13:30.702285 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:13:30.710354 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:13:30.711724 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:13:30.732290 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:13:30.733198 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:13:30.736354 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff 01 ff ff ff ff ff ff ff ff ff ff +00:13:30.737084 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:13:30.737984 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:13:30.739002 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:13:30.745194 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:13:30.746019 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:13:30.746963 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:13:30.747901 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:14:16.761361 NAT: Link up +00:16:09.759900 xHCI: USB Suspended +00:16:09.816775 HDA: Codec reset +00:16:09.816805 HDA: Reset +00:16:09.909135 GIM: HyperV: Reset initiated through MSR +00:16:09.909198 Changing the VM state from 'RUNNING' to 'RESETTING' +00:16:09.909418 GIM: HyperV: Resetting MMIO2 regions and MSRs +00:16:09.911248 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0) +00:16:09.928930 AHCI#0: Reset the HBA +00:16:09.929075 VD#0: Cancelling all active requests +00:16:09.929189 HDA: Codec reset +00:16:09.929202 HDA: Reset +00:16:09.930525 VMMDevNotifyGuest: fAddEvents=0x1 ignored because enmVMState=8 +00:16:10.167141 Changing the VM state from 'RESETTING' to 'RUNNING' +00:16:10.167267 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:16:10.169307 EFI: debug point SEC_PREMEM +00:16:10.245003 EFI: VBoxDbg> loadimage64 'SecMain.efi' 0xfffcc094 LB 0x0 +00:16:10.248178 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x2020120 LB 0x0 +00:16:10.255928 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x2026fe0 LB 0x2720 +00:16:10.260622 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterPei.efi' 0x20297a0 LB 0xa00 +00:16:10.261075 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerPei.efi' 0x202a220 LB 0x7e0 +00:16:10.261494 EFI: VBoxDbg> loadimage64 'PlatformPei.efi' 0x202aaa0 LB 0xfa60 +00:16:10.267453 EFI: debug point SEC_POSTMEM +00:16:10.267859 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x7f167000 LB 0x6d00 +00:16:10.271200 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x7f164000 LB 0x2720 +00:16:10.273765 EFI: VBoxDbg> loadimage64 'DxeIpl.efi' 0x7f161000 LB 0x23c0 +00:16:10.274189 EFI: VBoxDbg> loadimage64 'S3Resume2Pei.efi' 0x7f15e000 LB 0x2280 +00:16:10.274834 EFI: VBoxDbg> loadimage64 'CpuMpPei.efi' 0x7f14f000 LB 0xe460 +00:16:10.280671 EFI: VBoxDbg> loadimage64 'TpmMmioSevDecryptPei.efi' 0x7f13b000 LB 0x17a0 +00:16:10.281347 EFI: VBoxDbg> loadimage64 'Tcg2ConfigPei.efi' 0x7f139000 LB 0x1a60 +00:16:10.282116 EFI: VBoxDbg> loadimage64 'TcgPei.efi' 0x7f136000 LB 0x2f40 +00:16:10.282759 EFI: VBoxDbg> loadimage64 'Tcg2Pei.efi' 0x7f12c000 LB 0x93a0 +00:16:10.283420 EFI: VBoxDbg> loadimage64 'Tcg2PlatformPei.efi' 0x7f129000 LB 0x23a0 +00:16:10.284126 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x24080 +00:16:10.285281 EFI: debug point DXE_CORE +00:16:10.288784 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x0 +00:16:10.293189 EFI: VBoxDbg> loadimage64 'DevicePathDxe.efi' 0x7e5f3000 LB 0x9ec0 +00:16:10.293589 EFI: VBoxDbg> loadimage64 'PcdDxe.efi' 0x7e600000 LB 0x2f00 +00:16:10.294351 EFI: VBoxDbg> loadimage64 'FvbServicesRuntimeDxe.efi' 0x7ecea000 LB 0x2600 +00:16:10.299395 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterRuntimeDxe.efi' 0x7ece8000 LB 0x1440 +00:16:10.299880 EFI: VBoxDbg> loadimage64 'RuntimeDxe.efi' 0x7ece6000 LB 0x13e0 +00:16:10.300553 EFI: VBoxDbg> loadimage64 'SecurityStubDxe.efi' 0x7e44f000 LB 0xd1aa0 +00:16:10.301103 EFI: VBoxDbg> loadimage64 'EbcDxe.efi' 0x7e5e9000 LB 0x4120 +00:16:10.301507 EFI: VBoxDbg> loadimage64 'CpuIo2Dxe.efi' 0x7e5ee000 LB 0x1360 +00:16:10.302019 EFI: VBoxDbg> loadimage64 'IncompatiblePciDeviceSupportDxe.efi' 0x7e5f1000 LB 0x800 +00:16:10.302437 EFI: VBoxDbg> loadimage64 'PciHotPlugInitDxe.efi' 0x7e5e3000 LB 0x2ac0 +00:16:10.302883 EFI: VBoxDbg> loadimage64 'ResetSystemRuntimeDxe.efi' 0x7ece4000 LB 0x16c0 +00:16:10.303381 EFI: VBoxDbg> loadimage64 'Metronome.efi' 0x7e5e6000 LB 0xd00 +00:16:10.303877 EFI: VBoxDbg> loadimage64 'RngDxe.efi' 0x7e5df000 LB 0x19a0 +00:16:10.304557 EFI: VBoxDbg> loadimage64 'HiiDatabase.efi' 0x7e5a9000 LB 0x1a5c0 +00:16:10.305020 EFI: VBoxDbg> loadimage64 'AcpiTableDxe.efi' 0x7e5d5000 LB 0x4d60 +00:16:10.305409 EFI: VBoxDbg> loadimage64 'TdxDxe.efi' 0x7e5d2000 LB 0x20a0 +00:16:10.305945 EFI: VBoxDbg> loadimage64 'DpcDxe.efi' 0x7e5dd000 LB 0xb20 +00:16:10.306381 EFI: VBoxDbg> loadimage64 'IoMmuDxe.efi' 0x7e5ca000 LB 0x3700 +00:16:10.306882 EFI: VBoxDbg> loadimage64 'EmuVariableFvbRuntimeDxe.efi' 0x7ece3000 LB 0xe00 +00:16:10.307296 EFI: VBoxDbg> unload 'EmuVariableFvbRuntimeDxe.efi' # 0x7ece3000 LB 0xe00 +00:16:10.307935 EFI: VBoxDbg> loadimage64 'VariableRuntimeDxe.efi' 0x7ec0d000 LB 0xd67c0 +00:16:10.320603 EFI: VBoxDbg> loadimage64 'TcgDxe.efi' 0x7e55b000 LB 0x4060 +00:16:10.321154 EFI: VBoxDbg> unload 'TcgDxe.efi' # 0x7e55b000 LB 0x4060 +00:16:10.321661 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerRuntimeDxe.efi' 0x7ec0c000 LB 0xb80 +00:16:10.322155 EFI: VBoxDbg> loadimage64 'CpuDxe.efi' 0x7e52e000 LB 0x18e00 +00:16:10.327316 EFI: VBoxDbg> loadimage64 'SetupBrowser.efi' 0x7e029000 LB 0x12460 +00:16:10.327727 EFI: VBoxDbg> loadimage64 'SmbiosDxe.efi' 0x7e5c4000 LB 0x2fc0 +00:16:10.328564 EFI: VBoxDbg> loadimage64 'AcpiPlatform.efi' 0x7e5c8000 LB 0x720 +00:16:10.328999 EFI: VBoxDbg> unload 'AcpiPlatform.efi' # 0x7e5c8000 LB 0x720 +00:16:10.329401 EFI: VBoxDbg> loadimage64 'LogoDxe.efi' 0x7e043000 LB 0xb7a0 +00:16:10.329856 EFI: VBoxDbg> loadimage64 'FaultTolerantWriteDxe.efi' 0x7e548000 LB 0x2f20 +00:16:10.330666 EFI: VBoxDbg> loadimage64 'Tcg2Dxe.efi' 0x7e00f000 LB 0xcdc0 +00:16:10.331567 EFI: VBoxDbg> unload 'Tcg2Dxe.efi' # 0x7e00f000 LB 0xcdc0 +00:16:10.332028 EFI: VBoxDbg> loadimage64 'LocalApicTimerDxe.efi' 0x7e041000 LB 0x1420 +00:16:10.334912 EFI: VBoxDbg> loadimage64 'PciHostBridgeDxe.efi' 0x7e01d000 LB 0x5780 +00:16:10.337184 EFI: VBoxDbg> loadimage64 'PcRtc.efi' 0x7ec09000 LB 0x2840 +00:16:10.341257 EFI: VBoxDbg> loadimage64 'SecureBootConfigDxe.efi' 0x7dc94000 LB 0xb57c0 +00:16:10.342368 EFI: VBoxDbg> loadimage64 'MonotonicCounterRuntimeDxe.efi' 0x7ec08000 LB 0x860 +00:16:10.349282 EFI: VBoxDbg> loadimage64 'CapsuleRuntimeDxe.efi' 0x7ec07000 LB 0x920 +00:16:10.349729 EFI: VBoxDbg> loadimage64 'DriverHealthManagerDxe.efi' 0x7e018000 LB 0x4240 +00:16:10.350521 EFI: VBoxDbg> loadimage64 'BdsDxe.efi' 0x7dde9000 LB 0x16980 +00:16:10.351280 EFI: VBoxDbg> loadimage64 'RamDiskDxe.efi' 0x7e006000 LB 0x8240 +00:16:10.351799 EFI: VBoxDbg> loadimage64 'DisplayEngine.efi' 0x7ddc7000 LB 0x10800 +00:16:10.352450 EFI: VBoxDbg> loadimage64 'SmbiosPlatformDxe.efi' 0x7e010000 LB 0x1b40 +00:16:10.353192 EFI: VBoxDbg> unload 'SmbiosPlatformDxe.efi' # 0x7e010000 LB 0x1b40 +00:16:10.353624 EFI: VBoxDbg> loadimage64 'PlatformDxe.efi' 0x7e001000 LB 0x4100 +00:16:10.354135 EFI: VBoxDbg> loadimage64 'WatchdogTimer.efi' 0x7e011000 LB 0x7e0 +00:16:10.354569 EFI: VBoxDbg> loadimage64 'QemuKernelLoaderFsDxe.efi' 0x7dde3000 LB 0x2020 +00:16:10.355709 EFI: VBoxDbg> unload 'QemuKernelLoaderFsDxe.efi' # 0x7dde3000 LB 0x2020 +00:16:10.356226 EFI: VBoxDbg> loadimage64 'PciBusDxe.efi' 0x7ddbc000 LB 0xaea0 +00:16:10.356660 EFI: VBoxDbg> loadimage64 'VirtioPciDeviceDxe.efi' 0x7dde7000 LB 0x1120 +00:16:10.357064 EFI: VBoxDbg> loadimage64 'Virtio10.efi' 0x7dde1000 LB 0x2560 +00:16:10.357480 EFI: VBoxDbg> loadimage64 'VirtioScsiDxe.efi' 0x7dddf000 LB 0x1f40 +00:16:10.357888 EFI: VBoxDbg> loadimage64 'MptScsiDxe.efi' 0x7dddd000 LB 0x17e0 +00:16:10.358391 EFI: VBoxDbg> loadimage64 'ConPlatformDxe.efi' 0x7dddb000 LB 0x1c40 +00:16:10.358845 EFI: VBoxDbg> loadimage64 'ConSplitterDxe.efi' 0x7ddb0000 LB 0x5500 +00:16:10.359379 EFI: VBoxDbg> loadimage64 'GraphicsConsoleDxe.efi' 0x7ddac000 LB 0x3f40 +00:16:10.360559 EFI: VBoxDbg> loadimage64 'TerminalDxe.efi' 0x7dda2000 LB 0x4e80 +00:16:10.361049 EFI: VBoxDbg> loadimage64 'DiskIoDxe.efi' 0x7ddb6000 LB 0x1fa0 +00:16:10.361502 EFI: VBoxDbg> loadimage64 'PartitionDxe.efi' 0x7dd9d000 LB 0x4fa0 +00:16:10.361952 EFI: VBoxDbg> loadimage64 'EnglishDxe.efi' 0x7ddba000 LB 0xd80 +00:16:10.363135 EFI: VBoxDbg> loadimage64 'ScsiBus.efi' 0x7dda8000 LB 0x1ee0 +00:16:10.363550 EFI: VBoxDbg> loadimage64 'ScsiDisk.efi' 0x7dd8b000 LB 0x8c40 +00:16:10.363976 EFI: VBoxDbg> loadimage64 'SataController.efi' 0x7dd99000 LB 0x14a0 +00:16:10.364396 EFI: VBoxDbg> loadimage64 'AtaAtapiPassThruDxe.efi' 0x7dd7b000 LB 0x7600 +00:16:10.364396 EFI: VBoxDbg> loadimage64 'AtaBusDxe.efi' 0x7dd87000 LB 0x3ba0 +00:16:10.364396 EFI: VBoxDbg> loadimage64 'NvmExpressDxe.efi' 0x7dd6d000 LB 0x6c80 +00:16:10.366172 EFI: VBoxDbg> loadimage64 'SioBusDxe.efi' 0x7dd97000 LB 0x1520 +00:16:10.366606 EFI: VBoxDbg> loadimage64 'PciSioSerialDxe.efi' 0x7dd68000 LB 0x4dc0 +00:16:10.367114 EFI: VBoxDbg> loadimage64 'Ps2KeyboardDxe.efi' 0x7dd77000 LB 0x3960 +00:16:10.367612 EFI: VBoxDbg> loadimage64 'VBoxVgaDxe.efi' 0x7dd64000 LB 0x3720 +00:16:10.368101 EFI: VBoxDbg> loadimage64 'VBoxHfs.efi' 0x7dd56000 LB 0x6200 +00:16:10.368518 EFI: VBoxDbg> loadimage64 'VBoxSysTables.efi' 0x7dd95000 LB 0xa80 +00:16:10.385562 EFI: VBoxDbg> loadimage64 'VBoxAppleSim.efi' 0x7dd74000 LB 0x2a80 +00:16:10.386882 EFI: VBoxDbg> loadimage64 'VBoxApfsJmpStartDxe.efi' 0x7dd83000 LB 0x1140 +00:16:10.388846 EFI: VBoxDbg> loadimage64 'BootGraphicsResourceTableDxe.efi' 0x7dd85000 LB 0xf00 +00:16:10.389274 EFI: VBoxDbg> loadimage64 'Fat.efi' 0x7dd4f000 LB 0x6ec0 +00:16:10.389702 EFI: VBoxDbg> loadimage64 'UdfDxe.efi' 0x7dd4b000 LB 0x3dc0 +00:16:10.390491 EFI: VBoxDbg> loadimage64 'VirtioFsDxe.efi' 0x7dc8e000 LB 0x5ae0 +00:16:10.390922 EFI: VBoxDbg> loadimage64 'Hash2DxeCrypto.efi' 0x7dd5d000 LB 0x2a40 +00:16:10.391499 EFI: VBoxDbg> loadimage64 'SnpDxe.efi' 0x7dc82000 LB 0x54e0 +00:16:10.391931 EFI: VBoxDbg> loadimage64 'VlanConfigDxe.efi' 0x7dc7c000 LB 0x53e0 +00:16:10.392342 EFI: VBoxDbg> loadimage64 'MnpDxe.efi' 0x7dc6e000 LB 0x6da0 +00:16:10.392745 EFI: VBoxDbg> loadimage64 'ArpDxe.efi' 0x7dc78000 LB 0x3440 +00:16:10.393169 EFI: VBoxDbg> loadimage64 'Dhcp4Dxe.efi' 0x7dc5c000 LB 0x8020 +00:16:10.393807 EFI: VBoxDbg> loadimage64 'Ip4Dxe.efi' 0x7dc38000 LB 0x11940 +00:16:10.394638 EFI: VBoxDbg> loadimage64 'Udp4Dxe.efi' 0x7dc54000 LB 0x7160 +00:16:10.396076 EFI: VBoxDbg> loadimage64 'Mtftp4Dxe.efi' 0x7dc4c000 LB 0x76a0 +00:16:10.396499 EFI: VBoxDbg> loadimage64 'Dhcp6Dxe.efi' 0x7dc2f000 LB 0x81c0 +00:16:10.396948 EFI: VBoxDbg> loadimage64 'Ip6Dxe.efi' 0x7dbfd000 LB 0x18960 +00:16:10.397697 EFI: VBoxDbg> loadimage64 'Udp6Dxe.efi' 0x7dc28000 LB 0x6fa0 +00:16:10.399204 EFI: VBoxDbg> loadimage64 'Mtftp6Dxe.efi' 0x7dc20000 LB 0x7b60 +00:16:10.399648 EFI: VBoxDbg> loadimage64 'UefiPxeBcDxe.efi' 0x7dbdb000 LB 0x10100 +00:16:10.400742 EFI: VBoxDbg> loadimage64 'IScsiDxe.efi' 0x7dba3000 LB 0x1b260 +00:16:10.402548 EFI: VBoxDbg> loadimage64 'VirtioNetDxe.efi' 0x7dc18000 LB 0x3240 +00:16:10.402970 EFI: VBoxDbg> loadimage64 'E1kNetDxe.efi' 0x7dbfa000 LB 0x2ce0 +00:16:10.403402 EFI: VBoxDbg> loadimage64 'UhciDxe.efi' 0x7dbf0000 LB 0x42e0 +00:16:10.403932 EFI: VBoxDbg> loadimage64 'EhciDxe.efi' 0x7dbd6000 LB 0x4cc0 +00:16:10.404368 EFI: VBoxDbg> loadimage64 'XhciDxe.efi' 0x7dbc4000 LB 0x8240 +00:16:10.404906 EFI: VBoxDbg> loadimage64 'UsbBusDxe.efi' 0x7dbd1000 LB 0x4d40 +00:16:10.405419 EFI: VBoxDbg> loadimage64 'UsbKbDxe.efi' 0x7dbf6000 LB 0x3da0 +00:16:10.405887 EFI: VBoxDbg> loadimage64 'UsbMassStorageDxe.efi' 0x7dbec000 LB 0x3100 +00:16:10.406399 EFI: VBoxDbg> loadimage64 'TcpDxe.efi' 0x7db89000 LB 0xc980 +00:16:11.789371 PS2K: Selected scan set 2 +00:16:11.795442 xHCI: Hardware reset +00:16:11.798281 xHCI: USB Operational +00:16:11.805586 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:16:12.188202 AHCI#0: Reset the HBA +00:16:12.188235 VD#0: Cancelling all active requests +00:16:12.755039 EFI: VBoxDbg> loadimage64 'bootmgfw.efi' 0x10000000 LB 0x1c7000 +00:16:17.238882 xHCI: USB Suspended +00:16:17.240121 EFI: relocate module to 0xfffff80737e46000 from 0x7ecea000 +00:16:17.240191 EFI: relocate module to 0xfffff80737e44000 from 0x7ece8000 +00:16:17.240252 EFI: relocate module to 0xfffff80737e40000 from 0x7ece4000 +00:16:17.240312 EFI: relocate module to 0xfffff80737d69000 from 0x7ec0d000 +00:16:17.240645 EFI: relocate module to 0xfffff80737d68000 from 0x7ec0c000 +00:16:17.240725 EFI: relocate module to 0xfffff80737d65000 from 0x7ec09000 +00:16:17.240795 EFI: relocate module to 0xfffff80737d64000 from 0x7ec08000 +00:16:17.240858 EFI: relocate module to 0xfffff80737d63000 from 0x7ec07000 +00:16:17.547864 GIM: HyperV: Guest OS reported ID 0x1040a0000271b +00:16:17.547899 GIM: HyperV: Open-source=false Vendor=0x1 OS=0x4 (Windows NT or derivative) Major=10 Minor=0 ServicePack=0 Build=10011 +00:16:17.547954 GIM: HyperV: Enabled hypercall page at 0x00000000001f4000 +00:16:17.548298 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x00000000007c3000 +00:16:17.548357 GIM: HyperV: Queried boot zeroed guest memory as 2 ranges +00:16:17.548376 GIM: HyperV: RAM range [0] from 0x0000000000100000 to 0x000000007fffffff (524032 pages, 1.9 GiB) +00:16:17.548387 GIM: HyperV: RAM range [1] from 0x0000000000000000 to 0x000000000009ffff (160 pages, 640.0 KiB) +00:16:17.551523 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x0000000000007000 +00:16:17.551621 GIM: HyperV: Enabled TSC page at 0x000000000000c000 - u64TscScale=0xdacdb600000000 u64TscKHz=0x2db3fe (2 995 198) Seq=1 +00:16:17.551640 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored +00:16:17.551729 GIM0: HyperV: Enabled APIC-assist page at 0x000000000000d000 +00:16:18.674833 AHCI#0: Reset the HBA +00:16:18.674869 VD#0: Cancelling all active requests +00:16:21.874113 xHCI: Hardware reset +00:16:21.884281 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:16:21.912906 HDA: Codec reset +00:16:21.912936 HDA: Reset +00:16:21.924363 xHCI: USB Operational +00:16:21.947838 HDA: Codec reset +00:16:21.947858 HDA: Reset +00:16:22.409808 HDA: Codec reset +00:16:22.440927 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:16:22.692323 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:16:22.704685 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:16:22.803031 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:16:22.804501 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:16:22.808791 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:16:22.811105 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:16:22.816000 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:16:22.822782 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:16:22.823834 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:22.829407 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:22.831827 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:22.849690 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:16:22.850998 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:16:22.854159 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff 01 ff ff ff ff ff ff ff ff ff ff +00:16:22.855238 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:16:22.856154 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:16:22.857060 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:16:22.862984 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:16:22.864029 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:22.864975 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:22.866016 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:16:23.835049 NAT: Link up +00:22:10.299453 Audio: Warning: Scheduling hint of stream '[WasAPI] Front:0' is bigger (10ms) than used period size (0ms) +00:22:31.343123 Changing the VM state from 'RUNNING' to 'SUSPENDING' +00:22:31.421877 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0781) created successfully +00:22:31.422719 PDMR3Suspend: 79 560 742 ns run time +00:22:31.422732 Changing the VM state from 'SUSPENDING' to 'SUSPENDED' +00:22:31.424352 File system of 'C:\Program Files\Oracle\VirtualBox/VBoxGuestAdditions.iso' (DVD) is ntfs +00:22:31.424916 DrvVD: Flushes will be ignored +00:22:31.424934 DrvVD: Async flushes will be passed to the disk +00:22:31.429308 AIOMgr: Endpoint for file 'C:\Program Files\Oracle\VirtualBox/VBoxGuestAdditions.iso' (flags 000c0781) created successfully +00:22:31.429328 VD: Opening the disk took 3545405 ns +00:22:31.429368 ************************* CFGM dump ************************* +00:22:31.429368 [/Devices/ahci/0/LUN#1/AttachedDriver/] (level 0) +00:22:31.429370 Driver = "VD" (cb=3) +00:22:31.429371 +00:22:31.429371 [/Devices/ahci/0/LUN#1/AttachedDriver/Config/] (level 1) (restricted root) +00:22:31.429372 Format = "RAW" (cb=4) +00:22:31.429373 Mountable = 0x0000000000000001 (1) +00:22:31.429373 Path = "C:\Program Files\Oracle\VirtualBox/VBoxGuestAdditions.iso" (cb=58) +00:22:31.429374 ReadOnly = 0x0000000000000001 (1) +00:22:31.429375 Type = "DVD" (cb=4) +00:22:31.429375 UseNewIo = 0x0000000000000001 (1) +00:22:31.429375 +00:22:31.429376 ********************* End of CFGM dump ********************** +00:22:31.429392 Changing the VM state from 'SUSPENDED' to 'RESUMING' +00:22:31.429920 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0723) created successfully +00:22:31.430625 Changing the VM state from 'RESUMING' to 'RUNNING' +00:22:31.434562 AIOMgr: Async flushes not supported +00:23:06.812308 Shared Clipboard: Mode: Host to Guest +00:23:34.885368 VMMDev: Guest Log: VBoxGuest: 7.1.4 r165100 Windows version 10.0, build 19044 +00:23:34.899600 VMMDev: Guest Additions information report: Version 7.1.4 r165100 '7.1.4' +00:23:34.899666 VMMDev: Guest Additions information report: Interface = 0x00010004 osType = 0x0003B100 (Windows 10, 64-bit) +00:23:34.900078 VMMDev: Guest Additions capability report: (0x0 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:23:34.900201 VMMDev: vmmDevReqHandler_HeartbeatConfigure: No change (fHeartbeatActive=false) +00:23:34.900246 VMMDev: Heartbeat flatline timer set to trigger after 4 000 000 000 ns +00:23:34.901086 VMMDev: Guest Additions capability report: (0x0 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:23:42.338527 VMMDev: Guest Log: VBoxMP::DriverEntry: VBox WDDM Driver for Windows 8+ version 7.1.4r165100 rel, 64 bit; Built Oct 10 2024 19:27:44 +00:23:42.339516 VMMDev: Guest Log: VBoxMP::DriverEntry: OsVersion(10, 0, 19044) +00:23:42.340570 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: VGA configuration version 1 +00:23:42.341562 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: VGA configuration: 3D 0, hardware type 1, VGPU10 1 +00:23:42.344238 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: 3D is not supported, hardware type 1 +00:23:42.344433 VMMDev: Guest Log: VBoxMP::DriverEntry: 3D is NOT supported by the host, falling back to display-only mode.. +00:23:42.557378 VMMDev: Guest Log: VBoxMP::vboxWddmPickResources: found the VBE card +00:23:42.558850 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: Handling complex topologies enabled +00:23:42.560668 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: using HGSMI +00:23:42.561909 VMMDev: Guest Log: VBoxMP::vboxWddmVModesAdd: WARNING! :resolution 1920x1440 not accepted by the frontend +00:23:42.562038 VMMDev: Guest Log: VBoxMP::voxWddmVModesInitForTarget: WARNING! :vps(0x57)!=NO_ERROR +00:23:42.562127 VMMDev: Guest Log: VBoxMP::voxWddmVModesInitForTarget: WARNING! :vps(0x57)!=NO_ERROR +00:23:42.562376 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: WDDM: VRAM 0x80000000/0x8000000, FIFO 0x88400000/0x200000, IO 0xc030/0x10 +00:23:42.562783 Enabling different vbva mode +00:23:42.563387 Enabling different vbva mode +00:23:45.174899 VMMDev: Guest Log: VBoxMouse::DriverEntry: DriverEntry: +00:23:51.502366 VMMDev: Guest Log: VBOXNP: DLL loaded. +00:23:51.502436 VMMDev: Guest Log: VBOXNP: vbsfIOCTL: Error opening device, last error = 2 +00:23:58.669491 xHCI: USB Suspended +00:23:58.718499 HDA: Codec reset +00:23:58.718530 HDA: Reset +00:23:58.807826 GIM: HyperV: Reset initiated through MSR +00:23:58.807888 ACPI: Reset initiated by ACPI +00:23:58.807934 Changing the VM state from 'RUNNING' to 'RESETTING' +00:23:58.808005 GIM: HyperV: Resetting MMIO2 regions and MSRs +00:23:58.809797 PIT: mode=3 count=0x10000 (65536) - 18.20 Hz (ch=0) +00:23:58.810274 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000000000000000 w=1024 h=768 bpp=0 cbLine=0x0 flags=0x2 origin=0,0 +00:23:58.833678 AHCI#0: Reset the HBA +00:23:58.833705 VD#0: Cancelling all active requests +00:23:58.833795 HDA: Codec reset +00:23:58.833802 HDA: Reset +00:23:58.834659 VMMDevNotifyGuest: fAddEvents=0x1 ignored because enmVMState=8 +00:23:59.016125 Changing the VM state from 'RESETTING' to 'RUNNING' +00:23:59.016281 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:23:59.018592 EFI: debug point SEC_PREMEM +00:23:59.094082 EFI: VBoxDbg> loadimage64 'SecMain.efi' 0xfffcc094 LB 0x0 +00:23:59.096982 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x2020120 LB 0x0 +00:23:59.100321 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x2026fe0 LB 0x2720 +00:23:59.101190 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterPei.efi' 0x20297a0 LB 0xa00 +00:23:59.101374 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerPei.efi' 0x202a220 LB 0x7e0 +00:23:59.101525 EFI: VBoxDbg> loadimage64 'PlatformPei.efi' 0x202aaa0 LB 0xfa60 +00:23:59.104791 EFI: debug point SEC_POSTMEM +00:23:59.105199 EFI: VBoxDbg> loadimage64 'PeiCore.efi' 0x7f167000 LB 0x6d00 +00:23:59.108864 EFI: VBoxDbg> loadimage64 'PcdPeim.efi' 0x7f164000 LB 0x2720 +00:23:59.111373 EFI: VBoxDbg> loadimage64 'DxeIpl.efi' 0x7f161000 LB 0x23c0 +00:23:59.111791 EFI: VBoxDbg> loadimage64 'S3Resume2Pei.efi' 0x7f15e000 LB 0x2280 +00:23:59.112466 EFI: VBoxDbg> loadimage64 'CpuMpPei.efi' 0x7f14f000 LB 0xe460 +00:23:59.118340 EFI: VBoxDbg> loadimage64 'TpmMmioSevDecryptPei.efi' 0x7f13b000 LB 0x17a0 +00:23:59.118988 EFI: VBoxDbg> loadimage64 'Tcg2ConfigPei.efi' 0x7f139000 LB 0x1a60 +00:23:59.120592 EFI: VBoxDbg> loadimage64 'TcgPei.efi' 0x7f136000 LB 0x2f40 +00:23:59.121229 EFI: VBoxDbg> loadimage64 'Tcg2Pei.efi' 0x7f12c000 LB 0x93a0 +00:23:59.121885 EFI: VBoxDbg> loadimage64 'Tcg2PlatformPei.efi' 0x7f129000 LB 0x23a0 +00:23:59.122553 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x24080 +00:23:59.123375 EFI: debug point DXE_CORE +00:23:59.127074 EFI: VBoxDbg> loadimage64 'DxeCore.efi' 0x7f104000 LB 0x0 +00:23:59.130711 EFI: VBoxDbg> loadimage64 'DevicePathDxe.efi' 0x7e5f3000 LB 0x9ec0 +00:23:59.131121 EFI: VBoxDbg> loadimage64 'PcdDxe.efi' 0x7e600000 LB 0x2f00 +00:23:59.131568 EFI: VBoxDbg> loadimage64 'FvbServicesRuntimeDxe.efi' 0x7ecea000 LB 0x2600 +00:23:59.136657 EFI: VBoxDbg> loadimage64 'ReportStatusCodeRouterRuntimeDxe.efi' 0x7ece8000 LB 0x1440 +00:23:59.137143 EFI: VBoxDbg> loadimage64 'RuntimeDxe.efi' 0x7ece6000 LB 0x13e0 +00:23:59.137770 EFI: VBoxDbg> loadimage64 'SecurityStubDxe.efi' 0x7e44f000 LB 0xd1aa0 +00:23:59.138258 EFI: VBoxDbg> loadimage64 'EbcDxe.efi' 0x7e5e9000 LB 0x4120 +00:23:59.138655 EFI: VBoxDbg> loadimage64 'CpuIo2Dxe.efi' 0x7e5ee000 LB 0x1360 +00:23:59.139113 EFI: VBoxDbg> loadimage64 'IncompatiblePciDeviceSupportDxe.efi' 0x7e5f1000 LB 0x800 +00:23:59.139529 EFI: VBoxDbg> loadimage64 'PciHotPlugInitDxe.efi' 0x7e5e3000 LB 0x2ac0 +00:23:59.140002 EFI: VBoxDbg> loadimage64 'ResetSystemRuntimeDxe.efi' 0x7ece4000 LB 0x16c0 +00:23:59.140502 EFI: VBoxDbg> loadimage64 'Metronome.efi' 0x7e5e6000 LB 0xd00 +00:23:59.140997 EFI: VBoxDbg> loadimage64 'RngDxe.efi' 0x7e5df000 LB 0x19a0 +00:23:59.141514 EFI: VBoxDbg> loadimage64 'HiiDatabase.efi' 0x7e5a9000 LB 0x1a5c0 +00:23:59.142109 EFI: VBoxDbg> loadimage64 'AcpiTableDxe.efi' 0x7e5d5000 LB 0x4d60 +00:23:59.142496 EFI: VBoxDbg> loadimage64 'TdxDxe.efi' 0x7e5d2000 LB 0x20a0 +00:23:59.143035 EFI: VBoxDbg> loadimage64 'DpcDxe.efi' 0x7e5dd000 LB 0xb20 +00:23:59.143431 EFI: VBoxDbg> loadimage64 'IoMmuDxe.efi' 0x7e5ca000 LB 0x3700 +00:23:59.143943 EFI: VBoxDbg> loadimage64 'EmuVariableFvbRuntimeDxe.efi' 0x7ece3000 LB 0xe00 +00:23:59.144361 EFI: VBoxDbg> unload 'EmuVariableFvbRuntimeDxe.efi' # 0x7ece3000 LB 0xe00 +00:23:59.145034 EFI: VBoxDbg> loadimage64 'VariableRuntimeDxe.efi' 0x7ec0d000 LB 0xd67c0 +00:23:59.158017 EFI: VBoxDbg> loadimage64 'TcgDxe.efi' 0x7e55b000 LB 0x4060 +00:23:59.158523 EFI: VBoxDbg> unload 'TcgDxe.efi' # 0x7e55b000 LB 0x4060 +00:23:59.159012 EFI: VBoxDbg> loadimage64 'StatusCodeHandlerRuntimeDxe.efi' 0x7ec0c000 LB 0xb80 +00:23:59.159472 EFI: VBoxDbg> loadimage64 'CpuDxe.efi' 0x7e52e000 LB 0x18e00 +00:23:59.164492 EFI: VBoxDbg> loadimage64 'SetupBrowser.efi' 0x7e029000 LB 0x12460 +00:23:59.164912 EFI: VBoxDbg> loadimage64 'SmbiosDxe.efi' 0x7e5c4000 LB 0x2fc0 +00:23:59.165681 EFI: VBoxDbg> loadimage64 'AcpiPlatform.efi' 0x7e5c8000 LB 0x720 +00:23:59.166150 EFI: VBoxDbg> unload 'AcpiPlatform.efi' # 0x7e5c8000 LB 0x720 +00:23:59.166562 EFI: VBoxDbg> loadimage64 'LogoDxe.efi' 0x7e043000 LB 0xb7a0 +00:23:59.166858 EFI: VBoxDbg> loadimage64 'FaultTolerantWriteDxe.efi' 0x7e548000 LB 0x2f20 +00:23:59.168113 EFI: VBoxDbg> loadimage64 'Tcg2Dxe.efi' 0x7e00f000 LB 0xcdc0 +00:23:59.168841 EFI: VBoxDbg> unload 'Tcg2Dxe.efi' # 0x7e00f000 LB 0xcdc0 +00:23:59.169298 EFI: VBoxDbg> loadimage64 'LocalApicTimerDxe.efi' 0x7e041000 LB 0x1420 +00:23:59.172231 EFI: VBoxDbg> loadimage64 'PciHostBridgeDxe.efi' 0x7e01d000 LB 0x5780 +00:23:59.174109 EFI: VBoxDbg> loadimage64 'PcRtc.efi' 0x7ec09000 LB 0x2840 +00:23:59.178370 EFI: VBoxDbg> loadimage64 'SecureBootConfigDxe.efi' 0x7dc94000 LB 0xb57c0 +00:23:59.178950 EFI: VBoxDbg> loadimage64 'MonotonicCounterRuntimeDxe.efi' 0x7ec08000 LB 0x860 +00:23:59.186014 EFI: VBoxDbg> loadimage64 'CapsuleRuntimeDxe.efi' 0x7ec07000 LB 0x920 +00:23:59.186498 EFI: VBoxDbg> loadimage64 'DriverHealthManagerDxe.efi' 0x7e018000 LB 0x4240 +00:23:59.186929 EFI: VBoxDbg> loadimage64 'BdsDxe.efi' 0x7dde9000 LB 0x16980 +00:23:59.187686 EFI: VBoxDbg> loadimage64 'RamDiskDxe.efi' 0x7e006000 LB 0x8240 +00:23:59.187686 EFI: VBoxDbg> loadimage64 'DisplayEngine.efi' 0x7ddc7000 LB 0x10800 +00:23:59.188866 EFI: VBoxDbg> loadimage64 'SmbiosPlatformDxe.efi' 0x7e010000 LB 0x1b40 +00:23:59.189947 EFI: VBoxDbg> unload 'SmbiosPlatformDxe.efi' # 0x7e010000 LB 0x1b40 +00:23:59.190842 EFI: VBoxDbg> loadimage64 'PlatformDxe.efi' 0x7e001000 LB 0x4100 +00:23:59.191367 EFI: VBoxDbg> loadimage64 'WatchdogTimer.efi' 0x7e011000 LB 0x7e0 +00:23:59.191811 EFI: VBoxDbg> loadimage64 'QemuKernelLoaderFsDxe.efi' 0x7dde3000 LB 0x2020 +00:23:59.192612 EFI: VBoxDbg> unload 'QemuKernelLoaderFsDxe.efi' # 0x7dde3000 LB 0x2020 +00:23:59.193074 EFI: VBoxDbg> loadimage64 'PciBusDxe.efi' 0x7ddbc000 LB 0xaea0 +00:23:59.193503 EFI: VBoxDbg> loadimage64 'VirtioPciDeviceDxe.efi' 0x7dde7000 LB 0x1120 +00:23:59.193901 EFI: VBoxDbg> loadimage64 'Virtio10.efi' 0x7dde1000 LB 0x2560 +00:23:59.194412 EFI: VBoxDbg> loadimage64 'VirtioScsiDxe.efi' 0x7dddf000 LB 0x1f40 +00:23:59.194825 EFI: VBoxDbg> loadimage64 'MptScsiDxe.efi' 0x7dddd000 LB 0x17e0 +00:23:59.195264 EFI: VBoxDbg> loadimage64 'ConPlatformDxe.efi' 0x7dddb000 LB 0x1c40 +00:23:59.195704 EFI: VBoxDbg> loadimage64 'ConSplitterDxe.efi' 0x7ddb0000 LB 0x5500 +00:23:59.196191 EFI: VBoxDbg> loadimage64 'GraphicsConsoleDxe.efi' 0x7ddac000 LB 0x3f40 +00:23:59.196632 EFI: VBoxDbg> loadimage64 'TerminalDxe.efi' 0x7dda2000 LB 0x4e80 +00:23:59.197058 EFI: VBoxDbg> loadimage64 'DiskIoDxe.efi' 0x7ddb6000 LB 0x1fa0 +00:23:59.197498 EFI: VBoxDbg> loadimage64 'PartitionDxe.efi' 0x7dd9d000 LB 0x4fa0 +00:23:59.197942 EFI: VBoxDbg> loadimage64 'EnglishDxe.efi' 0x7ddba000 LB 0xd80 +00:23:59.198394 EFI: VBoxDbg> loadimage64 'ScsiBus.efi' 0x7dda8000 LB 0x1ee0 +00:23:59.198878 EFI: VBoxDbg> loadimage64 'ScsiDisk.efi' 0x7dd8b000 LB 0x8c40 +00:23:59.199616 EFI: VBoxDbg> loadimage64 'SataController.efi' 0x7dd99000 LB 0x14a0 +00:23:59.200105 EFI: VBoxDbg> loadimage64 'AtaAtapiPassThruDxe.efi' 0x7dd7b000 LB 0x7600 +00:23:59.200607 EFI: VBoxDbg> loadimage64 'AtaBusDxe.efi' 0x7dd87000 LB 0x3ba0 +00:23:59.201122 EFI: VBoxDbg> loadimage64 'NvmExpressDxe.efi' 0x7dd6d000 LB 0x6c80 +00:23:59.201526 EFI: VBoxDbg> loadimage64 'SioBusDxe.efi' 0x7dd97000 LB 0x1520 +00:23:59.201976 EFI: VBoxDbg> loadimage64 'PciSioSerialDxe.efi' 0x7dd68000 LB 0x4dc0 +00:23:59.202425 EFI: VBoxDbg> loadimage64 'Ps2KeyboardDxe.efi' 0x7dd77000 LB 0x3960 +00:23:59.202932 EFI: VBoxDbg> loadimage64 'VBoxVgaDxe.efi' 0x7dd64000 LB 0x3720 +00:23:59.203422 EFI: VBoxDbg> loadimage64 'VBoxHfs.efi' 0x7dd56000 LB 0x6200 +00:23:59.203847 EFI: VBoxDbg> loadimage64 'VBoxSysTables.efi' 0x7dd95000 LB 0xa80 +00:23:59.219852 EFI: VBoxDbg> loadimage64 'VBoxAppleSim.efi' 0x7dd74000 LB 0x2a80 +00:23:59.221711 EFI: VBoxDbg> loadimage64 'VBoxApfsJmpStartDxe.efi' 0x7dd83000 LB 0x1140 +00:23:59.222250 EFI: VBoxDbg> loadimage64 'BootGraphicsResourceTableDxe.efi' 0x7dd85000 LB 0xf00 +00:23:59.222700 EFI: VBoxDbg> loadimage64 'Fat.efi' 0x7dd4f000 LB 0x6ec0 +00:23:59.223134 EFI: VBoxDbg> loadimage64 'UdfDxe.efi' 0x7dd4b000 LB 0x3dc0 +00:23:59.223553 EFI: VBoxDbg> loadimage64 'VirtioFsDxe.efi' 0x7dc8e000 LB 0x5ae0 +00:23:59.223979 EFI: VBoxDbg> loadimage64 'Hash2DxeCrypto.efi' 0x7dd5d000 LB 0x2a40 +00:23:59.224576 EFI: VBoxDbg> loadimage64 'SnpDxe.efi' 0x7dc82000 LB 0x54e0 +00:23:59.225009 EFI: VBoxDbg> loadimage64 'VlanConfigDxe.efi' 0x7dc7c000 LB 0x53e0 +00:23:59.225423 EFI: VBoxDbg> loadimage64 'MnpDxe.efi' 0x7dc6e000 LB 0x6da0 +00:23:59.225827 EFI: VBoxDbg> loadimage64 'ArpDxe.efi' 0x7dc78000 LB 0x3440 +00:23:59.226277 EFI: VBoxDbg> loadimage64 'Dhcp4Dxe.efi' 0x7dc5c000 LB 0x8020 +00:23:59.226703 EFI: VBoxDbg> loadimage64 'Ip4Dxe.efi' 0x7dc38000 LB 0x11940 +00:23:59.227452 EFI: VBoxDbg> loadimage64 'Udp4Dxe.efi' 0x7dc54000 LB 0x7160 +00:23:59.228950 EFI: VBoxDbg> loadimage64 'Mtftp4Dxe.efi' 0x7dc4c000 LB 0x76a0 +00:23:59.229373 EFI: VBoxDbg> loadimage64 'Dhcp6Dxe.efi' 0x7dc2f000 LB 0x81c0 +00:23:59.230161 EFI: VBoxDbg> loadimage64 'Ip6Dxe.efi' 0x7dbfd000 LB 0x18960 +00:23:59.230919 EFI: VBoxDbg> loadimage64 'Udp6Dxe.efi' 0x7dc28000 LB 0x6fa0 +00:23:59.232375 EFI: VBoxDbg> loadimage64 'Mtftp6Dxe.efi' 0x7dc20000 LB 0x7b60 +00:23:59.232846 EFI: VBoxDbg> loadimage64 'UefiPxeBcDxe.efi' 0x7dbdb000 LB 0x10100 +00:23:59.233643 EFI: VBoxDbg> loadimage64 'IScsiDxe.efi' 0x7dba3000 LB 0x1b260 +00:23:59.235500 EFI: VBoxDbg> loadimage64 'VirtioNetDxe.efi' 0x7dc18000 LB 0x3240 +00:23:59.235933 EFI: VBoxDbg> loadimage64 'E1kNetDxe.efi' 0x7dbfa000 LB 0x2ce0 +00:23:59.236364 EFI: VBoxDbg> loadimage64 'UhciDxe.efi' 0x7dbf0000 LB 0x42e0 +00:23:59.236791 EFI: VBoxDbg> loadimage64 'EhciDxe.efi' 0x7dbd6000 LB 0x4cc0 +00:23:59.237309 EFI: VBoxDbg> loadimage64 'XhciDxe.efi' 0x7dbc4000 LB 0x8240 +00:23:59.237832 EFI: VBoxDbg> loadimage64 'UsbBusDxe.efi' 0x7dbd1000 LB 0x4d40 +00:23:59.238296 EFI: VBoxDbg> loadimage64 'UsbKbDxe.efi' 0x7dbf6000 LB 0x3da0 +00:23:59.238783 EFI: VBoxDbg> loadimage64 'UsbMassStorageDxe.efi' 0x7dbec000 LB 0x3100 +00:23:59.239220 EFI: VBoxDbg> loadimage64 'TcpDxe.efi' 0x7db89000 LB 0xc980 +00:24:00.061889 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1024 h=768 bpp=32 cbLine=0x1000 flags=0x0 origin=0,0 +00:24:00.434773 PS2K: Selected scan set 2 +00:24:00.440193 xHCI: Hardware reset +00:24:00.444539 xHCI: USB Operational +00:24:00.450438 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:24:00.828484 AHCI#0: Reset the HBA +00:24:00.828517 VD#0: Cancelling all active requests +00:24:01.508727 EFI: VBoxDbg> loadimage64 'bootmgfw.efi' 0x10000000 LB 0x1c7000 +00:24:06.200298 xHCI: USB Suspended +00:24:06.203510 EFI: relocate module to 0xfffff80069446000 from 0x7ecea000 +00:24:06.203733 EFI: relocate module to 0xfffff80069444000 from 0x7ece8000 +00:24:06.203954 EFI: relocate module to 0xfffff80069440000 from 0x7ece4000 +00:24:06.204172 EFI: relocate module to 0xfffff80069369000 from 0x7ec0d000 +00:24:06.204431 EFI: relocate module to 0xfffff80069368000 from 0x7ec0c000 +00:24:06.204650 EFI: relocate module to 0xfffff80069365000 from 0x7ec09000 +00:24:06.204869 EFI: relocate module to 0xfffff80069364000 from 0x7ec08000 +00:24:06.205089 EFI: relocate module to 0xfffff80069363000 from 0x7ec07000 +00:24:06.488216 GIM: HyperV: Guest OS reported ID 0x1040a0000271b +00:24:06.488250 GIM: HyperV: Open-source=false Vendor=0x1 OS=0x4 (Windows NT or derivative) Major=10 Minor=0 ServicePack=0 Build=10011 +00:24:06.488306 GIM: HyperV: Enabled hypercall page at 0x00000000001f5000 +00:24:06.488821 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x00000000007c3000 +00:24:06.488884 GIM: HyperV: Queried boot zeroed guest memory as 2 ranges +00:24:06.488902 GIM: HyperV: RAM range [0] from 0x0000000000100000 to 0x000000007fffffff (524032 pages, 1.9 GiB) +00:24:06.488914 GIM: HyperV: RAM range [1] from 0x0000000000000000 to 0x000000000009ffff (160 pages, 640.0 KiB) +00:24:06.492772 GIM: HyperV: Queried extended hypercall capabilities 0x1 at 0x0000000000007000 +00:24:06.493086 GIM: HyperV: Enabled TSC page at 0x000000000000c000 - u64TscScale=0xdacdb600000000 u64TscKHz=0x2db3fe (2 995 198) Seq=1 +00:24:06.493131 TM: Host/VM is not suitable for using TSC mode 'RealTSCOffset', request to change TSC mode ignored +00:24:06.493235 GIM0: HyperV: Enabled APIC-assist page at 0x000000000000d000 +00:24:07.581312 AHCI#0: Reset the HBA +00:24:07.581347 VD#0: Cancelling all active requests +00:24:07.643116 VMMDev: Guest Log: VBoxGuest: 7.1.4 r165100 Windows version 10.0, build 19041 +00:24:07.653190 VMMDev: Guest Additions information report: Version 7.1.4 r165100 '7.1.4' +00:24:07.653248 VMMDev: Guest Additions information report: Interface = 0x00010004 osType = 0x0003B100 (Windows 10, 64-bit) +00:24:07.653358 VMMDev: Guest Additions capability report: (0x0 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:07.653639 VMMDev: Heartbeat checking timer has been stopped (rc=VINF_SUCCESS) +00:24:07.653682 VMMDev: Heartbeat flatline timer set to trigger after 4 000 000 000 ns +00:24:07.655492 VMMDev: Guest Additions capability report: (0x0 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:10.835159 VMMDev: Guest Log: VBoxSF: 7.1.4 r165100 g_fHostFeatures=0x8000000f g_fSfFeatures=0x1 g_uSfLastFunction=29 +00:24:10.977272 VMMDev: Guest Log: VBoxMouse::DriverEntry: DriverEntry: +00:24:11.046676 VMMDev: Guest Log: VBoxMP::DriverEntry: VBox WDDM Driver for Windows 8+ version 7.1.4r165100 rel, 64 bit; Built Oct 10 2024 19:27:44 +00:24:11.047416 VMMDev: Guest Log: VBoxMP::DriverEntry: OsVersion(10, 0, 19041) +00:24:11.048263 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: VGA configuration version 1 +00:24:11.049268 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: VGA configuration: 3D 0, hardware type 1, VGPU10 1 +00:24:11.049727 VMMDev: Guest Log: VBoxMP::DriverEntry: WDDM: 3D is not supported, hardware type 1 +00:24:11.050091 VMMDev: Guest Log: VBoxMP::DriverEntry: 3D is NOT supported by the host, falling back to display-only mode.. +00:24:11.457693 xHCI: Hardware reset +00:24:11.463053 xHCI: USB Operational +00:24:11.467863 xHCI: Root hub-attached device reset completed with VINF_SUCCESS +00:24:11.480855 HDA: Codec reset +00:24:11.480874 HDA: Reset +00:24:11.510339 HDA: Codec reset +00:24:11.510358 HDA: Reset +00:24:13.434374 NAT: Link up +00:24:15.546885 HDA: Codec reset +00:24:15.594292 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:24:15.925759 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:24:15.949536 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:24:16.089011 Audio Mixer: MUTING sink 'HDA Mixer/PCM Output' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:24:16.089937 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:24:16.094286 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:24:16.102998 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:24:16.107944 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:24:16.122631 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:24:16.124739 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:16.135195 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:16.136730 Audio Mixer: Setting sink 'HDA Mixer/PCM Output' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:16.165437 Audio Mixer: MUTING sink 'HDA Mixer/Line In' -- channel volumes: 00 00 00 00 00 00 00 00 00 00 00 00 +00:24:16.167496 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: 01 01 01 01 01 01 01 01 01 01 01 01 +00:24:16.170506 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff 01 ff ff ff ff ff ff ff ff ff ff +00:24:16.171988 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:24:16.172939 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:24:16.173895 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ff ff ff ff ff ff ff ff ff ff ff ff +00:24:16.180898 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ff ff ff ff ff ff ff ff ff ff ff +00:24:16.184542 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:16.186508 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:16.188562 Audio Mixer: Setting sink 'HDA Mixer/Line In' -- channel volumes: ef ef ef ef ef ef ef ef ef ef ef ef +00:24:25.429389 VMMDev: Guest Log: VBoxMP::vboxWddmPickResources: found the VBE card +00:24:25.429505 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: Handling complex topologies enabled +00:24:25.430209 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: using HGSMI +00:24:25.430810 VMMDev: Guest Log: VBoxMP::vboxWddmVModesAdd: WARNING! :resolution 1920x1440 not accepted by the frontend +00:24:25.430966 VMMDev: Guest Log: VBoxMP::voxWddmVModesInitForTarget: WARNING! :vps(0x57)!=NO_ERROR +00:24:25.431142 VMMDev: Guest Log: VBoxMP::voxWddmVModesInitForTarget: WARNING! :vps(0x57)!=NO_ERROR +00:24:25.431325 VMMDev: Guest Log: VBoxMP::DxgkDdiStartDevice: WDDM: VRAM 0x80000000/0x8000000, FIFO 0x88400000/0x200000, IO 0xc030/0x10 +00:24:25.431626 Enabling different vbva mode +00:24:25.431784 Enabling different vbva mode +00:24:32.984232 VMMDev: Guest Log: 20:20:32.295771 main VBoxService 7.1.4 r165100 (verbosity: 0) win.amd64 (Oct 10 2024 19:27:42) release log +00:24:32.984263 VMMDev: Guest Log: 20:20:32.295771 main Log opened 2024-11-18T20:20:32.295771100Z +00:24:32.984508 VMMDev: Guest Log: 20:20:32.311625 main OS Product: Windows 10 +00:24:32.984573 VMMDev: Guest Log: 20:20:32.311625 main OS Release: 10.0.19044 +00:24:32.984638 VMMDev: Guest Log: 20:20:32.311625 main OS Service Pack: +00:24:32.984704 VMMDev: Guest Log: 20:20:32.311625 main Executable: C:\Windows\System32\VBoxService.exe +00:24:32.984721 VMMDev: Guest Log: 20:20:32.311625 main Process ID: 1264 +00:24:32.984730 VMMDev: Guest Log: 20:20:32.311625 main Package type: WINDOWS_64BITS_GENERIC +00:24:33.047276 VMMDev: Guest Log: 20:20:32.373725 main 7.1.4 r165100 started. Verbose level = 0 +00:24:33.139270 VMMDev: Guest Log: 20:20:32.467473 vbglR3GuestCtrlDetectPeekGetCancelSupport: Supported (#1) +00:24:33.139478 Guest Control: GUEST_MSG_REPORT_FEATURES: 0x7f, 0x8000000000000000 +00:24:33.140215 VMMDev: Guest Log: 20:20:32.467473 vgsvcTimeSyncInit: Initially 156250 (100ns) units per 156250 (100 ns) units interval, disabled=1 +00:24:33.150280 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:35.627547 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:35.627889 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:37.909034 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:37.909442 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:40.306711 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:40.307297 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:42.508625 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:42.509204 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:44.742517 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:44.743147 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:46.970727 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:46.971040 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:49.180326 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:49.180730 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:51.413971 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:51.415679 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:53.651301 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:24:53.651665 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:24:55.868337 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:25:27.844014 VMMDev: Guest Log: VBOXNP: DLL loaded. +00:25:33.089903 Shared Clipboard: New Clipboard API enabled +00:25:33.092960 Shared Clipboard: Initialized window thread OLE +00:25:33.096621 VMMDev: Guest Additions capability report: (0x0 -> 0x1) seamless: yes, hostWindowMapping: no, graphics: no +00:25:33.125954 DnD: Feature is disabled, ignoring request from guest +00:25:33.191530 VMMDev: Guest Additions capability report: (0x1 -> 0x5) seamless: yes, hostWindowMapping: no, graphics: yes +00:25:40.262586 Shared Clipboard: File transfers are disabled on host, skipping reporting those to the guest +00:25:46.317638 Changing the VM state from 'RUNNING' to 'SUSPENDING' +00:25:46.317695 PDMR3Suspend: after 0 ms, 1 loops: 1 async tasks - ahci/0 +00:25:46.489484 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0781) created successfully +00:25:46.490483 PDMR3Suspend: 172 805 191 ns run time +00:25:46.490502 Changing the VM state from 'SUSPENDING' to 'SUSPENDED' +00:25:46.491270 DrvVD: Flushes will be ignored +00:25:46.491285 DrvVD: Async flushes will be passed to the disk +00:25:46.492088 ************************* CFGM dump ************************* +00:25:46.492089 [/Devices/ahci/0/LUN#1/AttachedDriver/] (level 0) +00:25:46.492090 Driver = "VD" (cb=3) +00:25:46.492091 +00:25:46.492091 [/Devices/ahci/0/LUN#1/AttachedDriver/Config/] (level 1) (restricted root) +00:25:46.492091 EmptyDrive = 0x0000000000000001 (1) +00:25:46.492092 Mountable = 0x0000000000000001 (1) +00:25:46.492093 Type = "DVD" (cb=4) +00:25:46.492093 +00:25:46.492093 ********************* End of CFGM dump ********************** +00:25:46.492111 Changing the VM state from 'SUSPENDED' to 'RESUMING' +00:25:46.492401 AIOMgr: Endpoint for file 'F:/VHDs/Tiny10-Bimmer-Tools/bimmertools/bimmertools.vhd' (flags 000c0723) created successfully +00:25:46.492955 Changing the VM state from 'RESUMING' to 'RUNNING' +00:25:46.498459 AIOMgr: Async flushes not supported +00:26:04.548858 VMMDev: SetVideoModeHint: Got a video mode hint (1115x786x32)@(0x0),(1;0) at 0 +00:26:04.556696 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1115 h=786 bpp=32 cbLine=0x116C flags=0x1 origin=0,0 +00:26:04.636056 VMMDev: SetVideoModeHint: Got a video mode hint (1117x786x32)@(0x0),(1;0) at 0 +00:26:04.658870 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1117 h=786 bpp=32 cbLine=0x1174 flags=0x1 origin=0,0 +00:26:04.676719 VMMDev: SetVideoModeHint: Got a video mode hint (1127x787x32)@(0x0),(1;0) at 0 +00:26:04.684419 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1127 h=787 bpp=32 cbLine=0x119C flags=0x1 origin=0,0 +00:26:04.744621 VMMDev: SetVideoModeHint: Got a video mode hint (1139x789x32)@(0x0),(1;0) at 0 +00:26:04.752313 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1139 h=789 bpp=32 cbLine=0x11CC flags=0x1 origin=0,0 +00:26:05.255117 VMMDev: SetVideoModeHint: Got a video mode hint (1140x789x32)@(0x0),(1;0) at 0 +00:26:05.259852 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=00000220f6320000 w=1140 h=789 bpp=32 cbLine=0x11D0 flags=0x1 origin=0,0 +00:26:13.919346 Shared Clipboard: Mode: Off +00:26:17.477131 Shared Clipboard: Mode: Host to Guest +00:27:38.687245 VMMDev: Guest Log: VBOXNP: DLL unloaded. +00:28:31.349491 VMMDev: Guest Additions capability report: (0x5 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:28:33.137128 VMMDev: Guest Additions capability report: (0x0 -> 0x1) seamless: yes, hostWindowMapping: no, graphics: no +00:28:33.137432 VMMDev: Guest Additions capability report: (0x1 -> 0x5) seamless: yes, hostWindowMapping: no, graphics: yes +00:35:06.933350 AHCI#0: Port 0 reset +00:35:06.934824 VD#0: Cancelling all active requests +00:38:00.980159 VMMDev: Guest Additions capability report: (0x5 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:38:04.212947 VMMDev: Guest Additions capability report: (0x0 -> 0x1) seamless: yes, hostWindowMapping: no, graphics: no +00:38:04.213262 VMMDev: Guest Additions capability report: (0x1 -> 0x5) seamless: yes, hostWindowMapping: no, graphics: yes +00:39:18.610251 VMMDev: Guest Additions capability report: (0x5 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:39:22.096777 VMMDev: Guest Additions capability report: (0x0 -> 0x1) seamless: yes, hostWindowMapping: no, graphics: no +00:39:22.097087 VMMDev: Guest Additions capability report: (0x1 -> 0x5) seamless: yes, hostWindowMapping: no, graphics: yes +00:42:40.217075 VMMDev: Guest Additions capability report: (0x5 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:42:41.029983 VMMDev: Guest Additions capability report: (0x0 -> 0x1) seamless: yes, hostWindowMapping: no, graphics: no +00:42:41.030342 VMMDev: Guest Additions capability report: (0x1 -> 0x5) seamless: yes, hostWindowMapping: no, graphics: yes +00:43:19.181868 VMMDev: Guest Additions capability report: (0x5 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:43:23.765034 VMMDev: Guest Log: VBOXNP: DLL loaded. +00:43:25.043205 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:43:27.276202 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:43:27.276799 VMMDev: Guest Additions capability report: (0x0 -> 0x4) seamless: no, hostWindowMapping: no, graphics: yes +00:43:29.281427 VMMDev: Guest Log: 20:39:28.250667 control Guest control service stopped +00:43:29.320597 VMMDev: Guest Log: 20:39:28.285558 control Guest control worker returned with rc=VINF_TRY_AGAIN +00:43:29.329781 VMMDev: Guest Log: 20:39:28.301890 main Session 0 is about to close ... +00:43:29.330044 VMMDev: Guest Log: 20:39:28.301890 main Stopping all guest processes ... +00:43:29.330111 VMMDev: Guest Log: 20:39:28.301890 main Closing all guest files ... +00:43:29.501586 VMMDev: Guest Additions capability report: (0x4 -> 0x0) seamless: no, hostWindowMapping: no, graphics: no +00:43:29.503911 VMMDev: Guest Log: 20:39:28.469746 main Ended. +00:43:37.946252 VMMDev: Guest requests the VM to be turned off +00:43:37.946285 Changing the VM state from 'RUNNING' to 'POWERING_OFF' +00:43:37.946301 ****************** Guest state at power off for VCpu 0 ****************** +00:43:37.946305 Guest CPUM (VCPU 0) state: +00:43:37.946322 rax=ffff9201bc180000 rbx=ffffd08d46dca010 rcx=0000000000000000 rdx=0000072000000000 +00:43:37.946324 rsi=ffffd08d46d50960 rdi=0000000044000249 r8 =000000000000c054 r9 =0000000000000002 +00:43:37.946325 r10=fffff800667774f0 r11=ffff810313ed8a00 r12=0000000000000032 r13=00000000ffffffff +00:43:37.946326 r14=fffff800685c3048 r15=fffff800685aa328 +00:43:37.946327 rip=fffff8006c408eae rsp=ffff810313ed8a30 rbp=0000000000000000 iopl=0 nv up ei nt zr ac po cy +00:43:37.946328 cs={0010 base=0000000000000000 limit=00000000 flags=0000209b} +00:43:37.946329 ds={002b base=0000000000000000 limit=ffffffff flags=0000c0f3} +00:43:37.946330 es={002b base=0000000000000000 limit=ffffffff flags=0000c0f3} +00:43:37.946330 fs={0053 base=0000000000000000 limit=00003c00 flags=000040f3} +00:43:37.946330 gs={002b base=fffff80065434000 limit=ffffffff flags=0000c0f3} +00:43:37.946331 ss={0018 base=0000000000000000 limit=00000000 flags=00004093} +00:43:37.946331 cr0=0000000080050033 cr2=fffff8006c2ba150 cr3=00000000001ad000 cr4=00000000000106f8 +00:43:37.946332 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 +00:43:37.946333 dr4=0000000000000000 dr5=0000000000000000 dr6=00000000ffff0ff0 dr7=0000000000000400 +00:43:37.946334 gdtr=fffff80068e6afb0:0057 idtr=fffff80068e68000:0fff eflags=00000297 +00:43:37.946335 ldtr={0000 base=00000000 limit=000fffff flags=00000000} +00:43:37.946335 tr ={0040 base=fffff80068e69000 limit=00000067 flags=0000008b} +00:43:37.946336 SysEnter={cs=0000 eip=0000000000000000 esp=0000000000000000} +00:43:37.946340 xcr=0000000000000001 xcr1=0000000000000000 xss=0000000000000000 (fXStateMask=0000000000000000) +00:43:37.946341 FCW=027f FSW=0000 FTW=0000 FOP=0000 MXCSR=00001f80 MXCSR_MASK=0000ffff +00:43:37.946342 FPUIP=00000000 CS=0000 Rsrvd1=0000 FPUDP=00000000 DS=0000 Rsvrd2=0000 +00:43:37.946342 ST(0)=FPR0={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946344 ST(1)=FPR1={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946345 ST(2)=FPR2={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946346 ST(3)=FPR3={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946346 ST(4)=FPR4={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946347 ST(5)=FPR5={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946348 ST(6)=FPR6={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946349 ST(7)=FPR7={0000'00000000'00000000} t0 +0.0000000000000000000000 * 2 ^ -16383 (*) +00:43:37.946349 XMM0 =00000000'00000000'00000000'00000000 XMM1 =00000000'00000000'00000000'00000000 +00:43:37.946350 XMM2 =00000002'00000000'00000000'00000000 XMM3 =00000000'00000000'00000000'1fc00000 +00:43:37.946351 XMM4 =00000000'00cd0a3c'00000000'00000007 XMM5 =00000000'00000000'00000000'00000000 +00:43:37.946352 XMM6 =00000000'00000000'00000000'00000000 XMM7 =00000000'00000000'00000000'00000000 +00:43:37.946353 XMM8 =00000000'00000000'00000000'00000000 XMM9 =00000000'00000000'00000000'00000000 +00:43:37.946354 XMM10=00000000'00000000'00000000'00000000 XMM11=00000000'00000000'00000000'00000000 +00:43:37.946355 XMM12=00000000'00000000'00000000'00000000 XMM13=00000000'00000000'00000000'00000000 +00:43:37.946356 XMM14=00000000'00000000'00000000'00000000 XMM15=00000000'00000000'00000000'00000000 +00:43:37.946357 EFER =0000000000000d01 +00:43:37.946357 PAT =0007010600070106 +00:43:37.946358 STAR =0023001000000000 +00:43:37.946358 CSTAR =fffff80066821b40 +00:43:37.946358 LSTAR =fffff80066822000 +00:43:37.946359 SFMASK =0000000000004700 +00:43:37.946359 KERNELGSBASE =00000022318f2000 +00:43:37.946359 MTRR_CAP =0000000000000510 +00:43:37.946360 MTRR_DEF_TYPE =0000000000000c00 +00:43:37.946360 MTRR_FIX64K_00000 =0606060606060606 +00:43:37.946360 MTRR_FIX16K_80000 =0606060606060606 +00:43:37.946361 MTRR_FIX16K_A0000 =0000000000000000 +00:43:37.946361 MTRR_FIX4K_C0000 =0505050505050505 +00:43:37.946361 MTRR_FIX4K_C8000 =0505050505050505 +00:43:37.946362 MTRR_FIX4K_D0000 =0505050505050505 +00:43:37.946362 MTRR_FIX4K_D8000 =0505050505050505 +00:43:37.946362 MTRR_FIX4K_E0000 =0505050505050505 +00:43:37.946363 MTRR_FIX4K_E8000 =0505050505050505 +00:43:37.946363 MTRR_FIX4K_F0000 =0505050505050505 +00:43:37.946363 MTRR_FIX4K_F8000 =0505050505050505 +00:43:37.946364 MTRR_PHYSBASE[ 0] =0000000000000006 First=0000000000000000 0 MB [WB] +00:43:37.946365 MTRR_PHYSMASK[ 0] =0000007f80000800 Last =000000007fffffff 2047 MB [2048 MB] +00:43:37.946366 MTRR_PHYSBASE[ 1] =0000000000000000 +00:43:37.946366 MTRR_PHYSMASK[ 1] =0000000000000000 +00:43:37.946366 MTRR_PHYSBASE[ 2] =0000000000000000 +00:43:37.946367 MTRR_PHYSMASK[ 2] =0000000000000000 +00:43:37.946367 MTRR_PHYSBASE[ 3] =0000000000000000 +00:43:37.946367 MTRR_PHYSMASK[ 3] =0000000000000000 +00:43:37.946367 MTRR_PHYSBASE[ 4] =0000000000000000 +00:43:37.946368 MTRR_PHYSMASK[ 4] =0000000000000000 +00:43:37.946368 MTRR_PHYSBASE[ 5] =0000000000000000 +00:43:37.946368 MTRR_PHYSMASK[ 5] =0000000000000000 +00:43:37.946368 MTRR_PHYSBASE[ 6] =0000000000000000 +00:43:37.946369 MTRR_PHYSMASK[ 6] =0000000000000000 +00:43:37.946369 MTRR_PHYSBASE[ 7] =0000000000000000 +00:43:37.946369 MTRR_PHYSMASK[ 7] =0000000000000000 +00:43:37.946369 MTRR_PHYSBASE[ 8] =0000000000000000 +00:43:37.946370 MTRR_PHYSMASK[ 8] =0000000000000000 +00:43:37.946370 MTRR_PHYSBASE[ 9] =0000000000000000 +00:43:37.946370 MTRR_PHYSMASK[ 9] =0000000000000000 +00:43:37.946370 MTRR_PHYSBASE[10] =0000000000000000 +00:43:37.946371 MTRR_PHYSMASK[10] =0000000000000000 +00:43:37.946371 MTRR_PHYSBASE[11] =0000000000000000 +00:43:37.946371 MTRR_PHYSMASK[11] =0000000000000000 +00:43:37.946371 MTRR_PHYSBASE[12] =0000000000000000 +00:43:37.946372 MTRR_PHYSMASK[12] =0000000000000000 +00:43:37.946372 MTRR_PHYSBASE[13] =0000000000000000 +00:43:37.946372 MTRR_PHYSMASK[13] =0000000000000000 +00:43:37.946372 MTRR_PHYSBASE[14] =0000000000000000 +00:43:37.946373 MTRR_PHYSMASK[14] =0000000000000000 +00:43:37.946373 MTRR_PHYSBASE[15] =0000000000000000 +00:43:37.946373 MTRR_PHYSMASK[15] =0000000000000000 +00:43:37.946378 *** +00:43:37.946384 VCPU[0] hardware virtualization state: +00:43:37.946385 fSavedInhibit = 0x0 +00:43:37.946385 In nested-guest hwvirt mode = false +00:43:37.946386 Hwvirt state disabled. +00:43:37.946386 *** +00:43:37.946390 Guest paging mode (VCPU #0): AMD64+NX (changed 3 times), A20 enabled (changed 0 times) +00:43:37.946391 Guest SLAT mode (VCPU #0): Direct +00:43:37.946391 Shadow paging mode (VCPU #0): None +00:43:37.946392 Host paging mode: AMD64+G+NX +00:43:37.946393 *** +00:43:37.946394 Active Timers (pVM=00000220747e0000) +00:43:37.946394 pTimerR3 offNext offPrev offSched Clock Time Expire HzHint State Description +00:43:37.946396 00000220f5410180 00000007 ffffffff ffffffff Real 711574721 711574735 0 2-ACTIVE VGA Refresh +00:43:37.946398 00000220f5410380 ffffffff 00000003 ffffffff Real 711574721 711575615 0 2-ACTIVE CPU Load Timer +00:43:37.946399 00000220ffbb0280 00000008 ffffffff ffffffff Virt 2616761022824 2620516741440 0 2-ACTIVE Heartbeat flatlined +00:43:37.946401 00000220ffbb0400 ffffffff 00000005 ffffffff Virt 2616761024376 2621755375201 0 2-ACTIVE E1000 Link Up +00:43:37.946403 00000220f5cb0180 00000002 ffffffff ffffffff VrSy 2616746582032 2616746582032 2048 2-ACTIVE MC146818 RTC Periodic +00:43:37.946404 00000220f5cb0100 00000004 00000003 ffffffff VrSy 2616746582032 2616765054028 18 2-ACTIVE i8254 PIT +00:43:37.946405 00000220f5cb0200 0000000e 00000002 ffffffff VrSy 2616746582032 2616990000000 0 2-ACTIVE MC146818 RTC Second +00:43:37.946407 00000220f5cb0700 ffffffff 00000004 ffffffff VrSy 2616746582032 2637514826563 0 2-ACTIVE ACPI PM +00:43:37.946408 *** +00:43:37.946423 Guest GDT (GCAddr=fffff80068e6afb0 limit=57): +00:43:37.946431 0010 - 00000000 00209b00 - base=00000000 limit=00000000 dpl=0 CodeER Accessed Present 16-bit +00:43:37.946432 0018 - 00000000 00409300 - base=00000000 limit=00000000 dpl=0 DataRW Accessed Present 32-bit +00:43:37.946433 0020 - 0000ffff 00cffb00 - base=00000000 limit=ffffffff dpl=3 CodeER Accessed Present Page 32-bit +00:43:37.946434 0028 - 0000ffff 00cff300 - base=00000000 limit=ffffffff dpl=3 DataRW Accessed Present Page 32-bit +00:43:37.946434 0030 - 00000000 0020fb00 - base=00000000 limit=00000000 dpl=3 CodeER Accessed Present 16-bit +00:43:37.946436 0040 - 90000067 68008be6 - base=68e69000 limit=00000067 dpl=0 TSS32Busy Present 16-bit +00:43:37.946437 0050 - 00003c00 0040f300 - base=00000000 limit=00003c00 dpl=3 DataRW Accessed Present 32-bit +00:43:37.946438 ************** End of Guest state at power off *************** +00:43:37.946796 Display::i_handleDisplayResize: uScreenId=0 pvVRAM=0000000000000000 w=1140 h=789 bpp=0 cbLine=0x0 flags=0x2 origin=0,0 +00:43:38.035632 PDMR3PowerOff: 89 175 589 ns run time +00:43:38.035652 Changing the VM state from 'POWERING_OFF' to 'OFF' +00:43:38.036014 Console: Machine state changed to 'Stopping' +00:43:38.037089 Console::powerDown(): A request to power off the VM has been issued (mMachineState=Stopping, InUninit=0) +00:43:38.039623 Changing the VM state from 'OFF' to 'DESTROYING' +00:43:38.039679 ************************* Statistics ************************* +00:43:38.039736 /CPUM/MSR-Totals/Reads 53 times +00:43:38.039772 /CPUM/MSR-Totals/ReadsRaisingGP 0 times +00:43:38.039792 /CPUM/MSR-Totals/ReadsUnknown 0 times +00:43:38.039801 /CPUM/MSR-Totals/Writes 7130783 times +00:43:38.039810 /CPUM/MSR-Totals/WritesRaisingGP 0 times +00:43:38.039818 /CPUM/MSR-Totals/WritesToIgnoredBits 0 times +00:43:38.039826 /CPUM/MSR-Totals/WritesUnknown 0 times +00:43:38.039842 /Devices/8237A/DmaRun 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.039851 /Devices/VMMDev/BalloonChunks 0 count +00:43:38.039861 /Devices/VMMDev/FastIrqAckR3 72873 count +00:43:38.039869 /Devices/VMMDev/FastIrqAckRZ 0 count +00:43:38.039877 /Devices/VMMDev/HGCM-Kernel/BudgetAvailable 1073741824 bytes +00:43:38.039886 /Devices/VMMDev/HGCM-Kernel/BudgetConfig 1073741824 bytes +00:43:38.039910 /Devices/VMMDev/HGCM-Kernel/BudgetOverruns 0 bytes +00:43:38.039920 /Devices/VMMDev/HGCM-Kernel/MessageHeapUsage 666 bytes/call ( 8668 bytes, 13 calls, max 1562, min 504) +00:43:38.039929 /Devices/VMMDev/HGCM-Root/BudgetAvailable 1073741824 bytes +00:43:38.039937 /Devices/VMMDev/HGCM-Root/BudgetConfig 1073741824 bytes +00:43:38.039945 /Devices/VMMDev/HGCM-Root/BudgetOverruns 0 bytes +00:43:38.039953 /Devices/VMMDev/HGCM-Root/MessageHeapUsage 768 bytes/call ( 777570 bytes, 1012 calls, max 4645, min 504) +00:43:38.039962 /Devices/VMMDev/HGCM-User/BudgetAvailable 1073741824 bytes +00:43:38.039970 /Devices/VMMDev/HGCM-User/BudgetConfig 1073741824 bytes +00:43:38.039978 /Devices/VMMDev/HGCM-User/BudgetOverruns 0 bytes +00:43:38.039986 /Devices/VMMDev/HGCM-User/MessageHeapUsage 183903 bytes/call ( 175444275 bytes, 954 calls, max 263168, min 504) +00:43:38.039994 /Devices/VMMDev/LargeReqBufAllocs 0 count +00:43:38.040003 /Devices/VMMDev/SlowIrqAck 0 count +00:43:38.040038 /Devices/apic/0 6043977 times +00:43:38.040065 /Devices/apic/0/Vectors/1f 115868 times +00:43:38.040094 /Devices/apic/0/Vectors/20 4685 times +00:43:38.040106 /Devices/apic/0/Vectors/2f 1018852 times +00:43:38.040117 /Devices/apic/0/Vectors/50 12688 times +00:43:38.040139 /Devices/apic/0/Vectors/60 5700 times +00:43:38.040152 /Devices/apic/0/Vectors/70 87163 times +00:43:38.040162 /Devices/apic/0/Vectors/80 563779 times +00:43:38.040171 /Devices/apic/0/Vectors/90 1872 times +00:43:38.040180 /Devices/apic/0/Vectors/a0 237 times +00:43:38.040190 /Devices/apic/0/Vectors/d1 4228990 times +00:43:38.040199 /Devices/apic/0/Vectors/d2 4145 times +00:43:38.040209 /Devices/e1000#0/ReceiveBytes 94269581 bytes +00:43:38.040217 /Devices/e1000#0/TransmitBytes 1480494 bytes +00:43:38.040226 /Devices/e1000#0/iStatIntLost 0 ns +00:43:38.040234 /Devices/e1000#0/iStatIntLostOne 0 ns +00:43:38.040242 /Devices/e1000#0/u64ArmedAt 0 ns +00:43:38.040251 /Devices/e1000#0/uStatDescCtx 332 ns +00:43:38.040259 /Devices/e1000#0/uStatDescDat 8720 ns +00:43:38.040268 /Devices/e1000#0/uStatDescLeg 342 ns +00:43:38.040276 /Devices/e1000#0/uStatInt 6295 ns +00:43:38.040285 /Devices/e1000#0/uStatIntEarly 0 ns +00:43:38.040293 /Devices/e1000#0/uStatIntICS 1287 ns +00:43:38.040301 /Devices/e1000#0/uStatIntIMS 1307 ns +00:43:38.040309 /Devices/e1000#0/uStatIntLate 1250 ns +00:43:38.040317 /Devices/e1000#0/uStatIntLower 595 ns +00:43:38.040326 /Devices/e1000#0/uStatIntMasked 26147 ns +00:43:38.040334 /Devices/e1000#0/uStatIntRDTR 0 ns +00:43:38.040342 /Devices/e1000#0/uStatIntRXDMT0 0 ns +00:43:38.040350 /Devices/e1000#0/uStatIntRx 66910 ns +00:43:38.040359 /Devices/e1000#0/uStatIntSkip 52339 ns +00:43:38.040367 /Devices/e1000#0/uStatIntTXQE 0 ns +00:43:38.040375 /Devices/e1000#0/uStatIntTry 84781 ns +00:43:38.040383 /Devices/e1000#0/uStatIntTx 7663 ns +00:43:38.040392 /Devices/e1000#0/uStatMaxTxDelay 0 ns +00:43:38.040400 /Devices/e1000#0/uStatNoIntICR 3221 ns +00:43:38.040408 /Devices/e1000#0/uStatRAD 0 ns +00:43:38.040416 /Devices/e1000#0/uStatRID 0 ns +00:43:38.040425 /Devices/e1000#0/uStatRxFrm 66910 ns +00:43:38.040433 /Devices/e1000#0/uStatTAD 0 ns +00:43:38.040441 /Devices/e1000#0/uStatTID 0 ns +00:43:38.040449 /Devices/e1000#0/uStatTx1514 7561 ns +00:43:38.040457 /Devices/e1000#0/uStatTx16384 11 ns +00:43:38.040465 /Devices/e1000#0/uStatTx2962 34 ns +00:43:38.040474 /Devices/e1000#0/uStatTx32768 9 ns +00:43:38.040482 /Devices/e1000#0/uStatTx4410 12 ns +00:43:38.040490 /Devices/e1000#0/uStatTx5858 20 ns +00:43:38.040499 /Devices/e1000#0/uStatTx7306 9 ns +00:43:38.040507 /Devices/e1000#0/uStatTx8754 6 ns +00:43:38.040515 /Devices/e1000#0/uStatTxDelayExp 0 ns +00:43:38.040523 /Devices/e1000#0/uStatTxDelayed 0 ns +00:43:38.040532 /Devices/e1000#0/uStatTxFrm 7663 ns +00:43:38.040540 /Devices/e1000#0/uStatTxIDE 0 ns +00:43:38.040548 /Devices/e1000#0/uStatTxLarge 1 ns +00:43:38.040556 /Devices/e1000#0/uStatTxNoRS 640 ns +00:43:38.040565 /Devices/hda/Codec/LookupsR0 0 times +00:43:38.040574 /Devices/hda/Stream0/Reset 970 ns/call ( 11650 ns, 12 calls, max 1975, min 413) +00:43:38.040586 /Devices/hda/Stream4/Cfg/FrameSize 4 bytes +00:43:38.040595 /Devices/hda/Stream4/Cfg/Hz 44100 Hz +00:43:38.040603 /Devices/hda/Stream4/DMABufSize 10764 bytes +00:43:38.040611 /Devices/hda/Stream4/DMASkippedPendingBCIS 138 times +00:43:38.040620 /Devices/hda/Stream4/Reset 1336 ns/call ( 136282 ns, 102 calls, max 2726, min 1) +00:43:38.040629 /Devices/hda/Stream4/Start 70975 ns/call ( 993653 ns, 14 calls, max 143356, min 42271) +00:43:38.040638 /Devices/hda/Stream4/Stop 4440 ns/call ( 62173 ns, 14 calls, max 6701, min 2) +00:43:38.040647 /Devices/hda/Stream4/cbCurDmaPeriod 1792 bytes +00:43:38.040656 /Devices/hda/Stream4/offRead 5205760 bytes +00:43:38.040665 /Devices/hda/Stream4/offWrite 5205760 bytes +00:43:38.040690 /Devices/mc146818/Irq 4313216 times +00:43:38.040699 /Devices/mc146818/IrqClear 4228990 times +00:43:38.040707 /Devices/mc146818/PiActive 240546 ticks/call (1017269686181 ticks, 4228990 calls, max 980956714, min 22926) +00:43:38.040716 /Devices/mc146818/PieFlip 370383 times +00:43:38.040724 /Devices/mc146818/TimerCB 4313216 times +00:43:38.040733 /Devices/vga/HgmsiMdaCgaAccesses 0 times +00:43:38.040753 /Devices/vga/VMSVGA/Cmd/3dActivateSurface 0 times +00:43:38.040761 /Devices/vga/VMSVGA/Cmd/3dBeginQuery 0 times +00:43:38.040770 /Devices/vga/VMSVGA/Cmd/3dBlitSurfaceToScreenProf 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.040779 /Devices/vga/VMSVGA/Cmd/3dClear 0 times +00:43:38.040788 /Devices/vga/VMSVGA/Cmd/3dContextDefine 0 times +00:43:38.040796 /Devices/vga/VMSVGA/Cmd/3dContextDestroy 0 times +00:43:38.040804 /Devices/vga/VMSVGA/Cmd/3dDeactivateSurface 0 times +00:43:38.040813 /Devices/vga/VMSVGA/Cmd/3dDrawPrimitives 0 times +00:43:38.040821 /Devices/vga/VMSVGA/Cmd/3dEndQuery 0 times +00:43:38.040829 /Devices/vga/VMSVGA/Cmd/3dGenerateMipmaps 0 times +00:43:38.040838 /Devices/vga/VMSVGA/Cmd/3dPresent 0 times +00:43:38.040846 /Devices/vga/VMSVGA/Cmd/3dPresentReadBack 0 times +00:43:38.040854 /Devices/vga/VMSVGA/Cmd/3dSetClipPlane 0 times +00:43:38.040862 /Devices/vga/VMSVGA/Cmd/3dSetLightData 0 times +00:43:38.040870 /Devices/vga/VMSVGA/Cmd/3dSetLightEnable 0 times +00:43:38.040878 /Devices/vga/VMSVGA/Cmd/3dSetMaterial 0 times +00:43:38.040886 /Devices/vga/VMSVGA/Cmd/3dSetRenderState 0 times +00:43:38.040895 /Devices/vga/VMSVGA/Cmd/3dSetRenderTarget 0 times +00:43:38.040903 /Devices/vga/VMSVGA/Cmd/3dSetScissorRect 0 times +00:43:38.040911 /Devices/vga/VMSVGA/Cmd/3dSetShader 0 times +00:43:38.040919 /Devices/vga/VMSVGA/Cmd/3dSetShaderConst 0 times +00:43:38.040928 /Devices/vga/VMSVGA/Cmd/3dSetTextureState 0 times +00:43:38.040936 /Devices/vga/VMSVGA/Cmd/3dSetTransform 0 times +00:43:38.040944 /Devices/vga/VMSVGA/Cmd/3dSetViewPort 0 times +00:43:38.040952 /Devices/vga/VMSVGA/Cmd/3dSetZRange 0 times +00:43:38.040960 /Devices/vga/VMSVGA/Cmd/3dShaderDefine 0 times +00:43:38.040968 /Devices/vga/VMSVGA/Cmd/3dShaderDestroy 0 times +00:43:38.040976 /Devices/vga/VMSVGA/Cmd/3dSurfaceCopy 0 times +00:43:38.040984 /Devices/vga/VMSVGA/Cmd/3dSurfaceDefine 0 times +00:43:38.040993 /Devices/vga/VMSVGA/Cmd/3dSurfaceDefineV2 0 times +00:43:38.041001 /Devices/vga/VMSVGA/Cmd/3dSurfaceDestroy 0 times +00:43:38.041009 /Devices/vga/VMSVGA/Cmd/3dSurfaceDma 0 times +00:43:38.041017 /Devices/vga/VMSVGA/Cmd/3dSurfaceScreen 0 times +00:43:38.041025 /Devices/vga/VMSVGA/Cmd/3dSurfaceStretchBlt 0 times +00:43:38.041034 /Devices/vga/VMSVGA/Cmd/3dWaitForQuery 0 times +00:43:38.041042 /Devices/vga/VMSVGA/Cmd/AnnotationCopy 0 times +00:43:38.041050 /Devices/vga/VMSVGA/Cmd/AnnotationFill 0 times +00:43:38.041058 /Devices/vga/VMSVGA/Cmd/BlitGmrFbToScreen 11074 times +00:43:38.041066 /Devices/vga/VMSVGA/Cmd/BlitScreentoGmrFb 0 times +00:43:38.041075 /Devices/vga/VMSVGA/Cmd/DefineAlphaCursor 1756 times +00:43:38.041083 /Devices/vga/VMSVGA/Cmd/DefineCursor 27 times +00:43:38.041098 /Devices/vga/VMSVGA/Cmd/DefineGmr2 0 times +00:43:38.041106 /Devices/vga/VMSVGA/Cmd/DefineGmr2/Free 0 times +00:43:38.041114 /Devices/vga/VMSVGA/Cmd/DefineGmr2/Modify 0 times +00:43:38.041122 /Devices/vga/VMSVGA/Cmd/DefineGmrFb 4 times +00:43:38.041131 /Devices/vga/VMSVGA/Cmd/DefineScreen 7 times +00:43:38.041139 /Devices/vga/VMSVGA/Cmd/DestroyScreen 0 times +00:43:38.041147 /Devices/vga/VMSVGA/Cmd/DisplayCursor 0 times +00:43:38.041155 /Devices/vga/VMSVGA/Cmd/Escape 0 times +00:43:38.041164 /Devices/vga/VMSVGA/Cmd/Fence 0 times +00:43:38.041172 /Devices/vga/VMSVGA/Cmd/InvalidCmd 0 times +00:43:38.041181 /Devices/vga/VMSVGA/Cmd/MoveCursor 0 times +00:43:38.041189 /Devices/vga/VMSVGA/Cmd/RectCopy 0 times +00:43:38.041197 /Devices/vga/VMSVGA/Cmd/RectFill 0 times +00:43:38.041205 /Devices/vga/VMSVGA/Cmd/RectRopCopy 0 times +00:43:38.041216 /Devices/vga/VMSVGA/Cmd/RemapGmr2 0 times +00:43:38.041224 /Devices/vga/VMSVGA/Cmd/RemapGmr2/Modify 0 times +00:43:38.041232 /Devices/vga/VMSVGA/Cmd/Update 0 times +00:43:38.041241 /Devices/vga/VMSVGA/Cmd/UpdateVerbose 0 times +00:43:38.041249 /Devices/vga/VMSVGA/EmtDelayOnBusyFifo 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.041258 /Devices/vga/VMSVGA/FifoCommands 0 times +00:43:38.041266 /Devices/vga/VMSVGA/FifoCursorFetchAgain 0 times +00:43:38.041274 /Devices/vga/VMSVGA/FifoCursorNoChange 0 times +00:43:38.041282 /Devices/vga/VMSVGA/FifoCursorPosition 0 times +00:43:38.041290 /Devices/vga/VMSVGA/FifoCursorVisiblity 0 times +00:43:38.041298 /Devices/vga/VMSVGA/FifoErrors 0 times +00:43:38.041306 /Devices/vga/VMSVGA/FifoExtendedSleep 1260960456 ticks/call (6815491265513 ticks, 5405 calls, max 44932499384, min 2304) +00:43:38.041325 /Devices/vga/VMSVGA/FifoStalls 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.041333 /Devices/vga/VMSVGA/FifoTodoTimeout 21 times +00:43:38.041341 /Devices/vga/VMSVGA/FifoTodoWoken 12614 times +00:43:38.041350 /Devices/vga/VMSVGA/FifoUnknownCommands 0 times +00:43:38.041358 /Devices/vga/VMSVGA/FifoWatchdogWakeUps 2 times +00:43:38.041366 /Devices/vga/VMSVGA/Reg/BitsPerPixelRead 0 times +00:43:38.041375 /Devices/vga/VMSVGA/Reg/BitsPerPixelWrite 0 times +00:43:38.041385 /Devices/vga/VMSVGA/Reg/BlueMaskRead 0 times +00:43:38.041393 /Devices/vga/VMSVGA/Reg/BusyRead 0 times +00:43:38.041401 /Devices/vga/VMSVGA/Reg/BusyWrite 0 times +00:43:38.041410 /Devices/vga/VMSVGA/Reg/BytesPerLineRead 0 times +00:43:38.041418 /Devices/vga/VMSVGA/Reg/CapabilitesRead 2 times +00:43:38.041426 /Devices/vga/VMSVGA/Reg/CmdPrependHighRead 0 times +00:43:38.041434 /Devices/vga/VMSVGA/Reg/CmdPrependHighWrite 0 times +00:43:38.041443 /Devices/vga/VMSVGA/Reg/CmdPrependLowRead 0 times +00:43:38.041451 /Devices/vga/VMSVGA/Reg/CmdPrependLowWrite 0 times +00:43:38.041459 /Devices/vga/VMSVGA/Reg/CommandHighRead 0 times +00:43:38.041468 /Devices/vga/VMSVGA/Reg/CommandHighWrite 12866 times +00:43:38.041476 /Devices/vga/VMSVGA/Reg/CommandLowRead 0 times +00:43:38.041484 /Devices/vga/VMSVGA/Reg/CommandLowWrite 12866 times +00:43:38.041492 /Devices/vga/VMSVGA/Reg/ConfigDoneRead 2 times +00:43:38.041500 /Devices/vga/VMSVGA/Reg/ConfigDoneWrite 2 times +00:43:38.041509 /Devices/vga/VMSVGA/Reg/CursorIdRead 0 times +00:43:38.041517 /Devices/vga/VMSVGA/Reg/CursorIdWrite 0 times +00:43:38.041525 /Devices/vga/VMSVGA/Reg/CursorOnRead 0 times +00:43:38.041533 /Devices/vga/VMSVGA/Reg/CursorOnWrite 0 times +00:43:38.041541 /Devices/vga/VMSVGA/Reg/CursorXRead 0 times +00:43:38.041549 /Devices/vga/VMSVGA/Reg/CursorXWrite 0 times +00:43:38.041557 /Devices/vga/VMSVGA/Reg/CursorYRead 0 times +00:43:38.041565 /Devices/vga/VMSVGA/Reg/CursorYWrite 0 times +00:43:38.041574 /Devices/vga/VMSVGA/Reg/DepthRead 0 times +00:43:38.041582 /Devices/vga/VMSVGA/Reg/DepthWrite 0 times +00:43:38.041590 /Devices/vga/VMSVGA/Reg/DevCapRead 0 times +00:43:38.041598 /Devices/vga/VMSVGA/Reg/DevCapWrite 0 times +00:43:38.041606 /Devices/vga/VMSVGA/Reg/DisplayHeightRead 0 times +00:43:38.041614 /Devices/vga/VMSVGA/Reg/DisplayHeightWrite 0 times +00:43:38.041623 /Devices/vga/VMSVGA/Reg/DisplayIdRead 0 times +00:43:38.041631 /Devices/vga/VMSVGA/Reg/DisplayIdWrite 0 times +00:43:38.041640 /Devices/vga/VMSVGA/Reg/DisplayIsPrimaryRead 0 times +00:43:38.041649 /Devices/vga/VMSVGA/Reg/DisplayIsPrimaryWrite 0 times +00:43:38.041657 /Devices/vga/VMSVGA/Reg/DisplayPositionXRead 0 times +00:43:38.041665 /Devices/vga/VMSVGA/Reg/DisplayPositionXWrite 0 times +00:43:38.041684 /Devices/vga/VMSVGA/Reg/DisplayPositionYRead 0 times +00:43:38.041692 /Devices/vga/VMSVGA/Reg/DisplayPositionYWrite 0 times +00:43:38.041701 /Devices/vga/VMSVGA/Reg/DisplayWidthRead 0 times +00:43:38.041742 /Devices/vga/VMSVGA/Reg/DisplayWidthWrite 0 times +00:43:38.041753 /Devices/vga/VMSVGA/Reg/EnableRead 2 times +00:43:38.041762 /Devices/vga/VMSVGA/Reg/EnableWrite 4 times +00:43:38.041770 /Devices/vga/VMSVGA/Reg/FbOffsetRead 0 times +00:43:38.041779 /Devices/vga/VMSVGA/Reg/FbSizeRead 0 times +00:43:38.041787 /Devices/vga/VMSVGA/Reg/FbStartRead 0 times +00:43:38.041795 /Devices/vga/VMSVGA/Reg/GBMemSizeRead 0 times +00:43:38.041803 /Devices/vga/VMSVGA/Reg/GmrDescriptorWrite 0 times +00:43:38.041812 /Devices/vga/VMSVGA/Reg/GmrDescriptorWrite/Errors 0 times +00:43:38.041820 /Devices/vga/VMSVGA/Reg/GmrDescriptorWrite/Free 0 times +00:43:38.041828 /Devices/vga/VMSVGA/Reg/GmrIdRead 0 times +00:43:38.041836 /Devices/vga/VMSVGA/Reg/GmrIdWrite 0 times +00:43:38.041845 /Devices/vga/VMSVGA/Reg/GmrMaxDescriptorLengthRead 0 times +00:43:38.041853 /Devices/vga/VMSVGA/Reg/GmrMaxIdsRead 2 times +00:43:38.041861 /Devices/vga/VMSVGA/Reg/GmrsMaxPagesRead 2 times +00:43:38.041870 /Devices/vga/VMSVGA/Reg/GreenMaskRead 0 times +00:43:38.041878 /Devices/vga/VMSVGA/Reg/GuestIdRead 0 times +00:43:38.041886 /Devices/vga/VMSVGA/Reg/GuestIdWrite 0 times +00:43:38.041894 /Devices/vga/VMSVGA/Reg/HeightRead 0 times +00:43:38.041902 /Devices/vga/VMSVGA/Reg/HeightWrite 0 times +00:43:38.041911 /Devices/vga/VMSVGA/Reg/HostBitsPerPixelRead 0 times +00:43:38.041919 /Devices/vga/VMSVGA/Reg/IdRead 2 times +00:43:38.041927 /Devices/vga/VMSVGA/Reg/IdWrite 2 times +00:43:38.041936 /Devices/vga/VMSVGA/Reg/IrqMaskRead 0 times +00:43:38.041944 /Devices/vga/VMSVGA/Reg/IrqMaskWrite 2 times +00:43:38.041953 /Devices/vga/VMSVGA/Reg/MaxHeightRead 2 times +00:43:38.041961 /Devices/vga/VMSVGA/Reg/MaxPrimBBMemRead 0 times +00:43:38.041969 /Devices/vga/VMSVGA/Reg/MaxWidthRead 2 times +00:43:38.041978 /Devices/vga/VMSVGA/Reg/MemRegsRead 2 times +00:43:38.041986 /Devices/vga/VMSVGA/Reg/MemSizeRead 2 times +00:43:38.041994 /Devices/vga/VMSVGA/Reg/MemStartRead 0 times +00:43:38.042003 /Devices/vga/VMSVGA/Reg/MemorySizeRead 2 times +00:43:38.042011 /Devices/vga/VMSVGA/Reg/MobMaxSizeRead 0 times +00:43:38.042019 /Devices/vga/VMSVGA/Reg/NumDisplaysRead 0 times +00:43:38.042028 /Devices/vga/VMSVGA/Reg/NumDisplaysWrite 0 times +00:43:38.042036 /Devices/vga/VMSVGA/Reg/NumGuestDisplaysRead 0 times +00:43:38.042045 /Devices/vga/VMSVGA/Reg/NumGuestDisplaysWrite 0 times +00:43:38.042053 /Devices/vga/VMSVGA/Reg/PaletteRead 0 times +00:43:38.042061 /Devices/vga/VMSVGA/Reg/PaletteWrite 0 times +00:43:38.042070 /Devices/vga/VMSVGA/Reg/PitchLockRead 0 times +00:43:38.042078 /Devices/vga/VMSVGA/Reg/PitchLockWrite 0 times +00:43:38.042086 /Devices/vga/VMSVGA/Reg/PseudoColorWrite 0 times +00:43:38.042094 /Devices/vga/VMSVGA/Reg/PsuedoColorRead 0 times +00:43:38.042102 /Devices/vga/VMSVGA/Reg/ReadOnlyWrite 0 times +00:43:38.042110 /Devices/vga/VMSVGA/Reg/RedMaskRead 0 times +00:43:38.042118 /Devices/vga/VMSVGA/Reg/ScratchRead 0 times +00:43:38.042127 /Devices/vga/VMSVGA/Reg/ScratchSizeRead 0 times +00:43:38.042135 /Devices/vga/VMSVGA/Reg/ScratchWrite 0 times +00:43:38.042143 /Devices/vga/VMSVGA/Reg/ScrnTgtMaxHeightRead 0 times +00:43:38.042151 /Devices/vga/VMSVGA/Reg/ScrnTgtMaxWidthRead 0 times +00:43:38.042161 /Devices/vga/VMSVGA/Reg/SyncRead 0 times +00:43:38.042170 /Devices/vga/VMSVGA/Reg/SyncWrite 0 times +00:43:38.042179 /Devices/vga/VMSVGA/Reg/TopRead 0 times +00:43:38.042188 /Devices/vga/VMSVGA/Reg/TopWrite 0 times +00:43:38.042196 /Devices/vga/VMSVGA/Reg/TracesRead 2 times +00:43:38.042204 /Devices/vga/VMSVGA/Reg/TracesWrite 2 times +00:43:38.042213 /Devices/vga/VMSVGA/Reg/UnknownRead 0 times +00:43:38.042221 /Devices/vga/VMSVGA/Reg/UnknownWrite 0 times +00:43:38.042229 /Devices/vga/VMSVGA/Reg/VramSizeRead 2 times +00:43:38.042237 /Devices/vga/VMSVGA/Reg/WidthRead 0 times +00:43:38.042266 /Devices/vga/VMSVGA/Reg/WidthWrite 0 times +00:43:38.042282 /Devices/vga/VMSVGA/Reg/WriteOnlyRead 0 times +00:43:38.042293 /Drivers/AUDIO-0/TotalStreamsCreated 14 count +00:43:38.042302 /Drivers/AUDIO-1/TotalStreamsCreated 0 count +00:43:38.042311 /Drivers/AUDIO-2/TotalStreamsCreated 0 count +00:43:38.042319 /EM/CPU0/ExitHashing/Step00-Hits 4584558 times +00:43:38.042328 /EM/CPU0/ExitHashing/Step00-NewInserts 504 times +00:43:38.042337 /EM/CPU0/ExitHashing/Step01-Hits 9833183 times +00:43:38.042345 /EM/CPU0/ExitHashing/Step01-NewInserts 192 times +00:43:38.042354 /EM/CPU0/ExitHashing/Step02-Hits 2490449 times +00:43:38.042362 /EM/CPU0/ExitHashing/Step02-NewInserts 113 times +00:43:38.042371 /EM/CPU0/ExitHashing/Step03-Hits 289628 times +00:43:38.042379 /EM/CPU0/ExitHashing/Step03-NewInserts 64 times +00:43:38.042388 /EM/CPU0/ExitHashing/Step04-Hits 7869761 times +00:43:38.042396 /EM/CPU0/ExitHashing/Step04-NewInserts 50 times +00:43:38.042405 /EM/CPU0/ExitHashing/Step05-Hits 4970378 times +00:43:38.042413 /EM/CPU0/ExitHashing/Step05-NewInserts 36 times +00:43:38.042421 /EM/CPU0/ExitHashing/Step06-Hits 370004 times +00:43:38.042430 /EM/CPU0/ExitHashing/Step06-NewInserts 28 times +00:43:38.042438 /EM/CPU0/ExitHashing/Step07-Hits 397026 times +00:43:38.042446 /EM/CPU0/ExitHashing/Step07-NewInserts 21 times +00:43:38.042455 /EM/CPU0/ExitHashing/Step08-Hits 758600 times +00:43:38.042463 /EM/CPU0/ExitHashing/Step08-NewInserts 16 times +00:43:38.042473 /EM/CPU0/ExitHashing/Used 1024 times +00:43:38.042483 /EM/CPU0/ExitOpt/Exec 41287 ticks/call ( 28511286061 ticks, 690555 calls, max 9745890, min 2854) +00:43:38.042492 /EM/CPU0/ExitOpt/ExecInstructions 33344376 times +00:43:38.042500 /EM/CPU0/ExitOpt/ExecSavedExit 2196804 times +00:43:38.042509 /EM/CPU0/ExitOpt/Probe 126773 ticks/call ( 55526656 ticks, 438 calls, max 3530862, min 15008) +00:43:38.042519 /EM/CPU0/ExitOpt/ProbeInstructions 107734 times +00:43:38.042527 /EM/CPU0/ExitOpt/ProbedExecWithMax 178 times +00:43:38.042535 /EM/CPU0/ExitOpt/ProbedNormal 260 times +00:43:38.042544 /EM/CPU0/ExitOpt/ProbedToRing3 0 times +00:43:38.042553 /GIM/HyperV/0/Stimer0_Fired 0 times +00:43:38.042562 /GIM/HyperV/0/Stimer1_Fired 0 times +00:43:38.042570 /GIM/HyperV/0/Stimer2_Fired 0 times +00:43:38.042578 /GIM/HyperV/0/Stimer3_Fired 0 times +00:43:38.042587 /GIM/Hypercalls 12 times +00:43:38.042596 /GMM/ChunkTlbHits 0 times +00:43:38.042605 /GMM/ChunkTlbMisses 0 times +00:43:38.042619 /GMM/VM/Allocated/cBasePages 0 pages +00:43:38.042628 /GMM/VM/Allocated/cFixedPages 0 pages +00:43:38.042637 /GMM/VM/Allocated/cShadowPages 0 pages +00:43:38.042645 /GMM/VM/Reserved/cBasePages 526115 pages +00:43:38.042653 /GMM/VM/Reserved/cFixedPages 34310 pages +00:43:38.042661 /GMM/VM/Reserved/cShadowPages 1 pages +00:43:38.042670 /GMM/VM/cBalloonedPages 0 pages +00:43:38.042678 /GMM/VM/cMaxBalloonedPages 0 pages +00:43:38.042708 /GMM/VM/cPrivatePages 0 pages +00:43:38.042723 /GMM/VM/cReqActuallyBalloonedPages 0 pages +00:43:38.042735 /GMM/VM/cReqBalloonedPages 0 pages +00:43:38.042745 /GMM/VM/cReqDeflatePages 0 pages +00:43:38.042754 /GMM/VM/cShareableModules 0 count +00:43:38.042762 /GMM/VM/cSharedPages 0 pages +00:43:38.042771 /GMM/VM/enmPolicy 1 +00:43:38.042780 /GMM/VM/enmPriority 2 +00:43:38.042789 /GMM/VM/fBallooningEnabled false +00:43:38.042798 /GMM/VM/fMayAllocate true +00:43:38.042807 /GMM/VM/fSharedPagingEnabled false +00:43:38.042815 /GMM/cAllocatedPages 0 pages +00:43:38.042824 /GMM/cBalloonedPages 0 pages +00:43:38.042833 /GMM/cChunks 0 count +00:43:38.042842 /GMM/cDuplicatePages 0 pages +00:43:38.042850 /GMM/cFreedChunks 0 count +00:43:38.042859 /GMM/cLeftBehindSharedPages 0 pages +00:43:38.042868 /GMM/cMaxPages 4294967295 pages +00:43:38.042877 /GMM/cOverCommittedPages 0 pages +00:43:38.042885 /GMM/cReservedPages 560426 pages +00:43:38.042894 /GMM/cShareableModules 0 count +00:43:38.042902 /GMM/cSharedPages 0 pages +00:43:38.042911 /GMM/idFreeGeneration 4611686018427387775 +00:43:38.043115 /GVMM/EMTs 1 count +00:43:38.043126 /GVMM/HostCPUs 32 count +00:43:38.043135 /GVMM/HostCpus/0 0 +00:43:38.043143 /GVMM/HostCpus/0/CurTimerHz 0 Hz +00:43:38.043151 /GVMM/HostCpus/0/DesiredHz 0 Hz +00:43:38.043160 /GVMM/HostCpus/0/PPTChanges 0 times +00:43:38.043168 /GVMM/HostCpus/0/PPTStarts 0 times +00:43:38.043177 /GVMM/HostCpus/0/idxCpuSet 0 +00:43:38.043185 /GVMM/HostCpus/1 1 +00:43:38.043194 /GVMM/HostCpus/1/CurTimerHz 0 Hz +00:43:38.043213 /GVMM/HostCpus/1/DesiredHz 0 Hz +00:43:38.043224 /GVMM/HostCpus/1/PPTChanges 0 times +00:43:38.043233 /GVMM/HostCpus/1/PPTStarts 0 times +00:43:38.043241 /GVMM/HostCpus/1/idxCpuSet 1 +00:43:38.043249 /GVMM/HostCpus/10 10 +00:43:38.043258 /GVMM/HostCpus/10/CurTimerHz 0 Hz +00:43:38.043267 /GVMM/HostCpus/10/DesiredHz 0 Hz +00:43:38.043275 /GVMM/HostCpus/10/PPTChanges 0 times +00:43:38.043284 /GVMM/HostCpus/10/PPTStarts 0 times +00:43:38.043292 /GVMM/HostCpus/10/idxCpuSet 10 +00:43:38.043300 /GVMM/HostCpus/11 11 +00:43:38.043309 /GVMM/HostCpus/11/CurTimerHz 0 Hz +00:43:38.043317 /GVMM/HostCpus/11/DesiredHz 0 Hz +00:43:38.043326 /GVMM/HostCpus/11/PPTChanges 0 times +00:43:38.043334 /GVMM/HostCpus/11/PPTStarts 0 times +00:43:38.043342 /GVMM/HostCpus/11/idxCpuSet 11 +00:43:38.043350 /GVMM/HostCpus/12 12 +00:43:38.043359 /GVMM/HostCpus/12/CurTimerHz 0 Hz +00:43:38.043367 /GVMM/HostCpus/12/DesiredHz 0 Hz +00:43:38.043375 /GVMM/HostCpus/12/PPTChanges 0 times +00:43:38.043383 /GVMM/HostCpus/12/PPTStarts 0 times +00:43:38.043391 /GVMM/HostCpus/12/idxCpuSet 12 +00:43:38.043400 /GVMM/HostCpus/13 13 +00:43:38.043408 /GVMM/HostCpus/13/CurTimerHz 0 Hz +00:43:38.043417 /GVMM/HostCpus/13/DesiredHz 0 Hz +00:43:38.043425 /GVMM/HostCpus/13/PPTChanges 0 times +00:43:38.043434 /GVMM/HostCpus/13/PPTStarts 0 times +00:43:38.043442 /GVMM/HostCpus/13/idxCpuSet 13 +00:43:38.043450 /GVMM/HostCpus/14 14 +00:43:38.043459 /GVMM/HostCpus/14/CurTimerHz 0 Hz +00:43:38.043467 /GVMM/HostCpus/14/DesiredHz 0 Hz +00:43:38.043475 /GVMM/HostCpus/14/PPTChanges 0 times +00:43:38.043484 /GVMM/HostCpus/14/PPTStarts 0 times +00:43:38.043492 /GVMM/HostCpus/14/idxCpuSet 14 +00:43:38.043501 /GVMM/HostCpus/15 15 +00:43:38.043511 /GVMM/HostCpus/15/CurTimerHz 0 Hz +00:43:38.043519 /GVMM/HostCpus/15/DesiredHz 0 Hz +00:43:38.043527 /GVMM/HostCpus/15/PPTChanges 0 times +00:43:38.043536 /GVMM/HostCpus/15/PPTStarts 0 times +00:43:38.043544 /GVMM/HostCpus/15/idxCpuSet 15 +00:43:38.043552 /GVMM/HostCpus/16 16 +00:43:38.043561 /GVMM/HostCpus/16/CurTimerHz 0 Hz +00:43:38.043569 /GVMM/HostCpus/16/DesiredHz 0 Hz +00:43:38.043578 /GVMM/HostCpus/16/PPTChanges 0 times +00:43:38.043586 /GVMM/HostCpus/16/PPTStarts 0 times +00:43:38.043594 /GVMM/HostCpus/16/idxCpuSet 16 +00:43:38.043603 /GVMM/HostCpus/17 17 +00:43:38.043611 /GVMM/HostCpus/17/CurTimerHz 0 Hz +00:43:38.043619 /GVMM/HostCpus/17/DesiredHz 0 Hz +00:43:38.043628 /GVMM/HostCpus/17/PPTChanges 0 times +00:43:38.043636 /GVMM/HostCpus/17/PPTStarts 0 times +00:43:38.043644 /GVMM/HostCpus/17/idxCpuSet 17 +00:43:38.043653 /GVMM/HostCpus/18 18 +00:43:38.043661 /GVMM/HostCpus/18/CurTimerHz 0 Hz +00:43:38.043669 /GVMM/HostCpus/18/DesiredHz 0 Hz +00:43:38.043678 /GVMM/HostCpus/18/PPTChanges 0 times +00:43:38.043686 /GVMM/HostCpus/18/PPTStarts 0 times +00:43:38.043695 /GVMM/HostCpus/18/idxCpuSet 18 +00:43:38.043703 /GVMM/HostCpus/19 19 +00:43:38.043712 /GVMM/HostCpus/19/CurTimerHz 0 Hz +00:43:38.043720 /GVMM/HostCpus/19/DesiredHz 0 Hz +00:43:38.043729 /GVMM/HostCpus/19/PPTChanges 0 times +00:43:38.043737 /GVMM/HostCpus/19/PPTStarts 0 times +00:43:38.043745 /GVMM/HostCpus/19/idxCpuSet 19 +00:43:38.043754 /GVMM/HostCpus/2 2 +00:43:38.043762 /GVMM/HostCpus/2/CurTimerHz 0 Hz +00:43:38.043770 /GVMM/HostCpus/2/DesiredHz 0 Hz +00:43:38.043779 /GVMM/HostCpus/2/PPTChanges 0 times +00:43:38.043787 /GVMM/HostCpus/2/PPTStarts 0 times +00:43:38.043795 /GVMM/HostCpus/2/idxCpuSet 2 +00:43:38.043804 /GVMM/HostCpus/20 20 +00:43:38.043812 /GVMM/HostCpus/20/CurTimerHz 0 Hz +00:43:38.043821 /GVMM/HostCpus/20/DesiredHz 0 Hz +00:43:38.043829 /GVMM/HostCpus/20/PPTChanges 0 times +00:43:38.043837 /GVMM/HostCpus/20/PPTStarts 0 times +00:43:38.043845 /GVMM/HostCpus/20/idxCpuSet 20 +00:43:38.043863 /GVMM/HostCpus/21 21 +00:43:38.043873 /GVMM/HostCpus/21/CurTimerHz 0 Hz +00:43:38.043881 /GVMM/HostCpus/21/DesiredHz 0 Hz +00:43:38.043889 /GVMM/HostCpus/21/PPTChanges 0 times +00:43:38.043898 /GVMM/HostCpus/21/PPTStarts 0 times +00:43:38.043906 /GVMM/HostCpus/21/idxCpuSet 21 +00:43:38.043914 /GVMM/HostCpus/22 22 +00:43:38.043923 /GVMM/HostCpus/22/CurTimerHz 0 Hz +00:43:38.043931 /GVMM/HostCpus/22/DesiredHz 0 Hz +00:43:38.043940 /GVMM/HostCpus/22/PPTChanges 0 times +00:43:38.043948 /GVMM/HostCpus/22/PPTStarts 0 times +00:43:38.043956 /GVMM/HostCpus/22/idxCpuSet 22 +00:43:38.043965 /GVMM/HostCpus/23 23 +00:43:38.043973 /GVMM/HostCpus/23/CurTimerHz 0 Hz +00:43:38.043982 /GVMM/HostCpus/23/DesiredHz 0 Hz +00:43:38.043990 /GVMM/HostCpus/23/PPTChanges 0 times +00:43:38.043998 /GVMM/HostCpus/23/PPTStarts 0 times +00:43:38.044006 /GVMM/HostCpus/23/idxCpuSet 23 +00:43:38.044015 /GVMM/HostCpus/24 24 +00:43:38.044024 /GVMM/HostCpus/24/CurTimerHz 0 Hz +00:43:38.044032 /GVMM/HostCpus/24/DesiredHz 0 Hz +00:43:38.044040 /GVMM/HostCpus/24/PPTChanges 0 times +00:43:38.044049 /GVMM/HostCpus/24/PPTStarts 0 times +00:43:38.044057 /GVMM/HostCpus/24/idxCpuSet 24 +00:43:38.044067 /GVMM/HostCpus/25 25 +00:43:38.044076 /GVMM/HostCpus/25/CurTimerHz 0 Hz +00:43:38.044084 /GVMM/HostCpus/25/DesiredHz 0 Hz +00:43:38.044092 /GVMM/HostCpus/25/PPTChanges 0 times +00:43:38.044101 /GVMM/HostCpus/25/PPTStarts 0 times +00:43:38.044109 /GVMM/HostCpus/25/idxCpuSet 25 +00:43:38.044118 /GVMM/HostCpus/26 26 +00:43:38.044126 /GVMM/HostCpus/26/CurTimerHz 0 Hz +00:43:38.044135 /GVMM/HostCpus/26/DesiredHz 0 Hz +00:43:38.044143 /GVMM/HostCpus/26/PPTChanges 0 times +00:43:38.044152 /GVMM/HostCpus/26/PPTStarts 0 times +00:43:38.044160 /GVMM/HostCpus/26/idxCpuSet 26 +00:43:38.044168 /GVMM/HostCpus/27 27 +00:43:38.044177 /GVMM/HostCpus/27/CurTimerHz 0 Hz +00:43:38.044185 /GVMM/HostCpus/27/DesiredHz 0 Hz +00:43:38.044193 /GVMM/HostCpus/27/PPTChanges 0 times +00:43:38.044201 /GVMM/HostCpus/27/PPTStarts 0 times +00:43:38.044210 /GVMM/HostCpus/27/idxCpuSet 27 +00:43:38.044218 /GVMM/HostCpus/28 28 +00:43:38.044227 /GVMM/HostCpus/28/CurTimerHz 0 Hz +00:43:38.044235 /GVMM/HostCpus/28/DesiredHz 0 Hz +00:43:38.044244 /GVMM/HostCpus/28/PPTChanges 0 times +00:43:38.044252 /GVMM/HostCpus/28/PPTStarts 0 times +00:43:38.044260 /GVMM/HostCpus/28/idxCpuSet 28 +00:43:38.044268 /GVMM/HostCpus/29 29 +00:43:38.044277 /GVMM/HostCpus/29/CurTimerHz 0 Hz +00:43:38.044285 /GVMM/HostCpus/29/DesiredHz 0 Hz +00:43:38.044293 /GVMM/HostCpus/29/PPTChanges 0 times +00:43:38.044302 /GVMM/HostCpus/29/PPTStarts 0 times +00:43:38.044310 /GVMM/HostCpus/29/idxCpuSet 29 +00:43:38.044319 /GVMM/HostCpus/3 3 +00:43:38.044327 /GVMM/HostCpus/3/CurTimerHz 0 Hz +00:43:38.044335 /GVMM/HostCpus/3/DesiredHz 0 Hz +00:43:38.044344 /GVMM/HostCpus/3/PPTChanges 0 times +00:43:38.044352 /GVMM/HostCpus/3/PPTStarts 0 times +00:43:38.044361 /GVMM/HostCpus/3/idxCpuSet 3 +00:43:38.044369 /GVMM/HostCpus/30 30 +00:43:38.044377 /GVMM/HostCpus/30/CurTimerHz 0 Hz +00:43:38.044386 /GVMM/HostCpus/30/DesiredHz 0 Hz +00:43:38.044394 /GVMM/HostCpus/30/PPTChanges 0 times +00:43:38.044402 /GVMM/HostCpus/30/PPTStarts 0 times +00:43:38.044411 /GVMM/HostCpus/30/idxCpuSet 30 +00:43:38.044419 /GVMM/HostCpus/31 31 +00:43:38.044427 /GVMM/HostCpus/31/CurTimerHz 0 Hz +00:43:38.044436 /GVMM/HostCpus/31/DesiredHz 0 Hz +00:43:38.044444 /GVMM/HostCpus/31/PPTChanges 0 times +00:43:38.044452 /GVMM/HostCpus/31/PPTStarts 0 times +00:43:38.044461 /GVMM/HostCpus/31/idxCpuSet 31 +00:43:38.044469 /GVMM/HostCpus/4 4 +00:43:38.044477 /GVMM/HostCpus/4/CurTimerHz 0 Hz +00:43:38.044486 /GVMM/HostCpus/4/DesiredHz 0 Hz +00:43:38.044494 /GVMM/HostCpus/4/PPTChanges 0 times +00:43:38.044502 /GVMM/HostCpus/4/PPTStarts 0 times +00:43:38.044510 /GVMM/HostCpus/4/idxCpuSet 4 +00:43:38.044518 /GVMM/HostCpus/5 5 +00:43:38.044527 /GVMM/HostCpus/5/CurTimerHz 0 Hz +00:43:38.044535 /GVMM/HostCpus/5/DesiredHz 0 Hz +00:43:38.044543 /GVMM/HostCpus/5/PPTChanges 0 times +00:43:38.044551 /GVMM/HostCpus/5/PPTStarts 0 times +00:43:38.044559 /GVMM/HostCpus/5/idxCpuSet 5 +00:43:38.044567 /GVMM/HostCpus/6 6 +00:43:38.044576 /GVMM/HostCpus/6/CurTimerHz 0 Hz +00:43:38.044584 /GVMM/HostCpus/6/DesiredHz 0 Hz +00:43:38.044592 /GVMM/HostCpus/6/PPTChanges 0 times +00:43:38.044600 /GVMM/HostCpus/6/PPTStarts 0 times +00:43:38.044608 /GVMM/HostCpus/6/idxCpuSet 6 +00:43:38.044617 /GVMM/HostCpus/7 7 +00:43:38.044626 /GVMM/HostCpus/7/CurTimerHz 0 Hz +00:43:38.044634 /GVMM/HostCpus/7/DesiredHz 0 Hz +00:43:38.044642 /GVMM/HostCpus/7/PPTChanges 0 times +00:43:38.044650 /GVMM/HostCpus/7/PPTStarts 0 times +00:43:38.044658 /GVMM/HostCpus/7/idxCpuSet 7 +00:43:38.044666 /GVMM/HostCpus/8 8 +00:43:38.044675 /GVMM/HostCpus/8/CurTimerHz 0 Hz +00:43:38.044683 /GVMM/HostCpus/8/DesiredHz 0 Hz +00:43:38.044691 /GVMM/HostCpus/8/PPTChanges 0 times +00:43:38.044699 /GVMM/HostCpus/8/PPTStarts 0 times +00:43:38.044707 /GVMM/HostCpus/8/idxCpuSet 8 +00:43:38.044715 /GVMM/HostCpus/9 9 +00:43:38.044724 /GVMM/HostCpus/9/CurTimerHz 0 Hz +00:43:38.044732 /GVMM/HostCpus/9/DesiredHz 0 Hz +00:43:38.044740 /GVMM/HostCpus/9/PPTChanges 0 times +00:43:38.044748 /GVMM/HostCpus/9/PPTStarts 0 times +00:43:38.044756 /GVMM/HostCpus/9/idxCpuSet 9 +00:43:38.044764 /GVMM/Sum/HaltBlocking 970 calls +00:43:38.044772 /GVMM/Sum/HaltCalls 466511606 calls +00:43:38.044781 /GVMM/Sum/HaltNotBlocking 466510636 calls +00:43:38.044789 /GVMM/Sum/HaltTimeouts 718 calls +00:43:38.044797 /GVMM/Sum/HaltWakeUps 0 calls +00:43:38.044806 /GVMM/Sum/PokeCalls 0 calls +00:43:38.044814 /GVMM/Sum/PokeNotBusy 0 calls +00:43:38.044822 /GVMM/Sum/PollCalls 21751 calls +00:43:38.044831 /GVMM/Sum/PollHalts 0 calls +00:43:38.044839 /GVMM/Sum/PollWakeUps 0 calls +00:43:38.044848 /GVMM/Sum/WakeUpCalls 126933 calls +00:43:38.044893 /GVMM/Sum/WakeUpNotHalted 126678 calls +00:43:38.044912 /GVMM/Sum/WakeUpWakeUps 0 calls +00:43:38.044923 /GVMM/VCpus/0/Start 0 ticks/call ( 0 ticks, 0 calls, max 0, min 0) +00:43:38.044932 /GVMM/VCpus/0/Stop 0 ticks/call ( 0 ticks, 0 calls, max 0, min 0) +00:43:38.044941 /GVMM/VCpus/0/cWakeUpTimerCanceled 0 times +00:43:38.044950 /GVMM/VCpus/0/cWakeUpTimerHits 0 times +00:43:38.044958 /GVMM/VCpus/0/cWakeUpTimerMisses 0 times +00:43:38.044966 /GVMM/VCpus/0/cWakeUpTimerSameCpu 0 times +00:43:38.044975 /GVMM/VM/HaltBlocking 970 calls +00:43:38.044983 /GVMM/VM/HaltCalls 466511606 calls +00:43:38.044991 /GVMM/VM/HaltNotBlocking 466510636 calls +00:43:38.045000 /GVMM/VM/HaltTimeouts 718 calls +00:43:38.045008 /GVMM/VM/HaltWakeUps 0 calls +00:43:38.045016 /GVMM/VM/PokeCalls 0 calls +00:43:38.045024 /GVMM/VM/PokeNotBusy 0 calls +00:43:38.045033 /GVMM/VM/PollCalls 21751 calls +00:43:38.045041 /GVMM/VM/PollHalts 0 calls +00:43:38.045049 /GVMM/VM/PollWakeUps 0 calls +00:43:38.045058 /GVMM/VM/WakeUpCalls 126933 calls +00:43:38.045066 /GVMM/VM/WakeUpNotHalted 126678 calls +00:43:38.045075 /GVMM/VM/WakeUpWakeUps 0 calls +00:43:38.045083 /GVMM/VMs 1 count +00:43:38.045092 /HGCM/FailedPageListLocking 0 count +00:43:38.045100 /HGCM/LargeCmdAllocs 1 count +00:43:38.045108 /HGCM/MsgArrival 70426 ticks/call ( 106061600 ticks, 1506 calls, max 1456944, min 6878) +00:43:38.045117 /HGCM/MsgCompletion 32003 ticks/call ( 63335567 ticks, 1979 calls, max 1429103, min 480) +00:43:38.045126 /HGCM/MsgTotal 8750803028 ticks/call (13178709361349 ticks, 1506 calls, max 3402267688190, min 24243) +00:43:38.045137 /IEM/CPU0/Exceptions/0e 678 times +00:43:38.045147 /IEM/CPU0/Interrupts/1f 114524 times +00:43:38.045157 /IEM/CPU0/Interrupts/20 4644 times +00:43:38.045167 /IEM/CPU0/Interrupts/2f 984610 times +00:43:38.045176 /IEM/CPU0/Interrupts/50 12688 times +00:43:38.045185 /IEM/CPU0/Interrupts/60 5700 times +00:43:38.045194 /IEM/CPU0/Interrupts/70 87163 times +00:43:38.045204 /IEM/CPU0/Interrupts/80 563779 times +00:43:38.045212 /IEM/CPU0/Interrupts/90 1872 times +00:43:38.045221 /IEM/CPU0/Interrupts/a0 237 times +00:43:38.045231 /IEM/CPU0/Interrupts/d1 4217089 times +00:43:38.045239 /IEM/CPU0/Interrupts/d2 4145 times +00:43:38.045250 /IEM/CPU0/Tlb/Code/InvlPg 0 +00:43:38.045258 /IEM/CPU0/Tlb/Code/InvlPg/LargeGlobal 0 +00:43:38.045267 /IEM/CPU0/Tlb/Code/InvlPg/LargeNonGlobal 0 +00:43:38.045275 /IEM/CPU0/Tlb/Code/LargePageGlobalCurLoads 0 count +00:43:38.045283 /IEM/CPU0/Tlb/Code/LargePageGlobalFirstTag ffffffffffffffff count +00:43:38.045291 /IEM/CPU0/Tlb/Code/LargePageGlobalLastTag 0 count +00:43:38.045300 /IEM/CPU0/Tlb/Code/LargePageNonGlobalCurLoads 0 count +00:43:38.045308 /IEM/CPU0/Tlb/Code/LargePageNonGlobalFirstTag ffffffffffffffff count +00:43:38.045316 /IEM/CPU0/Tlb/Code/LargePageNonGlobalLastTag 0 count +00:43:38.045324 /IEM/CPU0/Tlb/Code/Misses 0 count +00:43:38.045332 /IEM/CPU0/Tlb/Code/Misses/GlobalLoads 0 count +00:43:38.045341 /IEM/CPU0/Tlb/Code/PhysicalRevision fffffffffffce000 +00:43:38.045349 /IEM/CPU0/Tlb/Code/PhysicalRevisionFlushes 0 +00:43:38.045357 /IEM/CPU0/Tlb/Code/PhysicalRevisionRollovers 0 +00:43:38.045365 /IEM/CPU0/Tlb/Code/RevisionGlobal fffff38000000000 +00:43:38.045373 /IEM/CPU0/Tlb/Code/RevisionGlobalFlushes 0 +00:43:38.045381 /IEM/CPU0/Tlb/Code/RevisionNonGlobal fffff38000000000 +00:43:38.045390 /IEM/CPU0/Tlb/Code/RevisionNonGlobalFlushes 0 +00:43:38.045398 /IEM/CPU0/Tlb/Code/RevisionRollovers 0 +00:43:38.045406 /IEM/CPU0/Tlb/Code/SlowReads 0 count +00:43:38.045414 /IEM/CPU0/Tlb/Data/InvlPg 0 +00:43:38.045422 /IEM/CPU0/Tlb/Data/InvlPg/LargeGlobal 0 +00:43:38.045430 /IEM/CPU0/Tlb/Data/InvlPg/LargeNonGlobal 0 +00:43:38.045438 /IEM/CPU0/Tlb/Data/LargePageGlobalCurLoads 0 count +00:43:38.045446 /IEM/CPU0/Tlb/Data/LargePageGlobalFirstTag ffffffffffffffff count +00:43:38.045454 /IEM/CPU0/Tlb/Data/LargePageGlobalLastTag 0 count +00:43:38.045462 /IEM/CPU0/Tlb/Data/LargePageNonGlobalCurLoads 0 count +00:43:38.045470 /IEM/CPU0/Tlb/Data/LargePageNonGlobalFirstTag ffffffffffffffff count +00:43:38.045479 /IEM/CPU0/Tlb/Data/LargePageNonGlobalLastTag 0 count +00:43:38.045487 /IEM/CPU0/Tlb/Data/Misses 0 count +00:43:38.045496 /IEM/CPU0/Tlb/Data/Misses/Core 0 count +00:43:38.045504 /IEM/CPU0/Tlb/Data/Misses/Core/GlobalLoads 0 count +00:43:38.045512 /IEM/CPU0/Tlb/Data/Misses/Safe 0 count +00:43:38.045520 /IEM/CPU0/Tlb/Data/Misses/Safe/Reads 0 count +00:43:38.045528 /IEM/CPU0/Tlb/Data/Misses/Safe/SubPartHits 0 count +00:43:38.045536 /IEM/CPU0/Tlb/Data/Misses/Safe/SubPartMisses 0 count +00:43:38.045544 /IEM/CPU0/Tlb/Data/Misses/Safe/SubPartMisses/GlobalLoads 0 count +00:43:38.045552 /IEM/CPU0/Tlb/Data/Misses/Safe/Writes 0 count +00:43:38.045560 /IEM/CPU0/Tlb/Data/PhysicalRevision fffffffffffce000 +00:43:38.045568 /IEM/CPU0/Tlb/Data/PhysicalRevisionFlushes 0 +00:43:38.045577 /IEM/CPU0/Tlb/Data/PhysicalRevisionRollovers 0 +00:43:38.045585 /IEM/CPU0/Tlb/Data/RevisionGlobal fffff38000000000 +00:43:38.045593 /IEM/CPU0/Tlb/Data/RevisionGlobalFlushes 0 +00:43:38.045601 /IEM/CPU0/Tlb/Data/RevisionNonGlobal fffff38000000000 +00:43:38.045609 /IEM/CPU0/Tlb/Data/RevisionNonGlobalFlushes 0 +00:43:38.045617 /IEM/CPU0/Tlb/Data/RevisionRollovers 0 +00:43:38.045625 /IEM/CPU0/cInstructions 36420305 count +00:43:38.045633 /IEM/CPU0/cLongJumps 678 bytes +00:43:38.045643 /IEM/CPU0/cMisalignedAtomics 0 bytes +00:43:38.045652 /IEM/CPU0/cPendingCommit 0 bytes +00:43:38.045660 /IEM/CPU0/cPotentialExits 6883179 count +00:43:38.045668 /IEM/CPU0/cRetAspectNotImplemented 0 count +00:43:38.045676 /IEM/CPU0/cRetErrStatuses 0 count +00:43:38.045684 /IEM/CPU0/cRetInfStatuses 0 count +00:43:38.045692 /IEM/CPU0/cRetInstrNotImplemented 0 count +00:43:38.045700 /IEM/CPU0/cbWritten 34463671 bytes +00:43:38.045708 /IOM/MmioMappingsStale 0 ticks/call +00:43:38.045717 /IOM/MmioTooDeepRecursion 0 times +00:43:38.045725 /NEM/CPU0/BreakOnCancel 0 times +00:43:38.045733 /NEM/CPU0/BreakOnFFPost 82884 times +00:43:38.045742 /NEM/CPU0/BreakOnFFPre 1775735 times +00:43:38.045750 /NEM/CPU0/BreakOnStatus 2681751 times +00:43:38.045758 /NEM/CPU0/CancelAlertedEMT 0 times +00:43:38.045766 /NEM/CPU0/CancelChangedState 0 times +00:43:38.045774 /NEM/CPU0/ExitCpuId 169908 times +00:43:38.045783 /NEM/CPU0/ExitException 12 times +00:43:38.045791 /NEM/CPU0/ExitExceptionBp 0 times +00:43:38.045799 /NEM/CPU0/ExitExceptionDb 0 times +00:43:38.045807 /NEM/CPU0/ExitExceptionGp 0 times +00:43:38.045816 /NEM/CPU0/ExitExceptionGpMesa 0 times +00:43:38.045824 /NEM/CPU0/ExitExceptionUd 12 times +00:43:38.045832 /NEM/CPU0/ExitExceptionUdHandled 12 times +00:43:38.045840 /NEM/CPU0/ExitHalt 2681070 times +00:43:38.045848 /NEM/CPU0/ExitInterruptWindow 2509977 times +00:43:38.045857 /NEM/CPU0/ExitMemIntercept 0 times +00:43:38.045865 /NEM/CPU0/ExitMemUnmapped 3577443 times +00:43:38.045873 /NEM/CPU0/ExitMsr 7130835 times +00:43:38.045882 /NEM/CPU0/ExitPortIo 20695381 times +00:43:38.045890 /NEM/CPU0/ExitUnrecoverable 0 times +00:43:38.045898 /NEM/CPU0/GetMsgTimeout 0 times +00:43:38.045906 /NEM/CPU0/ImportOnDemand 1437828 times +00:43:38.045915 /NEM/CPU0/ImportOnReturn 4533790 times +00:43:38.045923 /NEM/CPU0/ImportOnReturnSkipped 6580 times +00:43:38.045931 /NEM/CPU0/QueryCpuTick 7 times +00:43:38.045939 /NEM/CPU0/StopCpuPending 0 times +00:43:38.045947 /NEM/CPU0/StopCpuPendingAlerts 0 times +00:43:38.045955 /NEM/CPU0/StopCpuPendingOdd 0 times +00:43:38.045964 /NEM/CPU0/StopCpuSuccess 0 times +00:43:38.045972 /NEM/PagesCurrentlyMapped 4294966411 pages +00:43:38.045980 /NEM/PagesMapCalls 920 pages +00:43:38.045988 /NEM/PagesMapFails 0 pages +00:43:38.045997 /NEM/PagesMapGpaRange 2180095 ticks/call ( 176587759 ticks, 81 calls, max 46385974, min 28268) +00:43:38.046006 /NEM/PagesMapGpaRangePage 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.046014 /NEM/PagesUnmapCalls 1805 pages +00:43:38.046023 /NEM/PagesUnmapFails 0 pages +00:43:38.046031 /NEM/PagesUnmapGpaRange 1265405 ticks/call ( 80985932 ticks, 64 calls, max 5282824, min 29754) +00:43:38.046039 /NEM/PagesUnmapGpaRangePage 17290 ticks/call ( 31209269 ticks, 1805 calls, max 202830, min 6796) +00:43:38.046051 /NEM/R0Stats/cPagesAvailable 0 pages +00:43:38.046059 /NEM/R0Stats/cPagesInUse 0 pages +00:43:38.046068 /PDM/BlkCache/cbCached 0 bytes +00:43:38.046076 /PDM/BlkCache/cbCachedFru 0 bytes +00:43:38.046084 /PDM/BlkCache/cbCachedMruIn 0 bytes +00:43:38.046092 /PDM/BlkCache/cbCachedMruOut 0 bytes +00:43:38.046101 /PDM/BlkCache/cbMax 5242880 bytes +00:43:38.046109 /PDM/CritSects/00-AbortedEnters 0 times +00:43:38.046117 /PDM/CritSects/00-EntersWhileAborting 0 times +00:43:38.046125 /PDM/CritSects/00-Non-interruptible-Waits-VINF_SUCCESS 0 times +00:43:38.046134 /PDM/CritSects/00-QueuedLeaves 0 times +00:43:38.046143 /PDM/CritSects/00-VERR_INTERRUPTED 0 times +00:43:38.046151 /PDM/CritSects/00-VERR_TIMEOUT 0 times +00:43:38.046159 /PDM/CritSects/8237A#0Auto/ContentionR3 0 times +00:43:38.046167 /PDM/CritSects/8237A#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046176 /PDM/CritSects/8237A#0Auto/ContentionRZLock 0 times +00:43:38.046184 /PDM/CritSects/8237A#0Auto/ContentionRZLockBusy 0 times +00:43:38.046192 /PDM/CritSects/8237A#0Auto/ContentionRZUnlock 0 times +00:43:38.046200 /PDM/CritSects/8237A#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046209 /PDM/CritSects/AHCI#0/ContentionR3 106 times +00:43:38.046217 /PDM/CritSects/AHCI#0/ContentionR3Wait 70808 ticks/time ( 7505695 ticks, 106 times, max 532839, min 7038) +00:43:38.046226 /PDM/CritSects/AHCI#0/ContentionRZLock 0 times +00:43:38.046234 /PDM/CritSects/AHCI#0/ContentionRZLockBusy 0 times +00:43:38.046242 /PDM/CritSects/AHCI#0/ContentionRZUnlock 0 times +00:43:38.046250 /PDM/CritSects/AHCI#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046258 /PDM/CritSects/E1000#0/ContentionR3 13 times +00:43:38.046267 /PDM/CritSects/E1000#0/ContentionR3Wait 71011 ticks/time ( 923154 ticks, 13 times, max 332866, min 10122) +00:43:38.046275 /PDM/CritSects/E1000#0/ContentionRZLock 0 times +00:43:38.046283 /PDM/CritSects/E1000#0/ContentionRZLockBusy 0 times +00:43:38.046291 /PDM/CritSects/E1000#0/ContentionRZUnlock 0 times +00:43:38.046299 /PDM/CritSects/E1000#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046308 /PDM/CritSects/E1000#0RX/ContentionR3 4 times +00:43:38.046316 /PDM/CritSects/E1000#0RX/ContentionR3Wait 75112 ticks/time ( 300449 ticks, 4 times, max 233809, min 21490) +00:43:38.046325 /PDM/CritSects/E1000#0RX/ContentionRZLock 0 times +00:43:38.046333 /PDM/CritSects/E1000#0RX/ContentionRZLockBusy 0 times +00:43:38.046341 /PDM/CritSects/E1000#0RX/ContentionRZUnlock 0 times +00:43:38.046349 /PDM/CritSects/E1000#0RX/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046357 /PDM/CritSects/E1000#0TX/ContentionR3 0 times +00:43:38.046377 /PDM/CritSects/E1000#0TX/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046386 /PDM/CritSects/E1000#0TX/ContentionRZLock 0 times +00:43:38.046394 /PDM/CritSects/E1000#0TX/ContentionRZLockBusy 0 times +00:43:38.046402 /PDM/CritSects/E1000#0TX/ContentionRZUnlock 0 times +00:43:38.046410 /PDM/CritSects/E1000#0TX/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046419 /PDM/CritSects/GIMDev#0Auto/ContentionR3 0 times +00:43:38.046427 /PDM/CritSects/GIMDev#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046436 /PDM/CritSects/GIMDev#0Auto/ContentionRZLock 0 times +00:43:38.046444 /PDM/CritSects/GIMDev#0Auto/ContentionRZLockBusy 0 times +00:43:38.046452 /PDM/CritSects/GIMDev#0Auto/ContentionRZUnlock 0 times +00:43:38.046460 /PDM/CritSects/GIMDev#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046469 /PDM/CritSects/HDA/ContentionR3 0 times +00:43:38.046476 /PDM/CritSects/HDA/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046485 /PDM/CritSects/HDA/ContentionRZLock 0 times +00:43:38.046493 /PDM/CritSects/HDA/ContentionRZLockBusy 0 times +00:43:38.046502 /PDM/CritSects/HDA/ContentionRZUnlock 0 times +00:43:38.046510 /PDM/CritSects/HDA/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046519 /PDM/CritSects/NOP/ContentionR3 0 times +00:43:38.046527 /PDM/CritSects/NOP/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046536 /PDM/CritSects/NOP/ContentionRZLock 0 times +00:43:38.046544 /PDM/CritSects/NOP/ContentionRZLockBusy 0 times +00:43:38.046552 /PDM/CritSects/NOP/ContentionRZUnlock 0 times +00:43:38.046560 /PDM/CritSects/NOP/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046568 /PDM/CritSects/PDM/ContentionR3 8857 times +00:43:38.046576 /PDM/CritSects/PDM/ContentionR3Wait 123534 ticks/time ( 1094143219 ticks, 8857 times, max 7534679, min 6100) +00:43:38.046584 /PDM/CritSects/PDM/ContentionRZLock 0 times +00:43:38.046592 /PDM/CritSects/PDM/ContentionRZLockBusy 0 times +00:43:38.046600 /PDM/CritSects/PDM/ContentionRZUnlock 0 times +00:43:38.046608 /PDM/CritSects/PDM/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046617 /PDM/CritSects/PGM/ContentionR3 72303 times +00:43:38.046625 /PDM/CritSects/PGM/ContentionR3Wait 200421 ticks/time ( 14491265736 ticks, 72304 times, max 20733536, min 1494) +00:43:38.046634 /PDM/CritSects/PGM/ContentionRZLock 0 times +00:43:38.046642 /PDM/CritSects/PGM/ContentionRZLockBusy 0 times +00:43:38.046650 /PDM/CritSects/PGM/ContentionRZUnlock 0 times +00:43:38.046658 /PDM/CritSects/PGM/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046666 /PDM/CritSects/TM VirtualSync Lock/ContentionR3 0 times +00:43:38.046674 /PDM/CritSects/TM VirtualSync Lock/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046682 /PDM/CritSects/TM VirtualSync Lock/ContentionRZLock 0 times +00:43:38.046690 /PDM/CritSects/TM VirtualSync Lock/ContentionRZLockBusy 0 times +00:43:38.046698 /PDM/CritSects/TM VirtualSync Lock/ContentionRZUnlock 0 times +00:43:38.046706 /PDM/CritSects/TM VirtualSync Lock/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046715 /PDM/CritSects/TM real queue timer lock/ContentionR3 0 times +00:43:38.046723 /PDM/CritSects/TM real queue timer lock/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046731 /PDM/CritSects/TM real queue timer lock/ContentionRZLock 0 times +00:43:38.046740 /PDM/CritSects/TM real queue timer lock/ContentionRZLockBusy 0 times +00:43:38.046748 /PDM/CritSects/TM real queue timer lock/ContentionRZUnlock 0 times +00:43:38.046756 /PDM/CritSects/TM real queue timer lock/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046764 /PDM/CritSects/TM tsc queue timer lock/ContentionR3 0 times +00:43:38.046772 /PDM/CritSects/TM tsc queue timer lock/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046780 /PDM/CritSects/TM tsc queue timer lock/ContentionRZLock 0 times +00:43:38.046788 /PDM/CritSects/TM tsc queue timer lock/ContentionRZLockBusy 0 times +00:43:38.046796 /PDM/CritSects/TM tsc queue timer lock/ContentionRZUnlock 0 times +00:43:38.046804 /PDM/CritSects/TM tsc queue timer lock/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046813 /PDM/CritSects/TM virtual queue timer lock/ContentionR3 0 times +00:43:38.046821 /PDM/CritSects/TM virtual queue timer lock/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046830 /PDM/CritSects/TM virtual queue timer lock/ContentionRZLock 0 times +00:43:38.046838 /PDM/CritSects/TM virtual queue timer lock/ContentionRZLockBusy 0 times +00:43:38.046847 /PDM/CritSects/TM virtual queue timer lock/ContentionRZUnlock 0 times +00:43:38.046855 /PDM/CritSects/TM virtual queue timer lock/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046863 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionR3 0 times +00:43:38.046871 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046879 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionRZLock 0 times +00:43:38.046887 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionRZLockBusy 0 times +00:43:38.046895 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionRZUnlock 0 times +00:43:38.046903 /PDM/CritSects/TM virtual_sync queue timer lock/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046911 /PDM/CritSects/VGA#0/ContentionR3 1209 times +00:43:38.046919 /PDM/CritSects/VGA#0/ContentionR3Wait 101686 ticks/time ( 122938484 ticks, 1209 times, max 3470569, min 6688) +00:43:38.046928 /PDM/CritSects/VGA#0/ContentionRZLock 0 times +00:43:38.046936 /PDM/CritSects/VGA#0/ContentionRZLockBusy 0 times +00:43:38.046944 /PDM/CritSects/VGA#0/ContentionRZUnlock 0 times +00:43:38.046952 /PDM/CritSects/VGA#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046960 /PDM/CritSects/VGA#0_IRQ/ContentionR3 0 times +00:43:38.046968 /PDM/CritSects/VGA#0_IRQ/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.046976 /PDM/CritSects/VGA#0_IRQ/ContentionRZLock 0 times +00:43:38.046984 /PDM/CritSects/VGA#0_IRQ/ContentionRZLockBusy 0 times +00:43:38.046992 /PDM/CritSects/VGA#0_IRQ/ContentionRZUnlock 0 times +00:43:38.047000 /PDM/CritSects/VGA#0_IRQ/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047008 /PDM/CritSects/VMMDev#0/ContentionR3 225 times +00:43:38.047016 /PDM/CritSects/VMMDev#0/ContentionR3Wait 166288 ticks/time ( 37414881 ticks, 225 times, max 746599, min 14280) +00:43:38.047025 /PDM/CritSects/VMMDev#0/ContentionRZLock 0 times +00:43:38.047033 /PDM/CritSects/VMMDev#0/ContentionRZLockBusy 0 times +00:43:38.047041 /PDM/CritSects/VMMDev#0/ContentionRZUnlock 0 times +00:43:38.047049 /PDM/CritSects/VMMDev#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047057 /PDM/CritSects/acpi#0/ContentionR3 0 times +00:43:38.047065 /PDM/CritSects/acpi#0/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047073 /PDM/CritSects/acpi#0/ContentionRZLock 0 times +00:43:38.047081 /PDM/CritSects/acpi#0/ContentionRZLockBusy 0 times +00:43:38.047089 /PDM/CritSects/acpi#0/ContentionRZUnlock 0 times +00:43:38.047097 /PDM/CritSects/acpi#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047106 /PDM/CritSects/efi#0Auto/ContentionR3 0 times +00:43:38.047114 /PDM/CritSects/efi#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047122 /PDM/CritSects/efi#0Auto/ContentionRZLock 0 times +00:43:38.047130 /PDM/CritSects/efi#0Auto/ContentionRZLockBusy 0 times +00:43:38.047138 /PDM/CritSects/efi#0Auto/ContentionRZUnlock 0 times +00:43:38.047146 /PDM/CritSects/efi#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047154 /PDM/CritSects/mc146818#0Auto/ContentionR3 0 times +00:43:38.047163 /PDM/CritSects/mc146818#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047172 /PDM/CritSects/mc146818#0Auto/ContentionRZLock 0 times +00:43:38.047180 /PDM/CritSects/mc146818#0Auto/ContentionRZLockBusy 0 times +00:43:38.047188 /PDM/CritSects/mc146818#0Auto/ContentionRZUnlock 0 times +00:43:38.047195 /PDM/CritSects/mc146818#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047204 /PDM/CritSects/pcarch#0Auto/ContentionR3 0 times +00:43:38.047212 /PDM/CritSects/pcarch#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047220 /PDM/CritSects/pcarch#0Auto/ContentionRZLock 0 times +00:43:38.047228 /PDM/CritSects/pcarch#0Auto/ContentionRZLockBusy 0 times +00:43:38.047236 /PDM/CritSects/pcarch#0Auto/ContentionRZUnlock 0 times +00:43:38.047244 /PDM/CritSects/pcarch#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047252 /PDM/CritSects/pckbd#0Auto/ContentionR3 0 times +00:43:38.047260 /PDM/CritSects/pckbd#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047268 /PDM/CritSects/pckbd#0Auto/ContentionRZLock 0 times +00:43:38.047276 /PDM/CritSects/pckbd#0Auto/ContentionRZLockBusy 0 times +00:43:38.047284 /PDM/CritSects/pckbd#0Auto/ContentionRZUnlock 0 times +00:43:38.047292 /PDM/CritSects/pckbd#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047300 /PDM/CritSects/pit#0/ContentionR3 0 times +00:43:38.047308 /PDM/CritSects/pit#0/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047317 /PDM/CritSects/pit#0/ContentionRZLock 0 times +00:43:38.047324 /PDM/CritSects/pit#0/ContentionRZLockBusy 0 times +00:43:38.047332 /PDM/CritSects/pit#0/ContentionRZUnlock 0 times +00:43:38.047340 /PDM/CritSects/pit#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047348 /PDM/CritSects/usb-xhci#0Auto/ContentionR3 0 times +00:43:38.047357 /PDM/CritSects/usb-xhci#0Auto/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047365 /PDM/CritSects/usb-xhci#0Auto/ContentionRZLock 0 times +00:43:38.047373 /PDM/CritSects/usb-xhci#0Auto/ContentionRZLockBusy 0 times +00:43:38.047381 /PDM/CritSects/usb-xhci#0Auto/ContentionRZUnlock 0 times +00:43:38.047389 /PDM/CritSects/usb-xhci#0Auto/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047397 /PDM/CritSects/xHCIIntr#0/ContentionR3 0 times +00:43:38.047405 /PDM/CritSects/xHCIIntr#0/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047414 /PDM/CritSects/xHCIIntr#0/ContentionRZLock 0 times +00:43:38.047422 /PDM/CritSects/xHCIIntr#0/ContentionRZLockBusy 0 times +00:43:38.047430 /PDM/CritSects/xHCIIntr#0/ContentionRZUnlock 0 times +00:43:38.047437 /PDM/CritSects/xHCIIntr#0/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047446 /PDM/CritSects/xHCIIntr#1/ContentionR3 0 times +00:43:38.047454 /PDM/CritSects/xHCIIntr#1/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047462 /PDM/CritSects/xHCIIntr#1/ContentionRZLock 0 times +00:43:38.047470 /PDM/CritSects/xHCIIntr#1/ContentionRZLockBusy 0 times +00:43:38.047478 /PDM/CritSects/xHCIIntr#1/ContentionRZUnlock 0 times +00:43:38.047486 /PDM/CritSects/xHCIIntr#1/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047495 /PDM/CritSects/xHCIIntr#2/ContentionR3 0 times +00:43:38.047503 /PDM/CritSects/xHCIIntr#2/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047511 /PDM/CritSects/xHCIIntr#2/ContentionRZLock 0 times +00:43:38.047519 /PDM/CritSects/xHCIIntr#2/ContentionRZLockBusy 0 times +00:43:38.047527 /PDM/CritSects/xHCIIntr#2/ContentionRZUnlock 0 times +00:43:38.047535 /PDM/CritSects/xHCIIntr#2/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047543 /PDM/CritSects/xHCIIntr#3/ContentionR3 0 times +00:43:38.047551 /PDM/CritSects/xHCIIntr#3/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047560 /PDM/CritSects/xHCIIntr#3/ContentionRZLock 0 times +00:43:38.047567 /PDM/CritSects/xHCIIntr#3/ContentionRZLockBusy 0 times +00:43:38.047575 /PDM/CritSects/xHCIIntr#3/ContentionRZUnlock 0 times +00:43:38.047583 /PDM/CritSects/xHCIIntr#3/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047591 /PDM/CritSects/xHCIIntr#4/ContentionR3 0 times +00:43:38.047599 /PDM/CritSects/xHCIIntr#4/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047608 /PDM/CritSects/xHCIIntr#4/ContentionRZLock 0 times +00:43:38.047615 /PDM/CritSects/xHCIIntr#4/ContentionRZLockBusy 0 times +00:43:38.047623 /PDM/CritSects/xHCIIntr#4/ContentionRZUnlock 0 times +00:43:38.047631 /PDM/CritSects/xHCIIntr#4/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047640 /PDM/CritSects/xHCIIntr#5/ContentionR3 0 times +00:43:38.047647 /PDM/CritSects/xHCIIntr#5/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047656 /PDM/CritSects/xHCIIntr#5/ContentionRZLock 0 times +00:43:38.047663 /PDM/CritSects/xHCIIntr#5/ContentionRZLockBusy 0 times +00:43:38.047671 /PDM/CritSects/xHCIIntr#5/ContentionRZUnlock 0 times +00:43:38.047679 /PDM/CritSects/xHCIIntr#5/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047688 /PDM/CritSects/xHCIIntr#6/ContentionR3 0 times +00:43:38.047696 /PDM/CritSects/xHCIIntr#6/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047705 /PDM/CritSects/xHCIIntr#6/ContentionRZLock 0 times +00:43:38.047713 /PDM/CritSects/xHCIIntr#6/ContentionRZLockBusy 0 times +00:43:38.047738 /PDM/CritSects/xHCIIntr#6/ContentionRZUnlock 0 times +00:43:38.047757 /PDM/CritSects/xHCIIntr#6/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047769 /PDM/CritSects/xHCIIntr#7/ContentionR3 0 times +00:43:38.047777 /PDM/CritSects/xHCIIntr#7/ContentionR3Wait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047786 /PDM/CritSects/xHCIIntr#7/ContentionRZLock 0 times +00:43:38.047795 /PDM/CritSects/xHCIIntr#7/ContentionRZLockBusy 0 times +00:43:38.047803 /PDM/CritSects/xHCIIntr#7/ContentionRZUnlock 0 times +00:43:38.047811 /PDM/CritSects/xHCIIntr#7/ContentionRZWait 0 ticks/time ( 0 ticks, 0 times, max 0, min -1) +00:43:38.047820 /PDM/CritSectsRw/00-EnterSharedWhileAborting 0 times +00:43:38.047828 /PDM/CritSectsRw/00-Excl-Non-interruptible-Waits-VINF_SUCCESS 0 times +00:43:38.047836 /PDM/CritSectsRw/00-Excl-VERR_INTERRUPTED 0 times +00:43:38.047845 /PDM/CritSectsRw/00-Excl-VERR_TIMEOUT 0 times +00:43:38.047853 /PDM/CritSectsRw/00-Shared-Non-interruptible-Waits-VINF_SUCCESS 0 times +00:43:38.047861 /PDM/CritSectsRw/00-Shared-VERR_INTERRUPTED 0 times +00:43:38.047869 /PDM/CritSectsRw/00-Shared-VERR_TIMEOUT 0 times +00:43:38.047879 /PDM/CritSectsRw/IOM Lock/ContentionR3EnterExcl 0 times +00:43:38.047888 /PDM/CritSectsRw/IOM Lock/ContentionR3EnterShared 0 times +00:43:38.047896 /PDM/CritSectsRw/IOM Lock/ContentionR3LeaveExcl 0 times +00:43:38.047904 /PDM/CritSectsRw/IOM Lock/ContentionRZEnterExcl 0 times +00:43:38.047912 /PDM/CritSectsRw/IOM Lock/ContentionRZEnterShared 0 times +00:43:38.047920 /PDM/CritSectsRw/IOM Lock/ContentionRZLeaveExcl 0 times +00:43:38.047928 /PDM/CritSectsRw/IOM Lock/ContentionRZLeaveShared 0 times +00:43:38.047936 /PDM/CritSectsRw/IOM Lock/R3EnterExcl 511 times +00:43:38.047944 /PDM/CritSectsRw/IOM Lock/R3EnterShared 21253530 times +00:43:38.047952 /PDM/CritSectsRw/IOM Lock/RZEnterExcl 0 times +00:43:38.047961 /PDM/CritSectsRw/IOM Lock/RZEnterShared 0 times +00:43:38.047968 /PDM/CritSectsRw/TM real queue alloc lock/ContentionR3EnterExcl 0 times +00:43:38.047976 /PDM/CritSectsRw/TM real queue alloc lock/ContentionR3EnterShared 0 times +00:43:38.047985 /PDM/CritSectsRw/TM real queue alloc lock/ContentionR3LeaveExcl 0 times +00:43:38.047993 /PDM/CritSectsRw/TM real queue alloc lock/ContentionRZEnterExcl 0 times +00:43:38.048001 /PDM/CritSectsRw/TM real queue alloc lock/ContentionRZEnterShared 0 times +00:43:38.048008 /PDM/CritSectsRw/TM real queue alloc lock/ContentionRZLeaveExcl 0 times +00:43:38.048016 /PDM/CritSectsRw/TM real queue alloc lock/ContentionRZLeaveShared 0 times +00:43:38.048024 /PDM/CritSectsRw/TM real queue alloc lock/R3EnterExcl 8 times +00:43:38.048032 /PDM/CritSectsRw/TM real queue alloc lock/R3EnterShared 5 times +00:43:38.048040 /PDM/CritSectsRw/TM real queue alloc lock/RZEnterExcl 0 times +00:43:38.048049 /PDM/CritSectsRw/TM real queue alloc lock/RZEnterShared 0 times +00:43:38.048057 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionR3EnterExcl 0 times +00:43:38.048065 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionR3EnterShared 0 times +00:43:38.048073 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionR3LeaveExcl 0 times +00:43:38.048082 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionRZEnterExcl 0 times +00:43:38.048090 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionRZEnterShared 0 times +00:43:38.048098 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionRZLeaveExcl 0 times +00:43:38.048106 /PDM/CritSectsRw/TM tsc queue alloc lock/ContentionRZLeaveShared 0 times +00:43:38.048114 /PDM/CritSectsRw/TM tsc queue alloc lock/R3EnterExcl 0 times +00:43:38.048122 /PDM/CritSectsRw/TM tsc queue alloc lock/R3EnterShared 5 times +00:43:38.048130 /PDM/CritSectsRw/TM tsc queue alloc lock/RZEnterExcl 0 times +00:43:38.048138 /PDM/CritSectsRw/TM tsc queue alloc lock/RZEnterShared 0 times +00:43:38.048146 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionR3EnterExcl 0 times +00:43:38.048154 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionR3EnterShared 0 times +00:43:38.048162 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionR3LeaveExcl 0 times +00:43:38.048170 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionRZEnterExcl 0 times +00:43:38.048178 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionRZEnterShared 0 times +00:43:38.048186 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionRZLeaveExcl 0 times +00:43:38.048194 /PDM/CritSectsRw/TM virtual queue alloc lock/ContentionRZLeaveShared 0 times +00:43:38.048202 /PDM/CritSectsRw/TM virtual queue alloc lock/R3EnterExcl 12 times +00:43:38.048210 /PDM/CritSectsRw/TM virtual queue alloc lock/R3EnterShared 5 times +00:43:38.048218 /PDM/CritSectsRw/TM virtual queue alloc lock/RZEnterExcl 0 times +00:43:38.048226 /PDM/CritSectsRw/TM virtual queue alloc lock/RZEnterShared 0 times +00:43:38.048234 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionR3EnterExcl 0 times +00:43:38.048243 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionR3EnterShared 0 times +00:43:38.048316 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionR3LeaveExcl 0 times +00:43:38.048327 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionRZEnterExcl 0 times +00:43:38.048335 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionRZEnterShared 0 times +00:43:38.048344 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionRZLeaveExcl 0 times +00:43:38.048352 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/ContentionRZLeaveShared 0 times +00:43:38.048360 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/R3EnterExcl 14 times +00:43:38.048368 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/R3EnterShared 5 times +00:43:38.048376 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/RZEnterExcl 0 times +00:43:38.048384 /PDM/CritSectsRw/TM virtual_sync queue alloc lock/RZEnterShared 0 times +00:43:38.048392 /PDM/Queue/DevHlp/AllocFailures 0 times +00:43:38.048400 /PDM/Queue/DevHlp/Flush 0 calls +00:43:38.048409 /PDM/Queue/DevHlp/FlushLeftovers 0 times +00:43:38.048417 /PDM/Queue/DevHlp/Insert 0 calls +00:43:38.048425 /PDM/Queue/DevHlp/cItems 8 count +00:43:38.048433 /PDM/Queue/DevHlp/cbItem 56 bytes +00:43:38.048441 /PDM/Queue/DevHlp/rcOkay 0 +00:43:38.048450 /PDM/Queue/Keyboard/AllocFailures 0 times +00:43:38.048458 /PDM/Queue/Keyboard/Flush 0 calls +00:43:38.048466 /PDM/Queue/Keyboard/FlushLeftovers 0 times +00:43:38.048474 /PDM/Queue/Keyboard/Insert 225 calls +00:43:38.048482 /PDM/Queue/Keyboard/cItems 64 count +00:43:38.048490 /PDM/Queue/Keyboard/cbItem 16 bytes +00:43:38.048498 /PDM/Queue/Keyboard/rcOkay 0 +00:43:38.048506 /PDM/Queue/Mouse/AllocFailures 0 times +00:43:38.048515 /PDM/Queue/Mouse/Flush 0 calls +00:43:38.048523 /PDM/Queue/Mouse/FlushLeftovers 0 times +00:43:38.048531 /PDM/Queue/Mouse/Insert 431 calls +00:43:38.048539 /PDM/Queue/Mouse/cItems 128 count +00:43:38.048547 /PDM/Queue/Mouse/cbItem 32 bytes +00:43:38.048555 /PDM/Queue/Mouse/rcOkay 0 +00:43:38.048564 /PDM/Queue/Mouse_1/AllocFailures 0 times +00:43:38.048572 /PDM/Queue/Mouse_1/Flush 0 calls +00:43:38.048580 /PDM/Queue/Mouse_1/FlushLeftovers 0 times +00:43:38.048588 /PDM/Queue/Mouse_1/Insert 24381 calls +00:43:38.048596 /PDM/Queue/Mouse_1/cItems 128 count +00:43:38.048604 /PDM/Queue/Mouse_1/cbItem 32 bytes +00:43:38.048613 /PDM/Queue/Mouse_1/rcOkay 0 +00:43:38.048621 /PDM/Queue/SCSI-Eject/AllocFailures 0 times +00:43:38.048629 /PDM/Queue/SCSI-Eject/Flush 0 calls +00:43:38.048637 /PDM/Queue/SCSI-Eject/FlushLeftovers 0 times +00:43:38.048645 /PDM/Queue/SCSI-Eject/Insert 0 calls +00:43:38.048654 /PDM/Queue/SCSI-Eject/cItems 1 count +00:43:38.048662 /PDM/Queue/SCSI-Eject/cbItem 24 bytes +00:43:38.048670 /PDM/Queue/SCSI-Eject/rcOkay 0 +00:43:38.048678 /PDM/Queue/SCSI-Eject_1/AllocFailures 0 times +00:43:38.048686 /PDM/Queue/SCSI-Eject_1/Flush 0 calls +00:43:38.048694 /PDM/Queue/SCSI-Eject_1/FlushLeftovers 0 times +00:43:38.048702 /PDM/Queue/SCSI-Eject_1/Insert 0 calls +00:43:38.048710 /PDM/Queue/SCSI-Eject_1/cItems 1 count +00:43:38.048718 /PDM/Queue/SCSI-Eject_1/cbItem 24 bytes +00:43:38.048726 /PDM/Queue/SCSI-Eject_1/rcOkay 0 +00:43:38.048734 /PDM/Tasks/000-E1000-Xmit-retriggered 0 times +00:43:38.048742 /PDM/Tasks/000-E1000-Xmit-runs 4 times +00:43:38.048750 /PDM/Tasks/001-HDA CORB DMA-retriggered 0 times +00:43:38.048758 /PDM/Tasks/001-HDA CORB DMA-runs 0 times +00:43:38.048766 /PGM/CPU0/R3/Page/MapTlbMisses 0 times +00:43:38.048774 /PGM/CPU0/R3/RamRange/TlbLocking 0 times +00:43:38.048784 /PGM/CPU0/R3/RamRange/TlbMisses 81 times +00:43:38.048792 /PGM/CPU0/RZ/Page/MapTlbMisses 0 times +00:43:38.048800 /PGM/CPU0/RZ/RamRange/TlbLocking 0 times +00:43:38.048808 /PGM/CPU0/RZ/RamRange/TlbMisses 0 times +00:43:38.048816 /PGM/CPU0/cA20Changes 0 times +00:43:38.048825 /PGM/CPU0/cGuestModeChanges 3 times +00:43:38.048833 /PGM/ChunkR3Map/Mapped 0 count +00:43:38.048841 /PGM/ChunkR3Map/Unmapped 0 count +00:43:38.048849 /PGM/ChunkR3Map/c 0 count +00:43:38.048858 /PGM/ChunkR3Map/cMax 4294967295 count +00:43:38.048866 /PGM/LargePage/Alloc 0 ns/call ( 0 ns, 0 calls, max 0, min -1) +00:43:38.048875 /PGM/LargePage/AllocFailed 0 times +00:43:38.048883 /PGM/LargePage/Overflow 0 times +00:43:38.048891 /PGM/LargePage/Recheck 0 times +00:43:38.048899 /PGM/LargePage/Refused 0 times +00:43:38.048907 /PGM/LargePage/Reused 0 times +00:43:38.048916 /PGM/LargePage/TlbFlush 0 times +00:43:38.048924 /PGM/LargePage/ZeroEvict 0 times +00:43:38.048933 /PGM/Mmio2QueryAndResetDirtyBitmap 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.048941 /PGM/Page/cAllPages 560517 count +00:43:38.048949 /PGM/Page/cBalloonedPages 0 count +00:43:38.048958 /PGM/Page/cHandyPages 0 count +00:43:38.048966 /PGM/Page/cLargePages 0 count +00:43:38.048974 /PGM/Page/cLargePagesDisabled 0 count +00:43:38.048982 /PGM/Page/cMonitoredPages 0 count +00:43:38.048990 /PGM/Page/cPrivatePages 560297 count +00:43:38.048998 /PGM/Page/cPureMmioPages 220 count +00:43:38.049006 /PGM/Page/cReadLockedPages 0 count +00:43:38.049014 /PGM/Page/cReusedSharedPages 0 count +00:43:38.049022 /PGM/Page/cSharedPages 0 count +00:43:38.049030 /PGM/Page/cWriteLockedPages 0 count +00:43:38.049038 /PGM/Page/cWrittenToPages 0 count +00:43:38.049047 /PGM/Page/cZeroPages 0 count +00:43:38.049055 /PGM/PhysHandlerTree/ErrorsAllocatorR3 0 times +00:43:38.049063 /PGM/PhysHandlerTree/ErrorsTree 0 times +00:43:38.049071 /PGM/PhysHandlerTree/Inserts 97 times +00:43:38.049079 /PGM/PhysHandlerTree/MaxHandlers 6144 times +00:43:38.049087 /PGM/PhysHandlerTree/RebalancingOperations 40 times +00:43:38.049095 /PGM/PhysHandlerTree/Removals 79 times +00:43:38.049103 /PGM/Pool/Grow 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.049112 /PGM/ShMod/Check 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.049121 /PROF/CPU0/EM/Capped 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.049129 /PROF/CPU0/EM/ForcedActions 4566598 times +00:43:38.049137 /PROF/CPU0/EM/HMExec 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.049146 /PROF/CPU0/EM/HMExecuteCalled 0 times +00:43:38.049154 /PROF/CPU0/EM/Halted 2684991 times +00:43:38.049162 /PROF/CPU0/EM/NEMExec 1210976 ticks/call (5498282821174 ticks, 4540370 calls, max 270304886, min 25582) +00:43:38.049171 /PROF/CPU0/EM/NEMExecuteCalled 3341036 times +00:43:38.049179 /PROF/CPU0/EM/REMTotal 0 times +00:43:38.049188 /PROF/CPU0/EM/RecordedExits 42763111 times +00:43:38.049196 /PROF/CPU0/EM/Total 1567597834231 ticks/call (7837989171156 ticks, 5 calls, max 3209485227131, min 12070367169) +00:43:38.049205 /PROF/CPU0/VM/Halt/Block 778 ns/call (363061579019 ns, 466511594 calls, max 24930396, min 1) +00:43:38.049214 /PROF/CPU0/VM/Halt/BlockInsomnia 737 ns/call (343416969565 ns, 465509302 calls, max 9781441, min 1) +00:43:38.049223 /PROF/CPU0/VM/Halt/BlockOnTime 4648 ns/call ( 4538876052 ns, 976388 calls, max 9888350, min 1) +00:43:38.049232 /PROF/CPU0/VM/Halt/BlockOverslept 314168 ns/call ( 8138231555 ns, 25904 calls, max 15111387, min 50004) +00:43:38.049241 /PROF/CPU0/VM/Halt/R0HaltBlock 0 ns/call ( 0 ns, 0 calls, max 0, min -1) +00:43:38.049249 /PROF/CPU0/VM/Halt/R0HaltBlockInsomnia 0 ns/call ( 0 ns, 0 calls, max 0, min -1) +00:43:38.049258 /PROF/CPU0/VM/Halt/R0HaltBlockOnTime 0 ns/call ( 0 ns, 0 calls, max 0, min -1) +00:43:38.049266 /PROF/CPU0/VM/Halt/R0HaltBlockOverslept 0 ns/call ( 0 ns, 0 calls, max 0, min -1) +00:43:38.049275 /PROF/CPU0/VM/Halt/R0HaltExec 0 times +00:43:38.049283 /PROF/CPU0/VM/Halt/R0HaltExec/FromBlock 0 times +00:43:38.049291 /PROF/CPU0/VM/Halt/R0HaltExec/FromSpin 0 times +00:43:38.049299 /PROF/CPU0/VM/Halt/R0HaltHistoryCounter 0 times +00:43:38.049307 /PROF/CPU0/VM/Halt/R0HaltHistorySucceeded 0 times +00:43:38.049315 /PROF/CPU0/VM/Halt/R0HaltHistoryToRing3 0 times +00:43:38.049323 /PROF/CPU0/VM/Halt/R0HaltToR3 0 times +00:43:38.049331 /PROF/CPU0/VM/Halt/R0HaltToR3/FromSpin 0 times +00:43:38.049339 /PROF/CPU0/VM/Halt/R0HaltToR3/Other 0 times +00:43:38.049347 /PROF/CPU0/VM/Halt/R0HaltToR3/PendingFF 0 times +00:43:38.049355 /PROF/CPU0/VM/Halt/R0HaltToR3/PostWaitNoInt 0 times +00:43:38.049363 /PROF/CPU0/VM/Halt/R0HaltToR3/PostWaitPendingFF 0 times +00:43:38.049371 /PROF/CPU0/VM/Halt/R0HaltToR3/SmallDelta 0 times +00:43:38.049379 /PROF/CPU0/VM/Halt/Timers 393 ns/call (246194331954 ns, 625951547 calls, max 30307503, min 2) +00:43:38.049388 /PROF/CPU0/VM/Halt/Yield 3460 ns/call ( 75278383 ns, 21751 calls, max 209377, min 1) +00:43:38.049397 /Public/NetAdapter/0/BytesReceived 94269581 bytes +00:43:38.049405 /Public/NetAdapter/0/BytesTransmitted 1480494 bytes +00:43:38.049413 /Public/NetAdapter/0/e1000 0 +00:43:38.049421 /Public/Storage/AHCI0/Port0/BytesRead 8329593856 bytes +00:43:38.049429 /Public/Storage/AHCI0/Port0/BytesWritten 15258880512 bytes +00:43:38.049437 /Public/Storage/AHCI0/Port0/QueryBufAttempts 0 count +00:43:38.049445 /Public/Storage/AHCI0/Port0/QueryBufSuccess 0 count +00:43:38.049453 /Public/Storage/AHCI0/Port0/ReqsFlush 8180 count +00:43:38.049461 /Public/Storage/AHCI0/Port0/ReqsRead 275881 count +00:43:38.049469 /Public/Storage/AHCI0/Port0/ReqsSubmitted 586342 count +00:43:38.049477 /Public/Storage/AHCI0/Port0/ReqsSucceeded 586342 count +00:43:38.049485 /Public/Storage/AHCI0/Port0/ReqsWrite 302281 count +00:43:38.049493 /Public/Storage/AHCI0/Port1/QueryBufAttempts 0 count +00:43:38.049501 /Public/Storage/AHCI0/Port1/QueryBufSuccess 0 count +00:43:38.049510 /Public/Storage/AHCI0/Port2/QueryBufAttempts 0 count +00:43:38.049518 /Public/Storage/AHCI0/Port2/QueryBufSuccess 0 count +00:43:38.049527 /SELM/LoadHidSel/GstReadErrors 0 times +00:43:38.049535 /SELM/LoadHidSel/NoGoodGuest 0 times +00:43:38.049544 /TM/CPU/00/cNsExecuting 1070839930968 ns +00:43:38.049552 /TM/CPU/00/cNsHalted 706592317268 ns +00:43:38.049560 /TM/CPU/00/cNsOther 839418731465 ns +00:43:38.049569 /TM/CPU/00/cNsTotal 2616850979701 ns +00:43:38.049577 /TM/CPU/00/cPeriodsExecuting 37293025 count +00:43:38.049585 /TM/CPU/00/cPeriodsHalted 2663211 count +00:43:38.049593 /TM/CPU/00/pctExecuting 37 % +00:43:38.049601 /TM/CPU/00/pctHalted 35 % +00:43:38.049610 /TM/CPU/00/pctOther 27 % +00:43:38.049618 /TM/CPU/pctExecuting 37 % +00:43:38.049626 /TM/CPU/pctHalted 35 % +00:43:38.049634 /TM/CPU/pctOther 27 % +00:43:38.049643 /TM/MaxHzHint 0 Hz +00:43:38.049652 /TM/MaxHzHint/real 0 Hz +00:43:38.049660 /TM/MaxHzHint/tsc 0 Hz +00:43:38.049668 /TM/MaxHzHint/virtual 0 Hz +00:43:38.049676 /TM/MaxHzHint/virtual_sync 0 Hz +00:43:38.049685 /TM/PIT/Handler 0 ticks/call ( 0 ticks, 0 calls, max 0, min -1) +00:43:38.049693 /TM/PIT/Irq 0 times +00:43:38.049702 /TM/R3/1nsSteps 39577260 times +00:43:38.049710 /TM/TSC/offCPU0 0 ticks +00:43:38.049719 /TM/VirtualSync/CurrentOffset 14467052 ns +00:43:38.049727 /TRPM/ForwardRaw/IRQ/20 4446 times +00:43:38.049737 /TRPM/ForwardRaw/IRQ/2F 151 times +00:43:38.049746 /TRPM/ForwardRaw/IRQ/50 154 times +00:43:38.049755 /TRPM/ForwardRaw/IRQ/60 493 times +00:43:38.049763 /TRPM/ForwardRaw/IRQ/70 16064 times +00:43:38.049772 /TRPM/ForwardRaw/IRQ/80 132566 times +00:43:38.049781 /TRPM/ForwardRaw/IRQ/90 39 times +00:43:38.049790 /TRPM/ForwardRaw/IRQ/A0 88 times +00:43:38.049801 /TRPM/ForwardRaw/IRQ/D1 3182647 times +00:43:38.049809 /TRPM/ForwardRaw/IRQ/D2 5 times +00:43:38.049819 /TRPM/ForwardRaw/TRAP/1F 85 times +00:43:38.049827 /VMM/EmtHashCollisions/Emt00 0 times +00:43:38.049835 /VMM/LogFlush/00-Flushes 0 times +00:43:38.049843 /VMM/LogFlush/00-NoWakups 0 times +00:43:38.049852 /VMM/LogFlush/CPU0/Rel/cbBuf 4096 bytes +00:43:38.049861 /VUSB/0/cUrbsInPool 0 count +00:43:38.049869 /VUSB/1/cUrbsInPool 0 count +00:43:38.049878 ********************* End of statistics ********************** +00:43:38.050035 VUSB: Detached 'HidMouse' from port 1 on RootHub#1 +00:43:38.242678 E1000#0: Interrupt attempts: 84781 +00:43:38.242706 E1000#0: Interrupts raised : 6295 +00:43:38.242716 E1000#0: Interrupts lowered: 595 +00:43:38.242724 E1000#0: ICR outside ISR : 3221 +00:43:38.242732 E1000#0: IMS raised ints : 1307 +00:43:38.242740 E1000#0: Interrupts skipped: 52339 +00:43:38.242748 E1000#0: Masked interrupts : 26147 +00:43:38.242756 E1000#0: Early interrupts : 0 +00:43:38.242763 E1000#0: Late interrupts : 1250 +00:43:38.242771 E1000#0: Lost interrupts : 0 +00:43:38.242779 E1000#0: Interrupts by RX : 66910 +00:43:38.242787 E1000#0: Interrupts by TX : 7663 +00:43:38.242794 E1000#0: Interrupts by ICS : 1287 +00:43:38.242802 E1000#0: Interrupts by RDTR: 0 +00:43:38.242810 E1000#0: Interrupts by RDMT: 0 +00:43:38.242817 E1000#0: Interrupts by TXQE: 0 +00:43:38.242825 E1000#0: TX int delay asked: 0 +00:43:38.242833 E1000#0: TX delayed: 0 +00:43:38.242840 E1000#0: TX delay expired: 0 +00:43:38.242848 E1000#0: TX no report asked: 640 +00:43:38.242856 E1000#0: TX abs timer expd : 0 +00:43:38.242864 E1000#0: TX int timer expd : 0 +00:43:38.242871 E1000#0: RX abs timer expd : 0 +00:43:38.242879 E1000#0: RX int timer expd : 0 +00:43:38.242887 E1000#0: TX CTX descriptors: 332 +00:43:38.242894 E1000#0: TX DAT descriptors: 8720 +00:43:38.242902 E1000#0: TX LEG descriptors: 342 +00:43:38.242910 E1000#0: Received frames : 66910 +00:43:38.242917 E1000#0: Transmitted frames: 7663 +00:43:38.242925 E1000#0: TX frames up to 1514: 7561 +00:43:38.242933 E1000#0: TX frames up to 2962: 34 +00:43:38.242941 E1000#0: TX frames up to 4410: 12 +00:43:38.242948 E1000#0: TX frames up to 5858: 20 +00:43:38.242956 E1000#0: TX frames up to 7306: 9 +00:43:38.242964 E1000#0: TX frames up to 8754: 6 +00:43:38.242971 E1000#0: TX frames up to 16384: 11 +00:43:38.242979 E1000#0: TX frames up to 32768: 9 +00:43:38.242986 E1000#0: Larger TX frames : 1 +00:43:38.242994 E1000#0: Max TX Delay : 0 +00:43:38.245773 GIM: HyperV: Resetting MMIO2 regions and MSRs +00:43:38.245829 NEM: Destroying partition 0000022071c237e0 with its 1 VCpus... +00:43:38.293936 vmmR3LogFlusher: Terminating (VERR_OBJECT_DESTROYED) +00:43:38.294006 Changing the VM state from 'DESTROYING' to 'TERMINATED' +00:43:38.294041 Console: Machine state changed to 'PoweredOff' +00:43:38.294123 VBoxHeadless: processEventQueue: VERR_INTERRUPTED, termination requested +00:43:38.330066 ERROR [COM]: aRC=VBOX_E_INVALID_VM_STATE (0x80bb0002) aIID={c0447716-ff5a-4795-b57a-ecd5fffa18a4} aComponent={SessionWrap} aText={Machine is not locked by session (session state: Unlocking).}, preserve=false aResultDetail=0 +00:43:38.334933 ERROR [COM]: aRC=E_ACCESSDENIED (0x80070005) aIID={6ac83d89-6ee7-4e33-8ae6-b257b2e81be8} aComponent={ConsoleWrap} aText={The object is not ready}, preserve=false aResultDetail=0 +00:43:38.336921 ERROR [COM]: aRC=E_ACCESSDENIED (0x80070005) aIID={6ac83d89-6ee7-4e33-8ae6-b257b2e81be8} aComponent={ConsoleWrap} aText={The object is not ready}, preserve=false aResultDetail=0 +00:43:38.796312 VBoxHeadless: exiting diff --git a/bimmertools/Logs/VBoxHardening.log b/bimmertools/Logs/VBoxHardening.log new file mode 100644 index 0000000..fb2f2c0 --- /dev/null +++ b/bimmertools/Logs/VBoxHardening.log @@ -0,0 +1,4566 @@ +7758.3dfc: \SystemRoot\System32\ntdll.dll: +7758.3dfc: CreationTime: 2024-10-12T16:13:13.337096100Z +7758.3dfc: LastWriteTime: 2024-10-12T16:13:13.368170000Z +7758.3dfc: ChangeTime: 2024-10-15T19:50:08.320152600Z +7758.3dfc: FileAttributes: 0x20 +7758.3dfc: Size: 0x216090 +7758.3dfc: NT Headers: 0xe8 +7758.3dfc: Timestamp: 0xf9f266e7 +7758.3dfc: Machine: 0x8664 - amd64 +7758.3dfc: Timestamp: 0xf9f266e7 +7758.3dfc: Image Version: 10.0 +7758.3dfc: SizeOfImage: 0x217000 (2191360) +7758.3dfc: Resource Dir: 0x1a0000 LB 0x759a8 +7758.3dfc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] +7758.3dfc: [Raw version resource data: 0x1a00f0 LB 0x380, codepage 0x0 (reserved 0x0)] +7758.3dfc: ProductName: Microsoft® Windows® Operating System +7758.3dfc: ProductVersion: 10.0.22621.4317 +7758.3dfc: FileVersion: 10.0.22621.4317 (WinBuild.160101.0800) +7758.3dfc: FileDescription: NT Layer DLL +7758.3dfc: \SystemRoot\System32\kernel32.dll: +7758.3dfc: CreationTime: 2024-08-18T11:45:46.245614200Z +7758.3dfc: LastWriteTime: 2024-08-18T11:45:46.259376700Z +7758.3dfc: ChangeTime: 2024-10-12T16:14:17.580433400Z +7758.3dfc: FileAttributes: 0x20 +7758.3dfc: Size: 0xc7168 +7758.3dfc: NT Headers: 0xe8 +7758.3dfc: Timestamp: 0xa9f358b9 +7758.3dfc: Machine: 0x8664 - amd64 +7758.3dfc: Timestamp: 0xa9f358b9 +7758.3dfc: Image Version: 10.0 +7758.3dfc: SizeOfImage: 0xc4000 (802816) +7758.3dfc: Resource Dir: 0xc2000 LB 0x520 +7758.3dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +7758.3dfc: [Raw version resource data: 0xc20b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] +7758.3dfc: ProductName: Microsoft® Windows® Operating System +7758.3dfc: ProductVersion: 10.0.22621.3958 +7758.3dfc: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +7758.3dfc: FileDescription: Windows NT BASE API Client DLL +7758.3dfc: \SystemRoot\System32\KernelBase.dll: +7758.3dfc: CreationTime: 2024-10-12T16:13:13.874348200Z +7758.3dfc: LastWriteTime: 2024-10-12T16:13:13.976987600Z +7758.3dfc: ChangeTime: 2024-10-15T19:50:07.879884900Z +7758.3dfc: FileAttributes: 0x20 +7758.3dfc: Size: 0x3bdba0 +7758.3dfc: NT Headers: 0xf8 +7758.3dfc: Timestamp: 0xcf64c6a +7758.3dfc: Machine: 0x8664 - amd64 +7758.3dfc: Timestamp: 0xcf64c6a +7758.3dfc: Image Version: 10.0 +7758.3dfc: SizeOfImage: 0x3b7000 (3895296) +7758.3dfc: Resource Dir: 0x386000 LB 0x548 +7758.3dfc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +7758.3dfc: [Raw version resource data: 0x3860b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] +7758.3dfc: ProductName: Microsoft® Windows® Operating System +7758.3dfc: ProductVersion: 10.0.22621.4249 +7758.3dfc: FileVersion: 10.0.22621.4249 (WinBuild.160101.0800) +7758.3dfc: FileDescription: Windows NT BASE API Client DLL +7758.3dfc: \SystemRoot\System32\apisetschema.dll: +7758.3dfc: CreationTime: 2024-08-18T11:45:33.363168100Z +7758.3dfc: LastWriteTime: 2024-08-18T11:45:33.366168300Z +7758.3dfc: ChangeTime: 2024-10-12T16:14:17.396998700Z +7758.3dfc: FileAttributes: 0x20 +7758.3dfc: Size: 0x245e0 +7758.3dfc: NT Headers: 0xc8 +7758.3dfc: Timestamp: 0x8f476251 +7758.3dfc: Machine: 0x8664 - amd64 +7758.3dfc: Timestamp: 0x8f476251 +7758.3dfc: Image Version: 10.0 +7758.3dfc: SizeOfImage: 0x23000 (143360) +7758.3dfc: Resource Dir: 0x22000 LB 0x408 +7758.3dfc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] +7758.3dfc: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)] +7758.3dfc: ProductName: Microsoft® Windows® Operating System +7758.3dfc: ProductVersion: 10.0.22621.3958 +7758.3dfc: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +7758.3dfc: FileDescription: ApiSet Schema DLL +7758.3dfc: supR3HardenedWinFindAdversaries: 0x0 +7758.3dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +7758.3dfc: Calling main() +7758.3dfc: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 +7758.3dfc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +7758.3dfc: SUPR3HardenedMain: Respawn #1 +7758.3dfc: System32: \Device\HarddiskVolume3\Windows\System32 +7758.3dfc: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS +7758.3dfc: KnownDllPath: C:\Windows\System32 +7758.3dfc: supR3HardenedWinInit: Performing a limited self purification... +7758.3dfc: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION +7758.3dfc: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 +7758.3dfc: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000 +7758.3dfc: 000000007ffea000-000000c1aa86ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000c1aa870000-000000c1aa928fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000000c1aa929000-000000c1aa92bfff 0x0104/0x0004 0x0020000 +7758.3dfc: 000000c1aa92c000-000000c1aa96ffff 0x0004/0x0004 0x0020000 +7758.3dfc: 000000c1aa970000-000000c1aa9fffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000c1aaa00000-000000c1aaa7cfff 0x0000/0x0004 0x0020000 +7758.3dfc: 000000c1aaa7d000-000000c1aaa7ffff 0x0004/0x0004 0x0020000 +7758.3dfc: 000000c1aaa80000-000000c1aabfffff 0x0000/0x0004 0x0020000 +7758.3dfc: 000000c1aac00000-000002983e7bffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e7c0000-000002983e7cffff 0x0004/0x0004 0x0040000 +7758.3dfc: *000002983e7d0000-000002983e7d2fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e7d3000-000002983e7dffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e7e0000-000002983e7fefff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e7ff000-000002983e7fffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e800000-000002983e803fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e804000-000002983e80ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e810000-000002983e810fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e811000-000002983e81ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e820000-000002983e821fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983e822000-000002983e82ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e830000-000002983e832fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e833000-000002983e83ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e840000-000002983e841fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983e842000-000002983e902fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983e903000-000002983e90ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e910000-000002983e9ddfff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e9de000-000002983e9dffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e9e0000-000002983e9e2fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e9e3000-000002983e9effff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983e9f0000-000002983e9f2fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983e9f3000-000002983e9fffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ea00000-000002983ea00fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983ea01000-000002983ea0ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ea10000-000002983ea10fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983ea11000-000002983ea1ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ea20000-000002983ea21fff 0x0002/0x0004 0x0020000 +7758.3dfc: 000002983ea22000-000002983ea2ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *000002983ea30000-000002983ea49fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ea4a000-000002983eb2ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *000002983eb30000-000002983eb30fff 0x0002/0x0002 0x0040000 +7758.3dfc: 000002983eb31000-000002983eb3ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983eb40000-000002983eb41fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983eb42000-000002983ec02fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983ec03000-000002983ec0ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec10000-000002983ec10fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ec11000-000002983ec1ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec20000-000002983ec20fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ec21000-000002983ec2ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec30000-000002983ec30fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ec31000-000002983ec3ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec40000-000002983ec40fff 0x0002/0x0004 0x0020000 +7758.3dfc: 000002983ec41000-000002983ec41fff 0x0020/0x0004 0x0020000 !! +7758.3dfc: 000002983ec42000-000002983ec4ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec50000-000002983ec50fff 0x0002/0x0004 0x0020000 +7758.3dfc: 000002983ec51000-000002983ec51fff 0x0020/0x0004 0x0020000 !! +7758.3dfc: 000002983ec52000-000002983ec5ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ec60000-000002983ed1ffff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ed20000-000002983ed2ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *000002983ed30000-000002983ed30fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ed31000-000002983ed3ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ed40000-000002983ed41fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ed42000-000002983ee02fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983ee03000-000002983ee2ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983ee30000-000002983ee3efff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ee3f000-000002983ee3ffff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983ee40000-000002983eecffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983eed0000-000002983ef8ffff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983ef90000-000002983ef9ffff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983efa0000-000002983f05ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983f060000-000002983f066fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983f067000-000002983f45ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *000002983f460000-000002983f461fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983f462000-000002983f522fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983f523000-000002983f52ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983f530000-000002983f531fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983f532000-000002983f5f2fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983f5f3000-000002983f63ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983f640000-000002983f67cfff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983f67d000-000002983fa3ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *000002983fa40000-000002983fa4bfff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983fa4c000-000002983fc63fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983fc64000-000002983fc64fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983fc65000-000002983fc6ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983fc70000-000002983fc71fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983fc72000-000002983fd32fff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983fd33000-000002983fd3ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000002983fd40000-000002983fd69fff 0x0004/0x0004 0x0020000 +7758.3dfc: 000002983fd6a000-000002983fe3ffff 0x0000/0x0004 0x0020000 +7758.3dfc: 000002983fe40000-00007df4a3edffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df4a3ee0000-00007df4a3eeffff 0x0002/0x0002 0x0020000 +7758.3dfc: *00007df4a3ef0000-00007df4a3ef0fff 0x0002/0x0002 0x0020000 +7758.3dfc: 00007df4a3ef1000-00007df4a3ef2fff 0x0020/0x0002 0x0020000 !! +7758.3dfc: 00007df4a3ef3000-00007df4a3efffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df4a3f00000-00007df4a3f0ffff 0x0004/0x0004 0x0020000 +7758.3dfc: *00007df4a3f10000-00007df4a3f14fff 0x0002/0x0002 0x0040000 +7758.3dfc: 00007df4a3f15000-00007df4a400ffff 0x0000/0x0002 0x0040000 +7758.3dfc: *00007df4a4010000-00007df5a402ffff 0x0000/0x0004 0x0020000 +7758.3dfc: *00007df5a4030000-00007df5a602ffff 0x0000/0x0004 0x0020000 +7758.3dfc: 00007df5a6030000-00007df5a6030fff 0x0004/0x0004 0x0020000 +7758.3dfc: 00007df5a6031000-00007df5a603ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df5a6040000-00007df5a6040fff 0x0020/0x0004 0x0020000 !! +7758.3dfc: 00007df5a6041000-00007df5a604ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df5a6050000-00007df5a6050fff 0x0002/0x0002 0x0040000 +7758.3dfc: 00007df5a6051000-00007df5a605ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df5a6060000-00007df5a78b4fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007df5a78b5000-00007df5a7a1afff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007df5a7a1b000-00007df5a7e38fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007df5a7e39000-00007df5a7e39fff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007df5a7e3a000-00007e0007010fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007e0007011000-00007e0007011fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007e0007012000-00007fed7c9e0fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007fed7c9e1000-00007fed7c9e1fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007fed7c9e2000-00007ff57f9e1fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007ff57f9e2000-00007ff57f9e6fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff57f9e7000-00007ff590270fff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007ff590271000-00007ff59434dfff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007ff59434e000-00007ff594358fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff594359000-00007ff595baefff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007ff595baf000-00007ff595bb1fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff595bb2000-00007ff595cb3fff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007ff595cb4000-00007ff595cc3fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff595cc4000-00007ff595d1ffff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007ff595d20000-00007ff595d23fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff595d24000-00007ff595d5bfff 0x0001/0x0001 0x0040000 +7758.3dfc: 00007ff595d5c000-00007ff595d65fff 0x0002/0x0001 0x0040000 +7758.3dfc: 00007ff595d66000-00007ff5a605ffff 0x0000/0x0001 0x0040000 +7758.3dfc: 00007ff5a6060000-00007ff66608ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ff666090000-00007ff666090fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff666091000-00007ff6660fbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff6660fc000-00007ff6660fcfff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff6660fd000-00007ff666150fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff666151000-00007ff666153fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff666154000-00007ff666156fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff666157000-00007ff666159fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff66615a000-00007ff66615afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff66615b000-00007ff66615cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff66615d000-00007ff66615dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff66615e000-00007ff666197fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +7758.3dfc: 00007ff666198000-00007ffb8bb7ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffb8bb80000-00007ffb8bb80fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bb80000 LB 0x1000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bb81000-00007ffb8bc21fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bb81000 LB 0xa1000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bc22000-00007ffb8bd12fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bc22000 LB 0xf1000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd13000-00007ffb8bd13fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd13000 LB 0x1000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd14000-00007ffb8bd1ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd14000 LB 0xc000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd20000-00007ffb8bd26fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd20000 LB 0x7000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd27000-00007ffb8bd27fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd27000 LB 0x1000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd28000-00007ffb8bd29fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd28000 LB 0x2000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd2a000-00007ffb8bd3cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\dlls_267426639802711145\atcuf64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd2a000 LB 0x13000 (base 00007ffb8bb80000) - 'atcuf64.dll' +7758.3dfc: 00007ffb8bd3d000-00007ffb8bd3ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffb8bd40000-00007ffb8bd40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\dlls_267023712359186263\bdhkm64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd40000 LB 0x1000 (base 00007ffb8bd40000) - 'bdhkm64.dll' +7758.3dfc: 00007ffb8bd41000-00007ffb8bd77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\dlls_267023712359186263\bdhkm64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd41000 LB 0x37000 (base 00007ffb8bd40000) - 'bdhkm64.dll' +7758.3dfc: 00007ffb8bd78000-00007ffb8be0dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\dlls_267023712359186263\bdhkm64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8bd78000 LB 0x96000 (base 00007ffb8bd40000) - 'bdhkm64.dll' +7758.3dfc: 00007ffb8be0e000-00007ffb8be0ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\dlls_267023712359186263\bdhkm64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8be0e000 LB 0x2000 (base 00007ffb8bd40000) - 'bdhkm64.dll' +7758.3dfc: 00007ffb8be10000-00007ffb8be1afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\dlls_267023712359186263\bdhkm64.dll +7758.3dfc: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffb8be10000 LB 0xb000 (base 00007ffb8bd40000) - 'bdhkm64.dll' +7758.3dfc: 00007ffb8be1b000-00007ffbed3bffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffbed3c0000-00007ffbed3c0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll +7758.3dfc: 00007ffbed3c1000-00007ffbed412fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll +7758.3dfc: 00007ffbed413000-00007ffbed436fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll +7758.3dfc: 00007ffbed437000-00007ffbed439fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll +7758.3dfc: 00007ffbed43a000-00007ffbed456fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll +7758.3dfc: 00007ffbed457000-00007ffbf151ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffbf1520000-00007ffbf1520fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf1521000-00007ffbf16befff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf16bf000-00007ffbf1884fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf1885000-00007ffbf1889fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf188a000-00007ffbf188afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf188b000-00007ffbf18d6fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +7758.3dfc: 00007ffbf18d7000-00007ffbf300ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffbf3010000-00007ffbf3010fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf3011000-00007ffbf3091fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf3092000-00007ffbf30c8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf30c9000-00007ffbf30c9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf30ca000-00007ffbf30cafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf30cb000-00007ffbf30d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll +7758.3dfc: 00007ffbf30d4000-00007ffbf3f2ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffbf3f30000-00007ffbf3f30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf3f31000-00007ffbf4061fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf4062000-00007ffbf40affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf40b0000-00007ffbf40b0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf40b1000-00007ffbf40b2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf40b3000-00007ffbf40bbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf40bc000-00007ffbf4146fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll +7758.3dfc: 00007ffbf4147000-00007ffbf414ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007ffbf4150000-00007ffbf4152fff 0x0020/0x0020 0x0020000 !! +7758.3dfc: 00007ffbf4153000-00007ffbf415ffff 0x0002/0x0020 0x0020000 +7758.3dfc: *00007ffbf4160000-00007ffbf4160fff 0x0020/0x0020 0x0020000 !! +7758.3dfc: 00007ffbf4161000-00007ffbf416ffff 0x0002/0x0020 0x0020000 +7758.3dfc: 00007ffbf4170000-00007ffffffeffff 0x0001/0x0000 0x0000000 +7758.3dfc: kernel32.dll: timestamp 0xa9f358b9 (rc=VINF_SUCCESS) +7758.3dfc: kernelbase.dll: timestamp 0xcf64c6a (rc=VINF_SUCCESS) +7758.3dfc: apphelp.dll: timestamp 0x114ea630 (rc=VINF_SUCCESS) +7758.3dfc: VBoxHeadless.exe: timestamp 0x670807b2 (rc=VINF_SUCCESS) +7758.3dfc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +7758.3dfc: VBoxHeadless.exe: Differences in section #7 (.00cfg) between file and memory: +7758.3dfc: 00007ff666165000 / 0x00d5000: 10 != f0 +7758.3dfc: 00007ff666165001 / 0x00d5001: e3 != f0 +7758.3dfc: 00007ff666165002 / 0x00d5002: 0a != fb +7758.3dfc: 00007ff666165003 / 0x00d5003: 66 != f3 +7758.3dfc: 00007ff666165004 / 0x00d5004: f6 != fb +7758.3dfc: 00007ff666165008 / 0x00d5008: 10 != f0 +7758.3dfc: 00007ff666165009 / 0x00d5009: e3 != f0 +7758.3dfc: 00007ff66616500a / 0x00d500a: 0a != fb +7758.3dfc: 00007ff66616500b / 0x00d500b: 66 != f3 +7758.3dfc: 00007ff66616500c / 0x00d500c: f6 != fb +7758.3dfc: 00007ff666165010 / 0x00d5010: 00 != 30 +7758.3dfc: 00007ff666165011 / 0x00d5011: b1 != f2 +7758.3dfc: 00007ff666165012 / 0x00d5012: 0f != fb +7758.3dfc: 00007ff666165013 / 0x00d5013: 66 != f3 +7758.3dfc: 00007ff666165014 / 0x00d5014: f6 != fb +7758.3dfc: 00007ff666165018 / 0x00d5018: 20 != 30 +7758.3dfc: 00007ff666165019 / 0x00d5019: b1 != f2 +7758.3dfc: 00007ff66616501a / 0x00d501a: 0f != fb +7758.3dfc: 00007ff66616501b / 0x00d501b: 66 != f3 +7758.3dfc: 00007ff66616501c / 0x00d501c: f6 != fb +7758.3dfc: 00007ff666165020 / 0x00d5020: 20 != 30 +7758.3dfc: 00007ff666165021 / 0x00d5021: b1 != f2 +7758.3dfc: 00007ff666165022 / 0x00d5022: 0f != fb +7758.3dfc: 00007ff666165023 / 0x00d5023: 66 != f3 +7758.3dfc: 00007ff666165024 / 0x00d5024: f6 != fb +7758.3dfc: Restored 0x28 bytes of original file content at 00007ff666165000 +7758.3dfc: VBoxHeadless.exe: Differences in section #8 (.rsrc) between file and memory: +7758.3dfc: 00007ff666196b2c / 0x0106b2c: 00 != 50 +7758.3dfc: 00007ff666196b2d / 0x0106b2d: 00 != 41 +7758.3dfc: 00007ff666196b2e / 0x0106b2e: 00 != 44 +7758.3dfc: 00007ff666196b2f / 0x0106b2f: 00 != 44 +7758.3dfc: 00007ff666196b30 / 0x0106b30: 00 != 49 +7758.3dfc: 00007ff666196b31 / 0x0106b31: 00 != 4e +7758.3dfc: 00007ff666196b32 / 0x0106b32: 00 != 47 +7758.3dfc: 00007ff666196b33 / 0x0106b33: 00 != 58 +7758.3dfc: 00007ff666196b34 / 0x0106b34: 00 != 58 +7758.3dfc: 00007ff666196b35 / 0x0106b35: 00 != 50 +7758.3dfc: 00007ff666196b36 / 0x0106b36: 00 != 41 +7758.3dfc: 00007ff666196b37 / 0x0106b37: 00 != 44 +7758.3dfc: 00007ff666196b38 / 0x0106b38: 00 != 44 +7758.3dfc: 00007ff666196b39 / 0x0106b39: 00 != 49 +7758.3dfc: 00007ff666196b3a / 0x0106b3a: 00 != 4e +7758.3dfc: 00007ff666196b3b / 0x0106b3b: 00 != 47 +7758.3dfc: 00007ff666196b3c / 0x0106b3c: 00 != 50 +7758.3dfc: 00007ff666196b3d / 0x0106b3d: 00 != 41 +7758.3dfc: 00007ff666196b3e / 0x0106b3e: 00 != 44 +7758.3dfc: 00007ff666196b3f / 0x0106b3f: 00 != 44 +7758.3dfc: 00007ff666196b40 / 0x0106b40: 00 != 49 +7758.3dfc: 00007ff666196b41 / 0x0106b41: 00 != 4e +7758.3dfc: 00007ff666196b42 / 0x0106b42: 00 != 47 +7758.3dfc: 00007ff666196b43 / 0x0106b43: 00 != 58 +7758.3dfc: 00007ff666196b44 / 0x0106b44: 00 != 58 +7758.3dfc: 00007ff666196b45 / 0x0106b45: 00 != 50 +7758.3dfc: 00007ff666196b46 / 0x0106b46: 00 != 41 +7758.3dfc: 00007ff666196b47 / 0x0106b47: 00 != 44 +7758.3dfc: 00007ff666196b48 / 0x0106b48: 00 != 44 +7758.3dfc: 00007ff666196b49 / 0x0106b49: 00 != 49 +7758.3dfc: 00007ff666196b4a / 0x0106b4a: 00 != 4e +7758.3dfc: 00007ff666196b4b / 0x0106b4b: 00 != 47 +7758.3dfc: 00007ff666196b4c / 0x0106b4c: 00 != 50 +7758.3dfc: 00007ff666196b4d / 0x0106b4d: 00 != 41 +7758.3dfc: 00007ff666196b4e / 0x0106b4e: 00 != 44 +7758.3dfc: 00007ff666196b4f / 0x0106b4f: 00 != 44 +7758.3dfc: 00007ff666196b50 / 0x0106b50: 00 != 49 +7758.3dfc: 00007ff666196b51 / 0x0106b51: 00 != 4e +7758.3dfc: 00007ff666196b52 / 0x0106b52: 00 != 47 +7758.3dfc: 00007ff666196b53 / 0x0106b53: 00 != 58 +7758.3dfc: 00007ff666196b54 / 0x0106b54: 00 != 58 +7758.3dfc: 00007ff666196b55 / 0x0106b55: 00 != 50 +7758.3dfc: 00007ff666196b56 / 0x0106b56: 00 != 41 +7758.3dfc: 00007ff666196b57 / 0x0106b57: 00 != 44 +7758.3dfc: 00007ff666196b58 / 0x0106b58: 00 != 44 +7758.3dfc: 00007ff666196b59 / 0x0106b59: 00 != 49 +7758.3dfc: 00007ff666196b5a / 0x0106b5a: 00 != 4e +7758.3dfc: 00007ff666196b5b / 0x0106b5b: 00 != 47 +7758.3dfc: 00007ff666196b5c / 0x0106b5c: 00 != 50 +7758.3dfc: 00007ff666196b5d / 0x0106b5d: 00 != 41 +7758.3dfc: 00007ff666196b5e / 0x0106b5e: 00 != 44 +7758.3dfc: 00007ff666196b5f / 0x0106b5f: 00 != 44 +7758.3dfc: 00007ff666196b60 / 0x0106b60: 00 != 49 +7758.3dfc: 00007ff666196b61 / 0x0106b61: 00 != 4e +7758.3dfc: 00007ff666196b62 / 0x0106b62: 00 != 47 +7758.3dfc: 00007ff666196b63 / 0x0106b63: 00 != 58 +7758.3dfc: 00007ff666196b64 / 0x0106b64: 00 != 58 +7758.3dfc: 00007ff666196b65 / 0x0106b65: 00 != 50 +7758.3dfc: 00007ff666196b66 / 0x0106b66: 00 != 41 +7758.3dfc: 00007ff666196b67 / 0x0106b67: 00 != 44 +7758.3dfc: 00007ff666196b68 / 0x0106b68: 00 != 44 +7758.3dfc: 00007ff666196b69 / 0x0106b69: 00 != 49 +7758.3dfc: 00007ff666196b6a / 0x0106b6a: 00 != 4e +7758.3dfc: 00007ff666196b6b / 0x0106b6b: 00 != 47 +7758.3dfc: 00007ff666196b6c / 0x0106b6c: 00 != 50 +7758.3dfc: 00007ff666196b6d / 0x0106b6d: 00 != 41 +7758.3dfc: 00007ff666196b6e / 0x0106b6e: 00 != 44 +7758.3dfc: 00007ff666196b6f / 0x0106b6f: 00 != 44 +7758.3dfc: 00007ff666196b70 / 0x0106b70: 00 != 49 +7758.3dfc: 00007ff666196b71 / 0x0106b71: 00 != 4e +7758.3dfc: 00007ff666196b72 / 0x0106b72: 00 != 47 +7758.3dfc: 00007ff666196b73 / 0x0106b73: 00 != 58 +7758.3dfc: 00007ff666196b74 / 0x0106b74: 00 != 58 +7758.3dfc: 00007ff666196b75 / 0x0106b75: 00 != 50 +7758.3dfc: 00007ff666196b76 / 0x0106b76: 00 != 41 +7758.3dfc: 00007ff666196b77 / 0x0106b77: 00 != 44 +7758.3dfc: 00007ff666196b78 / 0x0106b78: 00 != 44 +7758.3dfc: 00007ff666196b79 / 0x0106b79: 00 != 49 +7758.3dfc: 00007ff666196b7a / 0x0106b7a: 00 != 4e +7758.3dfc: 00007ff666196b7b / 0x0106b7b: 00 != 47 +7758.3dfc: 00007ff666196b7c / 0x0106b7c: 00 != 50 +7758.3dfc: 00007ff666196b7d / 0x0106b7d: 00 != 41 +7758.3dfc: 00007ff666196b7e / 0x0106b7e: 00 != 44 +7758.3dfc: 00007ff666196b7f / 0x0106b7f: 00 != 44 +7758.3dfc: 00007ff666196b80 / 0x0106b80: 00 != 49 +7758.3dfc: 00007ff666196b81 / 0x0106b81: 00 != 4e +7758.3dfc: 00007ff666196b82 / 0x0106b82: 00 != 47 +7758.3dfc: 00007ff666196b83 / 0x0106b83: 00 != 58 +7758.3dfc: 00007ff666196b84 / 0x0106b84: 00 != 58 +7758.3dfc: 00007ff666196b85 / 0x0106b85: 00 != 50 +7758.3dfc: 00007ff666196b86 / 0x0106b86: 00 != 41 +7758.3dfc: 00007ff666196b87 / 0x0106b87: 00 != 44 +7758.3dfc: 00007ff666196b88 / 0x0106b88: 00 != 44 +7758.3dfc: 00007ff666196b89 / 0x0106b89: 00 != 49 +7758.3dfc: 00007ff666196b8a / 0x0106b8a: 00 != 4e +7758.3dfc: 00007ff666196b8b / 0x0106b8b: 00 != 47 +7758.3dfc: 00007ff666196b8c / 0x0106b8c: 00 != 50 +7758.3dfc: 00007ff666196b8d / 0x0106b8d: 00 != 41 +7758.3dfc: 00007ff666196b8e / 0x0106b8e: 00 != 44 +7758.3dfc: 00007ff666196b8f / 0x0106b8f: 00 != 44 +7758.3dfc: 00007ff666196b90 / 0x0106b90: 00 != 49 +7758.3dfc: 00007ff666196b91 / 0x0106b91: 00 != 4e +7758.3dfc: 00007ff666196b92 / 0x0106b92: 00 != 47 +7758.3dfc: 00007ff666196b93 / 0x0106b93: 00 != 58 +7758.3dfc: 00007ff666196b94 / 0x0106b94: 00 != 58 +7758.3dfc: 00007ff666196b95 / 0x0106b95: 00 != 50 +7758.3dfc: 00007ff666196b96 / 0x0106b96: 00 != 41 +7758.3dfc: 00007ff666196b97 / 0x0106b97: 00 != 44 +7758.3dfc: 00007ff666196b98 / 0x0106b98: 00 != 44 +7758.3dfc: 00007ff666196b99 / 0x0106b99: 00 != 49 +7758.3dfc: 00007ff666196b9a / 0x0106b9a: 00 != 4e +7758.3dfc: 00007ff666196b9b / 0x0106b9b: 00 != 47 +7758.3dfc: 00007ff666196b9c / 0x0106b9c: 00 != 50 +7758.3dfc: 00007ff666196b9d / 0x0106b9d: 00 != 41 +7758.3dfc: 00007ff666196b9e / 0x0106b9e: 00 != 44 +7758.3dfc: 00007ff666196b9f / 0x0106b9f: 00 != 44 +7758.3dfc: 00007ff666196ba0 / 0x0106ba0: 00 != 49 +7758.3dfc: 00007ff666196ba1 / 0x0106ba1: 00 != 4e +7758.3dfc: 00007ff666196ba2 / 0x0106ba2: 00 != 47 +7758.3dfc: 00007ff666196ba3 / 0x0106ba3: 00 != 58 +7758.3dfc: 00007ff666196ba4 / 0x0106ba4: 00 != 58 +7758.3dfc: 00007ff666196ba5 / 0x0106ba5: 00 != 50 +7758.3dfc: 00007ff666196ba6 / 0x0106ba6: 00 != 41 +7758.3dfc: 00007ff666196ba7 / 0x0106ba7: 00 != 44 +7758.3dfc: 00007ff666196ba8 / 0x0106ba8: 00 != 44 +7758.3dfc: 00007ff666196ba9 / 0x0106ba9: 00 != 49 +7758.3dfc: 00007ff666196baa / 0x0106baa: 00 != 4e +7758.3dfc: 00007ff666196bab / 0x0106bab: 00 != 47 +7758.3dfc: 00007ff666196bac / 0x0106bac: 00 != 50 +7758.3dfc: 00007ff666196bad / 0x0106bad: 00 != 41 +7758.3dfc: 00007ff666196bae / 0x0106bae: 00 != 44 +7758.3dfc: 00007ff666196baf / 0x0106baf: 00 != 44 +7758.3dfc: 00007ff666196bb0 / 0x0106bb0: 00 != 49 +7758.3dfc: 00007ff666196bb1 / 0x0106bb1: 00 != 4e +7758.3dfc: 00007ff666196bb2 / 0x0106bb2: 00 != 47 +7758.3dfc: 00007ff666196bb3 / 0x0106bb3: 00 != 58 +7758.3dfc: 00007ff666196bb4 / 0x0106bb4: 00 != 58 +7758.3dfc: 00007ff666196bb5 / 0x0106bb5: 00 != 50 +7758.3dfc: 00007ff666196bb6 / 0x0106bb6: 00 != 41 +7758.3dfc: 00007ff666196bb7 / 0x0106bb7: 00 != 44 +7758.3dfc: 00007ff666196bb8 / 0x0106bb8: 00 != 44 +7758.3dfc: 00007ff666196bb9 / 0x0106bb9: 00 != 49 +7758.3dfc: 00007ff666196bba / 0x0106bba: 00 != 4e +7758.3dfc: 00007ff666196bbb / 0x0106bbb: 00 != 47 +7758.3dfc: 00007ff666196bbc / 0x0106bbc: 00 != 50 +7758.3dfc: 00007ff666196bbd / 0x0106bbd: 00 != 41 +7758.3dfc: 00007ff666196bbe / 0x0106bbe: 00 != 44 +7758.3dfc: 00007ff666196bbf / 0x0106bbf: 00 != 44 +7758.3dfc: 00007ff666196bc0 / 0x0106bc0: 00 != 49 +7758.3dfc: 00007ff666196bc1 / 0x0106bc1: 00 != 4e +7758.3dfc: 00007ff666196bc2 / 0x0106bc2: 00 != 47 +7758.3dfc: 00007ff666196bc3 / 0x0106bc3: 00 != 58 +7758.3dfc: 00007ff666196bc4 / 0x0106bc4: 00 != 58 +7758.3dfc: 00007ff666196bc5 / 0x0106bc5: 00 != 50 +7758.3dfc: 00007ff666196bc6 / 0x0106bc6: 00 != 41 +7758.3dfc: 00007ff666196bc7 / 0x0106bc7: 00 != 44 +7758.3dfc: 00007ff666196bc8 / 0x0106bc8: 00 != 44 +7758.3dfc: 00007ff666196bc9 / 0x0106bc9: 00 != 49 +7758.3dfc: 00007ff666196bca / 0x0106bca: 00 != 4e +7758.3dfc: 00007ff666196bcb / 0x0106bcb: 00 != 47 +7758.3dfc: 00007ff666196bcc / 0x0106bcc: 00 != 50 +7758.3dfc: 00007ff666196bcd / 0x0106bcd: 00 != 41 +7758.3dfc: 00007ff666196bce / 0x0106bce: 00 != 44 +7758.3dfc: 00007ff666196bcf / 0x0106bcf: 00 != 44 +7758.3dfc: 00007ff666196bd0 / 0x0106bd0: 00 != 49 +7758.3dfc: 00007ff666196bd1 / 0x0106bd1: 00 != 4e +7758.3dfc: 00007ff666196bd2 / 0x0106bd2: 00 != 47 +7758.3dfc: 00007ff666196bd3 / 0x0106bd3: 00 != 58 +7758.3dfc: 00007ff666196bd4 / 0x0106bd4: 00 != 58 +7758.3dfc: 00007ff666196bd5 / 0x0106bd5: 00 != 50 +7758.3dfc: 00007ff666196bd6 / 0x0106bd6: 00 != 41 +7758.3dfc: 00007ff666196bd7 / 0x0106bd7: 00 != 44 +7758.3dfc: 00007ff666196bd8 / 0x0106bd8: 00 != 44 +7758.3dfc: 00007ff666196bd9 / 0x0106bd9: 00 != 49 +7758.3dfc: 00007ff666196bda / 0x0106bda: 00 != 4e +7758.3dfc: 00007ff666196bdb / 0x0106bdb: 00 != 47 +7758.3dfc: 00007ff666196bdc / 0x0106bdc: 00 != 50 +7758.3dfc: 00007ff666196bdd / 0x0106bdd: 00 != 41 +7758.3dfc: 00007ff666196bde / 0x0106bde: 00 != 44 +7758.3dfc: 00007ff666196bdf / 0x0106bdf: 00 != 44 +7758.3dfc: 00007ff666196be0 / 0x0106be0: 00 != 49 +7758.3dfc: 00007ff666196be1 / 0x0106be1: 00 != 4e +7758.3dfc: 00007ff666196be2 / 0x0106be2: 00 != 47 +7758.3dfc: 00007ff666196be3 / 0x0106be3: 00 != 58 +7758.3dfc: 00007ff666196be4 / 0x0106be4: 00 != 58 +7758.3dfc: 00007ff666196be5 / 0x0106be5: 00 != 50 +7758.3dfc: 00007ff666196be6 / 0x0106be6: 00 != 41 +7758.3dfc: 00007ff666196be7 / 0x0106be7: 00 != 44 +7758.3dfc: 00007ff666196be8 / 0x0106be8: 00 != 44 +7758.3dfc: 00007ff666196be9 / 0x0106be9: 00 != 49 +7758.3dfc: 00007ff666196bea / 0x0106bea: 00 != 4e +7758.3dfc: 00007ff666196beb / 0x0106beb: 00 != 47 +7758.3dfc: 00007ff666196bec / 0x0106bec: 00 != 50 +7758.3dfc: 00007ff666196bed / 0x0106bed: 00 != 41 +7758.3dfc: 00007ff666196bee / 0x0106bee: 00 != 44 +7758.3dfc: 00007ff666196bef / 0x0106bef: 00 != 44 +7758.3dfc: 00007ff666196bf0 / 0x0106bf0: 00 != 49 +7758.3dfc: 00007ff666196bf1 / 0x0106bf1: 00 != 4e +7758.3dfc: 00007ff666196bf2 / 0x0106bf2: 00 != 47 +7758.3dfc: 00007ff666196bf3 / 0x0106bf3: 00 != 58 +7758.3dfc: 00007ff666196bf4 / 0x0106bf4: 00 != 58 +7758.3dfc: 00007ff666196bf5 / 0x0106bf5: 00 != 50 +7758.3dfc: 00007ff666196bf6 / 0x0106bf6: 00 != 41 +7758.3dfc: 00007ff666196bf7 / 0x0106bf7: 00 != 44 +7758.3dfc: 00007ff666196bf8 / 0x0106bf8: 00 != 44 +7758.3dfc: 00007ff666196bf9 / 0x0106bf9: 00 != 49 +7758.3dfc: 00007ff666196bfa / 0x0106bfa: 00 != 4e +7758.3dfc: 00007ff666196bfb / 0x0106bfb: 00 != 47 +7758.3dfc: 00007ff666196bfc / 0x0106bfc: 00 != 50 +7758.3dfc: 00007ff666196bfd / 0x0106bfd: 00 != 41 +7758.3dfc: 00007ff666196bfe / 0x0106bfe: 00 != 44 +7758.3dfc: 00007ff666196bff / 0x0106bff: 00 != 44 +7758.3dfc: Restored 0x4d4 bytes of original file content at 00007ff666196b2c +7758.3dfc: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3f31320 / 0x0001320: 48 != e9 +7758.3dfc: 00007ffbf3f31321 / 0x0001321: 89 != 7b +7758.3dfc: 00007ffbf3f31322 / 0x0001322: 5c != 10 +7758.3dfc: 00007ffbf3f31323 / 0x0001323: 24 != 22 +7758.3dfc: 00007ffbf3f31324 / 0x0001324: 20 != 00 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3f31000 +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3f548a0 / 0x00248a0: 4c != e9 +7758.3dfc: 00007ffbf3f548a1 / 0x00248a1: 89 != 1b +7758.3dfc: 00007ffbf3f548a2 / 0x00248a2: 4c != b8 +7758.3dfc: 00007ffbf3f548a3 / 0x00248a3: 24 != 1f +7758.3dfc: 00007ffbf3f548a4 / 0x00248a4: 20 != 00 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3f53000 +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3fd01c0 / 0x00a01c0: 4c != e9 +7758.3dfc: 00007ffbf3fd01c1 / 0x00a01c1: 8b != 7b +7758.3dfc: 00007ffbf3fd01c2 / 0x00a01c2: d1 != 1b +7758.3dfc: 00007ffbf3fd01c3 / 0x00a01c3: b8 != 18 +7758.3dfc: 00007ffbf3fd01c4 / 0x00a01c4: 08 != 00 +7758.3dfc: 00007ffbf3fd01c5 / 0x00a01c5: 00 != cc +7758.3dfc: 00007ffbf3fd01c6 / 0x00a01c6: 00 != cc +7758.3dfc: 00007ffbf3fd01c7 / 0x00a01c7: 00 != cc +7758.3dfc: 00007ffbf3fd0260 / 0x00a0260: 4c != e9 +7758.3dfc: 00007ffbf3fd0261 / 0x00a0261: 8b != bb +7758.3dfc: 00007ffbf3fd0262 / 0x00a0262: d1 != 13 +7758.3dfc: 00007ffbf3fd0263 / 0x00a0263: b8 != 18 +7758.3dfc: 00007ffbf3fd0264 / 0x00a0264: 0d != 00 +7758.3dfc: 00007ffbf3fd0265 / 0x00a0265: 00 != cc +7758.3dfc: 00007ffbf3fd0266 / 0x00a0266: 00 != cc +7758.3dfc: 00007ffbf3fd0267 / 0x00a0267: 00 != cc +7758.3dfc: 00007ffbf3fd02a0 / 0x00a02a0: 4c != e9 +7758.3dfc: 00007ffbf3fd02a1 / 0x00a02a1: 8b != fb +7758.3dfc: 00007ffbf3fd02a2 / 0x00a02a2: d1 != 02 +7758.3dfc: 00007ffbf3fd02a3 / 0x00a02a3: b8 != 18 +7758.3dfc: 00007ffbf3fd02a4 / 0x00a02a4: 0f != 00 +7758.3dfc: 00007ffbf3fd02a5 / 0x00a02a5: 00 != cc +7758.3dfc: 00007ffbf3fd02a6 / 0x00a02a6: 00 != cc +7758.3dfc: 00007ffbf3fd02a7 / 0x00a02a7: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3fce2ce +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3fd03e0 / 0x00a03e0: 4c != e9 +7758.3dfc: 00007ffbf3fd03e1 / 0x00a03e1: 8b != 3b +7758.3dfc: 00007ffbf3fd03e2 / 0x00a03e2: d1 != 18 +7758.3dfc: 00007ffbf3fd03e3 / 0x00a03e3: b8 != 18 +7758.3dfc: 00007ffbf3fd03e4 / 0x00a03e4: 19 != 00 +7758.3dfc: 00007ffbf3fd03e5 / 0x00a03e5: 00 != cc +7758.3dfc: 00007ffbf3fd03e6 / 0x00a03e6: 00 != cc +7758.3dfc: 00007ffbf3fd03e7 / 0x00a03e7: 00 != cc +7758.3dfc: 00007ffbf3fd0440 / 0x00a0440: 4c != e9 +7758.3dfc: 00007ffbf3fd0441 / 0x00a0441: 8b != db +7758.3dfc: 00007ffbf3fd0442 / 0x00a0442: d1 != 20 +7758.3dfc: 00007ffbf3fd0443 / 0x00a0443: b8 != 18 +7758.3dfc: 00007ffbf3fd0444 / 0x00a0444: 1c != 00 +7758.3dfc: 00007ffbf3fd0445 / 0x00a0445: 00 != cc +7758.3dfc: 00007ffbf3fd0446 / 0x00a0446: 00 != cc +7758.3dfc: 00007ffbf3fd0447 / 0x00a0447: 00 != cc +7758.3dfc: 00007ffbf3fd0580 / 0x00a0580: 4c != e9 +7758.3dfc: 00007ffbf3fd0581 / 0x00a0581: 8b != 3b +7758.3dfc: 00007ffbf3fd0582 / 0x00a0582: d1 != 04 +7758.3dfc: 00007ffbf3fd0583 / 0x00a0583: b8 != 18 +7758.3dfc: 00007ffbf3fd0584 / 0x00a0584: 26 != 00 +7758.3dfc: 00007ffbf3fd0585 / 0x00a0585: 00 != cc +7758.3dfc: 00007ffbf3fd0586 / 0x00a0586: 00 != cc +7758.3dfc: 00007ffbf3fd0587 / 0x00a0587: 00 != cc +7758.3dfc: 00007ffbf3fd05c0 / 0x00a05c0: 4c != e9 +7758.3dfc: 00007ffbf3fd05c1 / 0x00a05c1: 8b != fb +7758.3dfc: 00007ffbf3fd05c2 / 0x00a05c2: d1 != 06 +7758.3dfc: 00007ffbf3fd05c3 / 0x00a05c3: b8 != 18 +7758.3dfc: 00007ffbf3fd05c4 / 0x00a05c4: 28 != 00 +7758.3dfc: 00007ffbf3fd05c5 / 0x00a05c5: 00 != cc +7758.3dfc: 00007ffbf3fd05c6 / 0x00a05c6: 00 != cc +7758.3dfc: 00007ffbf3fd05c7 / 0x00a05c7: 00 != cc +7758.3dfc: 00007ffbf3fd0600 / 0x00a0600: 4c != e9 +7758.3dfc: 00007ffbf3fd0601 / 0x00a0601: 8b != 5b +7758.3dfc: 00007ffbf3fd0602 / 0x00a0602: d1 != 12 +7758.3dfc: 00007ffbf3fd0603 / 0x00a0603: b8 != 18 +7758.3dfc: 00007ffbf3fd0604 / 0x00a0604: 2a != 00 +7758.3dfc: 00007ffbf3fd0605 / 0x00a0605: 00 != cc +7758.3dfc: 00007ffbf3fd0606 / 0x00a0606: 00 != cc +7758.3dfc: 00007ffbf3fd0607 / 0x00a0607: 00 != cc +7758.3dfc: 00007ffbf3fd0640 / 0x00a0640: 4c != e9 +7758.3dfc: 00007ffbf3fd0641 / 0x00a0641: 8b != bb +7758.3dfc: 00007ffbf3fd0642 / 0x00a0642: d1 != f9 +7758.3dfc: 00007ffbf3fd0643 / 0x00a0643: b8 != 17 +7758.3dfc: 00007ffbf3fd0644 / 0x00a0644: 2c != 00 +7758.3dfc: 00007ffbf3fd0645 / 0x00a0645: 00 != cc +7758.3dfc: 00007ffbf3fd0646 / 0x00a0646: 00 != cc +7758.3dfc: 00007ffbf3fd0647 / 0x00a0647: 00 != cc +7758.3dfc: 00007ffbf3fd0800 / 0x00a0800: 4c != e9 +7758.3dfc: 00007ffbf3fd0801 / 0x00a0801: 8b != 9b +7758.3dfc: 00007ffbf3fd0802 / 0x00a0802: d1 != 00 +7758.3dfc: 00007ffbf3fd0803 / 0x00a0803: b8 != 18 +7758.3dfc: 00007ffbf3fd0804 / 0x00a0804: 3a != 00 +7758.3dfc: 00007ffbf3fd0805 / 0x00a0805: 00 != cc +7758.3dfc: 00007ffbf3fd0806 / 0x00a0806: 00 != cc +7758.3dfc: 00007ffbf3fd0807 / 0x00a0807: 00 != cc +7758.3dfc: 00007ffbf3fd0840 / 0x00a0840: 4c != e9 +7758.3dfc: 00007ffbf3fd0841 / 0x00a0841: 8b != 3b +7758.3dfc: 00007ffbf3fd0842 / 0x00a0842: d1 != 02 +7758.3dfc: 00007ffbf3fd0843 / 0x00a0843: b8 != 18 +7758.3dfc: 00007ffbf3fd0844 / 0x00a0844: 3c != 00 +7758.3dfc: 00007ffbf3fd0845 / 0x00a0845: 00 != cc +7758.3dfc: 00007ffbf3fd0846 / 0x00a0846: 00 != cc +7758.3dfc: 00007ffbf3fd0847 / 0x00a0847: 00 != cc +7758.3dfc: 00007ffbf3fd08a0 / 0x00a08a0: 4c != e9 +7758.3dfc: 00007ffbf3fd08a1 / 0x00a08a1: 8b != 7b +7758.3dfc: 00007ffbf3fd08a2 / 0x00a08a2: d1 != 0a +7758.3dfc: 00007ffbf3fd08a3 / 0x00a08a3: b8 != 18 +7758.3dfc: 00007ffbf3fd08a4 / 0x00a08a4: 3f != 00 +7758.3dfc: 00007ffbf3fd08a5 / 0x00a08a5: 00 != cc +7758.3dfc: 00007ffbf3fd08a6 / 0x00a08a6: 00 != cc +7758.3dfc: 00007ffbf3fd08a7 / 0x00a08a7: 00 != cc +7758.3dfc: 00007ffbf3fd08e0 / 0x00a08e0: 4c != e9 +7758.3dfc: 00007ffbf3fd08e1 / 0x00a08e1: 8b != 3b +7758.3dfc: 00007ffbf3fd08e2 / 0x00a08e2: d1 != f8 +7758.3dfc: 00007ffbf3fd08e3 / 0x00a08e3: b8 != 17 +7758.3dfc: 00007ffbf3fd08e4 / 0x00a08e4: 41 != 00 +7758.3dfc: 00007ffbf3fd08e5 / 0x00a08e5: 00 != cc +7758.3dfc: 00007ffbf3fd08e6 / 0x00a08e6: 00 != cc +7758.3dfc: 00007ffbf3fd08e7 / 0x00a08e7: 00 != cc +7758.3dfc: 00007ffbf3fd0960 / 0x00a0960: 4c != e9 +7758.3dfc: 00007ffbf3fd0961 / 0x00a0961: 8b != db +7758.3dfc: 00007ffbf3fd0962 / 0x00a0962: d1 != 01 +7758.3dfc: 00007ffbf3fd0963 / 0x00a0963: b8 != 18 +7758.3dfc: 00007ffbf3fd0964 / 0x00a0964: 45 != 00 +7758.3dfc: 00007ffbf3fd0965 / 0x00a0965: 00 != cc +7758.3dfc: 00007ffbf3fd0966 / 0x00a0966: 00 != cc +7758.3dfc: 00007ffbf3fd0967 / 0x00a0967: 00 != cc +7758.3dfc: 00007ffbf3fd0a00 / 0x00a0a00: 4c != e9 +7758.3dfc: 00007ffbf3fd0a01 / 0x00a0a01: 8b != 9b +7758.3dfc: 00007ffbf3fd0a02 / 0x00a0a02: d1 != 13 +7758.3dfc: 00007ffbf3fd0a03 / 0x00a0a03: b8 != 18 +7758.3dfc: 00007ffbf3fd0a04 / 0x00a0a04: 4a != 00 +7758.3dfc: 00007ffbf3fd0a05 / 0x00a0a05: 00 != cc +7758.3dfc: 00007ffbf3fd0a06 / 0x00a0a06: 00 != cc +7758.3dfc: 00007ffbf3fd0a07 / 0x00a0a07: 00 != cc +7758.3dfc: 00007ffbf3fd0a60 / 0x00a0a60: 4c != e9 +7758.3dfc: 00007ffbf3fd0a61 / 0x00a0a61: 8b != fb +7758.3dfc: 00007ffbf3fd0a62 / 0x00a0a62: d1 != fb +7758.3dfc: 00007ffbf3fd0a63 / 0x00a0a63: b8 != 17 +7758.3dfc: 00007ffbf3fd0a64 / 0x00a0a64: 4d != 00 +7758.3dfc: 00007ffbf3fd0a65 / 0x00a0a65: 00 != cc +7758.3dfc: 00007ffbf3fd0a66 / 0x00a0a66: 00 != cc +7758.3dfc: 00007ffbf3fd0a67 / 0x00a0a67: 00 != cc +7758.3dfc: 00007ffbf3fd0a80 / 0x00a0a80: 4c != e9 +7758.3dfc: 00007ffbf3fd0a81 / 0x00a0a81: 8b != 5b +7758.3dfc: 00007ffbf3fd0a82 / 0x00a0a82: d1 != fd +7758.3dfc: 00007ffbf3fd0a83 / 0x00a0a83: b8 != 17 +7758.3dfc: 00007ffbf3fd0a84 / 0x00a0a84: 4e != 00 +7758.3dfc: 00007ffbf3fd0a85 / 0x00a0a85: 00 != cc +7758.3dfc: 00007ffbf3fd0a86 / 0x00a0a86: 00 != cc +7758.3dfc: 00007ffbf3fd0a87 / 0x00a0a87: 00 != cc +7758.3dfc: 00007ffbf3fd0b00 / 0x00a0b00: 4c != e9 +7758.3dfc: 00007ffbf3fd0b01 / 0x00a0b01: 8b != 1b +7758.3dfc: 00007ffbf3fd0b02 / 0x00a0b02: d1 != 0e +7758.3dfc: 00007ffbf3fd0b03 / 0x00a0b03: b8 != 18 +7758.3dfc: 00007ffbf3fd0b04 / 0x00a0b04: 52 != 00 +7758.3dfc: 00007ffbf3fd0b05 / 0x00a0b05: 00 != cc +7758.3dfc: 00007ffbf3fd0b06 / 0x00a0b06: 00 != cc +7758.3dfc: 00007ffbf3fd0b07 / 0x00a0b07: 00 != cc +7758.3dfc: 00007ffbf3fd0fd0 / 0x00a0fd0: 4c != e9 +7758.3dfc: 00007ffbf3fd0fd1 / 0x00a0fd1: 8b != ab +7758.3dfc: 00007ffbf3fd0fd2 / 0x00a0fd2: d1 != 06 +7758.3dfc: 00007ffbf3fd0fd3 / 0x00a0fd3: b8 != 18 +7758.3dfc: 00007ffbf3fd0fd4 / 0x00a0fd4: 79 != 00 +7758.3dfc: 00007ffbf3fd0fd5 / 0x00a0fd5: 00 != cc +7758.3dfc: 00007ffbf3fd0fd6 / 0x00a0fd6: 00 != cc +7758.3dfc: 00007ffbf3fd0fd7 / 0x00a0fd7: 00 != cc +7758.3dfc: 00007ffbf3fd1010 / 0x00a1010: 4c != e9 +7758.3dfc: 00007ffbf3fd1011 / 0x00a1011: 8b != cb +7758.3dfc: 00007ffbf3fd1012 / 0x00a1012: d1 != 06 +7758.3dfc: 00007ffbf3fd1013 / 0x00a1013: b8 != 18 +7758.3dfc: 00007ffbf3fd1014 / 0x00a1014: 7b != 00 +7758.3dfc: 00007ffbf3fd1015 / 0x00a1015: 00 != cc +7758.3dfc: 00007ffbf3fd1016 / 0x00a1016: 00 != cc +7758.3dfc: 00007ffbf3fd1017 / 0x00a1017: 00 != cc +7758.3dfc: 00007ffbf3fd1230 / 0x00a1230: 4c != e9 +7758.3dfc: 00007ffbf3fd1231 / 0x00a1231: 8b != 0b +7758.3dfc: 00007ffbf3fd1232 / 0x00a1232: d1 != 05 +7758.3dfc: 00007ffbf3fd1233 / 0x00a1233: b8 != 18 +7758.3dfc: 00007ffbf3fd1234 / 0x00a1234: 8c != 00 +7758.3dfc: 00007ffbf3fd1235 / 0x00a1235: 00 != cc +7758.3dfc: 00007ffbf3fd1236 / 0x00a1236: 00 != cc +7758.3dfc: 00007ffbf3fd1237 / 0x00a1237: 00 != cc +7758.3dfc: 00007ffbf3fd1410 / 0x00a1410: 4c != e9 +7758.3dfc: 00007ffbf3fd1411 / 0x00a1411: 8b != ab +7758.3dfc: 00007ffbf3fd1412 / 0x00a1412: d1 != 0a +7758.3dfc: 00007ffbf3fd1413 / 0x00a1413: b8 != 18 +7758.3dfc: 00007ffbf3fd1414 / 0x00a1414: 9b != 00 +7758.3dfc: 00007ffbf3fd1415 / 0x00a1415: 00 != cc +7758.3dfc: 00007ffbf3fd1416 / 0x00a1416: 00 != cc +7758.3dfc: 00007ffbf3fd1417 / 0x00a1417: 00 != cc +7758.3dfc: 00007ffbf3fd17b0 / 0x00a17b0: 4c != e9 +7758.3dfc: 00007ffbf3fd17b1 / 0x00a17b1: 8b != cb +7758.3dfc: 00007ffbf3fd17b2 / 0x00a17b2: d1 != 07 +7758.3dfc: 00007ffbf3fd17b3 / 0x00a17b3: b8 != 18 +7758.3dfc: 00007ffbf3fd17b4 / 0x00a17b4: b8 != 00 +7758.3dfc: 00007ffbf3fd17b5 / 0x00a17b5: 00 != cc +7758.3dfc: 00007ffbf3fd17b6 / 0x00a17b6: 00 != cc +7758.3dfc: 00007ffbf3fd17b7 / 0x00a17b7: 00 != cc +7758.3dfc: 00007ffbf3fd1870 / 0x00a1870: 4c != e9 +7758.3dfc: 00007ffbf3fd1872 / 0x00a1872: d1 != ed +7758.3dfc: 00007ffbf3fd1873 / 0x00a1873: b8 != 17 +7758.3dfc: 00007ffbf3fd1874 / 0x00a1874: be != 00 +7758.3dfc: 00007ffbf3fd1875 / 0x00a1875: 00 != cc +7758.3dfc: 00007ffbf3fd1876 / 0x00a1876: 00 != cc +7758.3dfc: 00007ffbf3fd1877 / 0x00a1877: 00 != cc +7758.3dfc: 00007ffbf3fd1930 / 0x00a1930: 4c != e9 +7758.3dfc: 00007ffbf3fd1931 / 0x00a1931: 8b != cb +7758.3dfc: 00007ffbf3fd1932 / 0x00a1932: d1 != 04 +7758.3dfc: 00007ffbf3fd1933 / 0x00a1933: b8 != 18 +7758.3dfc: 00007ffbf3fd1934 / 0x00a1934: c4 != 00 +7758.3dfc: 00007ffbf3fd1935 / 0x00a1935: 00 != cc +7758.3dfc: 00007ffbf3fd1936 / 0x00a1936: 00 != cc +7758.3dfc: 00007ffbf3fd1937 / 0x00a1937: 00 != cc +7758.3dfc: 00007ffbf3fd1970 / 0x00a1970: 4c != e9 +7758.3dfc: 00007ffbf3fd1971 / 0x00a1971: 8b != cb +7758.3dfc: 00007ffbf3fd1972 / 0x00a1972: d1 != 06 +7758.3dfc: 00007ffbf3fd1973 / 0x00a1973: b8 != 18 +7758.3dfc: 00007ffbf3fd1974 / 0x00a1974: c6 != 00 +7758.3dfc: 00007ffbf3fd1975 / 0x00a1975: 00 != cc +7758.3dfc: 00007ffbf3fd1976 / 0x00a1976: 00 != cc +7758.3dfc: 00007ffbf3fd1977 / 0x00a1977: 00 != cc +7758.3dfc: 00007ffbf3fd1990 / 0x00a1990: 4c != e9 +7758.3dfc: 00007ffbf3fd1991 / 0x00a1991: 8b != ab +7758.3dfc: 00007ffbf3fd1992 / 0x00a1992: d1 != ee +7758.3dfc: 00007ffbf3fd1993 / 0x00a1993: b8 != 17 +7758.3dfc: 00007ffbf3fd1994 / 0x00a1994: c7 != 00 +7758.3dfc: 00007ffbf3fd1995 / 0x00a1995: 00 != cc +7758.3dfc: 00007ffbf3fd1996 / 0x00a1996: 00 != cc +7758.3dfc: 00007ffbf3fd1997 / 0x00a1997: 00 != cc +7758.3dfc: 00007ffbf3fd1a50 / 0x00a1a50: 4c != e9 +7758.3dfc: 00007ffbf3fd1a51 / 0x00a1a51: 8b != 2b +7758.3dfc: 00007ffbf3fd1a52 / 0x00a1a52: d1 != 02 +7758.3dfc: 00007ffbf3fd1a53 / 0x00a1a53: b8 != 18 +7758.3dfc: 00007ffbf3fd1a54 / 0x00a1a54: cd != 00 +7758.3dfc: 00007ffbf3fd1a55 / 0x00a1a55: 00 != cc +7758.3dfc: 00007ffbf3fd1a56 / 0x00a1a56: 00 != cc +7758.3dfc: 00007ffbf3fd1a57 / 0x00a1a57: 00 != cc +7758.3dfc: 00007ffbf3fd1a90 / 0x00a1a90: 4c != e9 +7758.3dfc: 00007ffbf3fd1a91 / 0x00a1a91: 8b != 2b +7758.3dfc: 00007ffbf3fd1a92 / 0x00a1a92: d1 != ec +7758.3dfc: 00007ffbf3fd1a93 / 0x00a1a93: b8 != 17 +7758.3dfc: 00007ffbf3fd1a94 / 0x00a1a94: cf != 00 +7758.3dfc: 00007ffbf3fd1a95 / 0x00a1a95: 00 != cc +7758.3dfc: 00007ffbf3fd1a96 / 0x00a1a96: 00 != cc +7758.3dfc: 00007ffbf3fd1a97 / 0x00a1a97: 00 != cc +7758.3dfc: 00007ffbf3fd2230 / 0x00a2230: 4c != e9 +7758.3dfc: 00007ffbf3fd2231 / 0x00a2231: 8b != ab +7758.3dfc: 00007ffbf3fd2232 / 0x00a2232: d1 != fd +7758.3dfc: 00007ffbf3fd2233 / 0x00a2233: b8 != 17 +7758.3dfc: 00007ffbf3fd2234 / 0x00a2234: 0c != 00 +7758.3dfc: 00007ffbf3fd2235 / 0x00a2235: 01 != cc +7758.3dfc: 00007ffbf3fd2236 / 0x00a2236: 00 != cc +7758.3dfc: 00007ffbf3fd2237 / 0x00a2237: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3fd02ce +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3fd2430 / 0x00a2430: 4c != e9 +7758.3dfc: 00007ffbf3fd2431 / 0x00a2431: 8b != eb +7758.3dfc: 00007ffbf3fd2432 / 0x00a2432: d1 != e8 +7758.3dfc: 00007ffbf3fd2433 / 0x00a2433: b8 != 17 +7758.3dfc: 00007ffbf3fd2434 / 0x00a2434: 1c != 00 +7758.3dfc: 00007ffbf3fd2435 / 0x00a2435: 01 != cc +7758.3dfc: 00007ffbf3fd2436 / 0x00a2436: 00 != cc +7758.3dfc: 00007ffbf3fd2437 / 0x00a2437: 00 != cc +7758.3dfc: 00007ffbf3fd2e10 / 0x00a2e10: 4c != e9 +7758.3dfc: 00007ffbf3fd2e11 / 0x00a2e11: 8b != eb +7758.3dfc: 00007ffbf3fd2e12 / 0x00a2e12: d1 != e9 +7758.3dfc: 00007ffbf3fd2e13 / 0x00a2e13: b8 != 17 +7758.3dfc: 00007ffbf3fd2e14 / 0x00a2e14: 6b != 00 +7758.3dfc: 00007ffbf3fd2e15 / 0x00a2e15: 01 != cc +7758.3dfc: 00007ffbf3fd2e16 / 0x00a2e16: 00 != cc +7758.3dfc: 00007ffbf3fd2e17 / 0x00a2e17: 00 != cc +7758.3dfc: 00007ffbf3fd2eb0 / 0x00a2eb0: 4c != e9 +7758.3dfc: 00007ffbf3fd2eb1 / 0x00a2eb1: 8b != eb +7758.3dfc: 00007ffbf3fd2eb2 / 0x00a2eb2: d1 != dc +7758.3dfc: 00007ffbf3fd2eb3 / 0x00a2eb3: b8 != 17 +7758.3dfc: 00007ffbf3fd2eb4 / 0x00a2eb4: 70 != 00 +7758.3dfc: 00007ffbf3fd2eb5 / 0x00a2eb5: 01 != cc +7758.3dfc: 00007ffbf3fd2eb6 / 0x00a2eb6: 00 != cc +7758.3dfc: 00007ffbf3fd2eb7 / 0x00a2eb7: 00 != cc +7758.3dfc: 00007ffbf3fd2ed0 / 0x00a2ed0: 4c != e9 +7758.3dfc: 00007ffbf3fd2ed1 / 0x00a2ed1: 8b != eb +7758.3dfc: 00007ffbf3fd2ed2 / 0x00a2ed2: d1 != f5 +7758.3dfc: 00007ffbf3fd2ed3 / 0x00a2ed3: b8 != 17 +7758.3dfc: 00007ffbf3fd2ed4 / 0x00a2ed4: 71 != 00 +7758.3dfc: 00007ffbf3fd2ed5 / 0x00a2ed5: 01 != cc +7758.3dfc: 00007ffbf3fd2ed6 / 0x00a2ed6: 00 != cc +7758.3dfc: 00007ffbf3fd2ed7 / 0x00a2ed7: 00 != cc +7758.3dfc: 00007ffbf3fd2f10 / 0x00a2f10: 4c != e9 +7758.3dfc: 00007ffbf3fd2f11 / 0x00a2f11: 8b != ab +7758.3dfc: 00007ffbf3fd2f12 / 0x00a2f12: d1 != d4 +7758.3dfc: 00007ffbf3fd2f13 / 0x00a2f13: b8 != 17 +7758.3dfc: 00007ffbf3fd2f14 / 0x00a2f14: 73 != 00 +7758.3dfc: 00007ffbf3fd2f15 / 0x00a2f15: 01 != cc +7758.3dfc: 00007ffbf3fd2f16 / 0x00a2f16: 00 != cc +7758.3dfc: 00007ffbf3fd2f17 / 0x00a2f17: 00 != cc +7758.3dfc: 00007ffbf3fd3250 / 0x00a3250: 4c != e9 +7758.3dfc: 00007ffbf3fd3251 / 0x00a3251: 8b != 0b +7758.3dfc: 00007ffbf3fd3252 / 0x00a3252: d1 != ec +7758.3dfc: 00007ffbf3fd3253 / 0x00a3253: b8 != 17 +7758.3dfc: 00007ffbf3fd3254 / 0x00a3254: 8d != 00 +7758.3dfc: 00007ffbf3fd3255 / 0x00a3255: 01 != cc +7758.3dfc: 00007ffbf3fd3256 / 0x00a3256: 00 != cc +7758.3dfc: 00007ffbf3fd3257 / 0x00a3257: 00 != cc +7758.3dfc: 00007ffbf3fd33b0 / 0x00a33b0: 4c != e9 +7758.3dfc: 00007ffbf3fd33b1 / 0x00a33b1: 8b != 4b +7758.3dfc: 00007ffbf3fd33b2 / 0x00a33b2: d1 != d8 +7758.3dfc: 00007ffbf3fd33b3 / 0x00a33b3: b8 != 17 +7758.3dfc: 00007ffbf3fd33b4 / 0x00a33b4: 98 != 00 +7758.3dfc: 00007ffbf3fd33b5 / 0x00a33b5: 01 != cc +7758.3dfc: 00007ffbf3fd33b6 / 0x00a33b6: 00 != cc +7758.3dfc: 00007ffbf3fd33b7 / 0x00a33b7: 00 != cc +7758.3dfc: 00007ffbf3fd3610 / 0x00a3610: 4c != e9 +7758.3dfc: 00007ffbf3fd3611 / 0x00a3611: 8b != 0b +7758.3dfc: 00007ffbf3fd3612 / 0x00a3612: d1 != e9 +7758.3dfc: 00007ffbf3fd3613 / 0x00a3613: b8 != 17 +7758.3dfc: 00007ffbf3fd3614 / 0x00a3614: ab != 00 +7758.3dfc: 00007ffbf3fd3615 / 0x00a3615: 01 != cc +7758.3dfc: 00007ffbf3fd3616 / 0x00a3616: 00 != cc +7758.3dfc: 00007ffbf3fd3617 / 0x00a3617: 00 != cc +7758.3dfc: 00007ffbf3fd37b0 / 0x00a37b0: 4c != e9 +7758.3dfc: 00007ffbf3fd37b1 / 0x00a37b1: 8b != eb +7758.3dfc: 00007ffbf3fd37b2 / 0x00a37b2: d1 != df +7758.3dfc: 00007ffbf3fd37b3 / 0x00a37b3: b8 != 17 +7758.3dfc: 00007ffbf3fd37b4 / 0x00a37b4: b8 != 00 +7758.3dfc: 00007ffbf3fd37b5 / 0x00a37b5: 01 != cc +7758.3dfc: 00007ffbf3fd37b6 / 0x00a37b6: 00 != cc +7758.3dfc: 00007ffbf3fd37b7 / 0x00a37b7: 00 != cc +7758.3dfc: 00007ffbf3fd3910 / 0x00a3910: 4c != e9 +7758.3dfc: 00007ffbf3fd3911 / 0x00a3911: 8b != cb +7758.3dfc: 00007ffbf3fd3912 / 0x00a3912: d1 != e9 +7758.3dfc: 00007ffbf3fd3913 / 0x00a3913: b8 != 17 +7758.3dfc: 00007ffbf3fd3914 / 0x00a3914: c3 != 00 +7758.3dfc: 00007ffbf3fd3915 / 0x00a3915: 01 != cc +7758.3dfc: 00007ffbf3fd3916 / 0x00a3916: 00 != cc +7758.3dfc: 00007ffbf3fd3917 / 0x00a3917: 00 != cc +7758.3dfc: 00007ffbf3fd3a30 / 0x00a3a30: 4c != e9 +7758.3dfc: 00007ffbf3fd3a31 / 0x00a3a31: 8b != 0b +7758.3dfc: 00007ffbf3fd3a32 / 0x00a3a32: d1 != e9 +7758.3dfc: 00007ffbf3fd3a33 / 0x00a3a33: b8 != 17 +7758.3dfc: 00007ffbf3fd3a34 / 0x00a3a34: cc != 00 +7758.3dfc: 00007ffbf3fd3a35 / 0x00a3a35: 01 != cc +7758.3dfc: 00007ffbf3fd3a36 / 0x00a3a36: 00 != cc +7758.3dfc: 00007ffbf3fd3a37 / 0x00a3a37: 00 != cc +7758.3dfc: Restored 0x1d02 bytes of original file content at 00007ffbf3fd22ce +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf4016f40 / 0x00e6f40: 4c != e9 +7758.3dfc: 00007ffbf4016f41 / 0x00e6f41: 8b != 7b +7758.3dfc: 00007ffbf4016f42 / 0x00e6f42: c2 != a9 +7758.3dfc: 00007ffbf4016f43 / 0x00e6f43: 41 != 13 +7758.3dfc: 00007ffbf4016f44 / 0x00e6f44: b9 != 00 +7758.3dfc: 00007ffbf4016f46 / 0x00e6f46: 02 != cc +7758.3dfc: 00007ffbf4016f47 / 0x00e6f47: 00 != cc +7758.3dfc: 00007ffbf4016f48 / 0x00e6f48: 00 != cc +7758.3dfc: 00007ffbf40173d0 / 0x00e73d0: 48 != e9 +7758.3dfc: 00007ffbf40173d1 / 0x00e73d1: 8b != 4b +7758.3dfc: 00007ffbf40173d2 / 0x00e73d2: c4 != 90 +7758.3dfc: 00007ffbf40173d3 / 0x00e73d3: 48 != 13 +7758.3dfc: 00007ffbf40173d4 / 0x00e73d4: 89 != 00 +7758.3dfc: 00007ffbf40173d5 / 0x00e73d5: 58 != cc +7758.3dfc: 00007ffbf40173d6 / 0x00e73d6: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf401614e +7758.3dfc: ntdll.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf4057b60 / 0x0127b60: 48 != e9 +7758.3dfc: 00007ffbf4057b61 / 0x0127b61: 8b != 1b +7758.3dfc: 00007ffbf4057b62 / 0x0127b62: c4 != a7 +7758.3dfc: 00007ffbf4057b63 / 0x0127b63: 48 != 0f +7758.3dfc: 00007ffbf4057b64 / 0x0127b64: 89 != 00 +7758.3dfc: 00007ffbf4057b65 / 0x0127b65: 58 != cc +7758.3dfc: 00007ffbf4057b66 / 0x0127b66: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf405614e +7758.3dfc: ntdll.dll: Differences in section #9 (.00cfg) between file and memory: +7758.3dfc: 00007ffbf40cf000 / 0x019f000: 80 != 30 +7758.3dfc: 00007ffbf40cf001 / 0x019f001: 3d != f2 +7758.3dfc: 00007ffbf40cf002 / 0x019f002: fd != fb +7758.3dfc: 00007ffbf40cf008 / 0x019f008: e0 != f0 +7758.3dfc: 00007ffbf40cf009 / 0x019f009: ef != f0 +7758.3dfc: 00007ffbf40cf010 / 0x019f010: a0 != 30 +7758.3dfc: 00007ffbf40cf011 / 0x019f011: 3d != f2 +7758.3dfc: 00007ffbf40cf012 / 0x019f012: fd != fb +7758.3dfc: 00007ffbf40cf018 / 0x019f018: a0 != 30 +7758.3dfc: 00007ffbf40cf019 / 0x019f019: 3d != f2 +7758.3dfc: 00007ffbf40cf01a / 0x019f01a: fd != fb +7758.3dfc: Restored 0x28 bytes of original file content at 00007ffbf40cf000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3024550 / 0x0014550: 4c != e9 +7758.3dfc: 00007ffbf3024551 / 0x0014551: 8b != eb +7758.3dfc: 00007ffbf3024552 / 0x0014552: dc != bf +7758.3dfc: 00007ffbf3024553 / 0x0014553: 53 != 12 +7758.3dfc: 00007ffbf3024554 / 0x0014554: 56 != 01 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3023000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf30342d0 / 0x00242d0: 89 != e9 +7758.3dfc: 00007ffbf30342d1 / 0x00242d1: 54 != 8b +7758.3dfc: 00007ffbf30342d2 / 0x00242d2: 24 != c9 +7758.3dfc: 00007ffbf30342d3 / 0x00242d3: 10 != 11 +7758.3dfc: 00007ffbf30342d4 / 0x00242d4: 89 != 01 +7758.3dfc: 00007ffbf30342d5 / 0x00242d5: 4c != cc +7758.3dfc: 00007ffbf30342d6 / 0x00242d6: 24 != cc +7758.3dfc: 00007ffbf30342d7 / 0x00242d7: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3033000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3037300 / 0x0027300: 48 != e9 +7758.3dfc: 00007ffbf3037301 / 0x0027301: 83 != 9b +7758.3dfc: 00007ffbf3037302 / 0x0027302: ec != 9b +7758.3dfc: 00007ffbf3037303 / 0x0027303: 38 != 11 +7758.3dfc: 00007ffbf3037304 / 0x0027304: 48 != 01 +7758.3dfc: 00007ffbf3037305 / 0x0027305: 83 != cc +7758.3dfc: 00007ffbf3037306 / 0x0027306: 64 != cc +7758.3dfc: 00007ffbf3037307 / 0x0027307: 24 != cc +7758.3dfc: 00007ffbf3037308 / 0x0027308: 28 != cc +7758.3dfc: 00007ffbf3037309 / 0x0027309: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3037000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf30727a0 / 0x00627a0: 48 != e9 +7758.3dfc: 00007ffbf30727a1 / 0x00627a1: 89 != fb +7758.3dfc: 00007ffbf30727a2 / 0x00627a2: 5c != f8 +7758.3dfc: 00007ffbf30727a3 / 0x00627a3: 24 != 0d +7758.3dfc: 00007ffbf30727a4 / 0x00627a4: 08 != 01 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3071000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3073300 / 0x0063300: 48 != e9 +7758.3dfc: 00007ffbf3073301 / 0x0063301: 8b != db +7758.3dfc: 00007ffbf3073302 / 0x0063302: c4 != e9 +7758.3dfc: 00007ffbf3073303 / 0x0063303: 48 != 0d +7758.3dfc: 00007ffbf3073304 / 0x0063304: 89 != 01 +7758.3dfc: 00007ffbf3073305 / 0x0063305: 58 != cc +7758.3dfc: 00007ffbf3073306 / 0x0063306: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3073000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf30750f0 / 0x00650f0: 48 != e9 +7758.3dfc: 00007ffbf30750f1 / 0x00650f1: 83 != 6b +7758.3dfc: 00007ffbf30750f2 / 0x00650f2: ec != be +7758.3dfc: 00007ffbf30750f3 / 0x00650f3: 38 != 0d +7758.3dfc: 00007ffbf30750f4 / 0x00650f4: 48 != 01 +7758.3dfc: 00007ffbf30750f5 / 0x00650f5: 83 != cc +7758.3dfc: 00007ffbf30750f6 / 0x00650f6: 64 != cc +7758.3dfc: 00007ffbf30750f7 / 0x00650f7: 24 != cc +7758.3dfc: 00007ffbf30750f8 / 0x00650f8: 28 != cc +7758.3dfc: 00007ffbf30750f9 / 0x00650f9: 00 != cc +7758.3dfc: 00007ffbf30761e0 / 0x00661e0: 48 != e9 +7758.3dfc: 00007ffbf30761e1 / 0x00661e1: 89 != fb +7758.3dfc: 00007ffbf30761e2 / 0x00661e2: 5c != ab +7758.3dfc: 00007ffbf30761e3 / 0x00661e3: 24 != 0d +7758.3dfc: 00007ffbf30761e4 / 0x00661e4: 08 != 01 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3075000 +7758.3dfc: kernel32.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf3078600 / 0x0068600: 48 != e9 +7758.3dfc: 00007ffbf3078601 / 0x0068601: 8b != 5b +7758.3dfc: 00007ffbf3078602 / 0x0068602: c4 != 9b +7758.3dfc: 00007ffbf3078603 / 0x0068603: 48 != 0d +7758.3dfc: 00007ffbf3078604 / 0x0068604: 89 != 01 +7758.3dfc: 00007ffbf3078605 / 0x0068605: 58 != cc +7758.3dfc: 00007ffbf3078606 / 0x0068606: 10 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3077000 +7758.3dfc: kernel32.dll: Differences in section #2 (.rdata) between file and memory: +7758.3dfc: 00007ffbf3094910 / 0x0084910: f0 != 50 +7758.3dfc: 00007ffbf3094911 / 0x0084911: b7 != be +7758.3dfc: 00007ffbf3094912 / 0x0084912: 54 != 40 +7758.3dfc: 00007ffbf3094913 / 0x0084913: f1 != ed +7758.3dfc: 00007ffbf3095bc0 / 0x0085bc0: b0 != 00 +7758.3dfc: 00007ffbf3095bc1 / 0x0085bc1: 0c != 84 +7758.3dfc: 00007ffbf3095bc2 / 0x0085bc2: fd != 40 +7758.3dfc: 00007ffbf3095bc3 / 0x0085bc3: f3 != ed +7758.3dfc: 00007ffbf3095fe0 / 0x0085fe0: a0 != 90 +7758.3dfc: 00007ffbf3095fe1 / 0x0085fe1: 05 != 79 +7758.3dfc: 00007ffbf3095fe2 / 0x0085fe2: fd != 3d +7758.3dfc: 00007ffbf3095fe3 / 0x0085fe3: f3 != ed +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3094000 +7758.3dfc: kernel32.dll: Differences in section #2 (.rdata) between file and memory: +7758.3dfc: 00007ffbf3096160 / 0x0086160: 60 != 10 +7758.3dfc: 00007ffbf3096161 / 0x0086161: 0b != 82 +7758.3dfc: 00007ffbf3096162 / 0x0086162: fd != 40 +7758.3dfc: 00007ffbf3096163 / 0x0086163: f3 != ed +7758.3dfc: 00007ffbf3096548 / 0x0086548: 60 != 10 +7758.3dfc: 00007ffbf3096549 / 0x0086549: 0b != 82 +7758.3dfc: 00007ffbf309654a / 0x008654a: fd != 40 +7758.3dfc: 00007ffbf309654b / 0x008654b: f3 != ed +7758.3dfc: 00007ffbf30966b8 / 0x00866b8: 70 != f0 +7758.3dfc: 00007ffbf30966b9 / 0x00866b9: ff != f0 +7758.3dfc: 00007ffbf30966ba / 0x00866ba: 02 != fb +7758.3dfc: 00007ffbf30966c0 / 0x00866c0: 10 != 30 +7758.3dfc: 00007ffbf30966c1 / 0x00866c1: 42 != f2 +7758.3dfc: 00007ffbf30966c2 / 0x00866c2: 03 != fb +7758.3dfc: 00007ffbf30966c8 / 0x00866c8: 70 != f0 +7758.3dfc: 00007ffbf30966c9 / 0x00866c9: ff != f0 +7758.3dfc: 00007ffbf30966ca / 0x00866ca: 02 != fb +7758.3dfc: 00007ffbf30966d1 / 0x00866d1: 42 != f2 +7758.3dfc: 00007ffbf30966d2 / 0x00866d2: 03 != fb +7758.3dfc: 00007ffbf30966d9 / 0x00866d9: 42 != f2 +7758.3dfc: 00007ffbf30966da / 0x00866da: 03 != fb +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf3096000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1531e10 / 0x0011e10: 40 != e9 +7758.3dfc: 00007ffbf1531e11 / 0x0011e11: 53 != 2b +7758.3dfc: 00007ffbf1531e12 / 0x0011e12: 57 != f3 +7758.3dfc: 00007ffbf1531e13 / 0x0011e13: 41 != c1 +7758.3dfc: 00007ffbf1531e14 / 0x0011e14: 56 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1531000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1536830 / 0x0016830: 65 != e9 +7758.3dfc: 00007ffbf1536831 / 0x0016831: 48 != cb +7758.3dfc: 00007ffbf1536832 / 0x0016832: 8b != bb +7758.3dfc: 00007ffbf1536833 / 0x0016833: 04 != c1 +7758.3dfc: 00007ffbf1536834 / 0x0016834: 25 != 02 +7758.3dfc: 00007ffbf1536835 / 0x0016835: 60 != cc +7758.3dfc: 00007ffbf1536836 / 0x0016836: 00 != cc +7758.3dfc: 00007ffbf1536837 / 0x0016837: 00 != cc +7758.3dfc: 00007ffbf1536838 / 0x0016838: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1535000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1549270 / 0x0029270: 40 != e9 +7758.3dfc: 00007ffbf1549271 / 0x0029271: 53 != 0b +7758.3dfc: 00007ffbf1549272 / 0x0029272: 48 != 7b +7758.3dfc: 00007ffbf1549273 / 0x0029273: 83 != c0 +7758.3dfc: 00007ffbf1549274 / 0x0029274: ec != 02 +7758.3dfc: 00007ffbf1549275 / 0x0029275: 20 != cc +7758.3dfc: 00007ffbf1549d10 / 0x0029d10: 48 != e9 +7758.3dfc: 00007ffbf1549d11 / 0x0029d11: 89 != ab +7758.3dfc: 00007ffbf1549d12 / 0x0029d12: 5c != 84 +7758.3dfc: 00007ffbf1549d13 / 0x0029d13: 24 != c0 +7758.3dfc: 00007ffbf1549d14 / 0x0029d14: 18 != 02 +7758.3dfc: 00007ffbf1549e70 / 0x0029e70: 48 != e9 +7758.3dfc: 00007ffbf1549e71 / 0x0029e71: 8b != ab +7758.3dfc: 00007ffbf1549e72 / 0x0029e72: c4 != 83 +7758.3dfc: 00007ffbf1549e73 / 0x0029e73: 48 != c0 +7758.3dfc: 00007ffbf1549e74 / 0x0029e74: 89 != 02 +7758.3dfc: 00007ffbf1549e75 / 0x0029e75: 58 != cc +7758.3dfc: 00007ffbf1549e76 / 0x0029e76: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1549000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1552a90 / 0x0032a90: 48 != e9 +7758.3dfc: 00007ffbf1552a91 / 0x0032a91: 89 != 8b +7758.3dfc: 00007ffbf1552a92 / 0x0032a92: 5c != e5 +7758.3dfc: 00007ffbf1552a93 / 0x0032a93: 24 != bf +7758.3dfc: 00007ffbf1552a94 / 0x0032a94: 08 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1551000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf155bee0 / 0x003bee0: 40 != e9 +7758.3dfc: 00007ffbf155bee1 / 0x003bee1: 53 != 9b +7758.3dfc: 00007ffbf155bee2 / 0x003bee2: 48 != 5a +7758.3dfc: 00007ffbf155bee3 / 0x003bee3: 81 != bf +7758.3dfc: 00007ffbf155bee4 / 0x003bee4: ec != 02 +7758.3dfc: 00007ffbf155bee5 / 0x003bee5: 80 != cc +7758.3dfc: 00007ffbf155bee6 / 0x003bee6: 00 != cc +7758.3dfc: 00007ffbf155bee7 / 0x003bee7: 00 != cc +7758.3dfc: 00007ffbf155bee8 / 0x003bee8: 00 != cc +7758.3dfc: 00007ffbf155bf70 / 0x003bf70: 40 != e9 +7758.3dfc: 00007ffbf155bf71 / 0x003bf71: 53 != 6b +7758.3dfc: 00007ffbf155bf72 / 0x003bf72: 48 != 5a +7758.3dfc: 00007ffbf155bf73 / 0x003bf73: 81 != bf +7758.3dfc: 00007ffbf155bf74 / 0x003bf74: ec != 02 +7758.3dfc: 00007ffbf155bf75 / 0x003bf75: 80 != cc +7758.3dfc: 00007ffbf155bf76 / 0x003bf76: 00 != cc +7758.3dfc: 00007ffbf155bf77 / 0x003bf77: 00 != cc +7758.3dfc: 00007ffbf155bf78 / 0x003bf78: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf155b000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15642e0 / 0x00442e0: 4c != e9 +7758.3dfc: 00007ffbf15642e1 / 0x00442e1: 8b != 9b +7758.3dfc: 00007ffbf15642e2 / 0x00442e2: dc != c4 +7758.3dfc: 00007ffbf15642e3 / 0x00442e3: 53 != be +7758.3dfc: 00007ffbf15642e4 / 0x00442e4: 56 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1563000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15651c0 / 0x00451c0: 40 != e9 +7758.3dfc: 00007ffbf15651c1 / 0x00451c1: 53 != 9b +7758.3dfc: 00007ffbf15651c2 / 0x00451c2: 56 != b7 +7758.3dfc: 00007ffbf15651c3 / 0x00451c3: 57 != be +7758.3dfc: 00007ffbf15651c4 / 0x00451c4: 41 != 02 +7758.3dfc: 00007ffbf15651c5 / 0x00451c5: 54 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1565000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1579720 / 0x0059720: 40 != e9 +7758.3dfc: 00007ffbf1579721 / 0x0059721: 53 != bb +7758.3dfc: 00007ffbf1579722 / 0x0059722: 55 != 7c +7758.3dfc: 00007ffbf1579723 / 0x0059723: 56 != bd +7758.3dfc: 00007ffbf1579724 / 0x0059724: 57 != 02 +7758.3dfc: 00007ffbf1579800 / 0x0059800: 48 != e9 +7758.3dfc: 00007ffbf1579801 / 0x0059801: 83 != fb +7758.3dfc: 00007ffbf1579802 / 0x0059802: ec != 7c +7758.3dfc: 00007ffbf1579803 / 0x0059803: 38 != bd +7758.3dfc: 00007ffbf1579804 / 0x0059804: c7 != 02 +7758.3dfc: 00007ffbf1579805 / 0x0059805: 44 != cc +7758.3dfc: 00007ffbf1579806 / 0x0059806: 24 != cc +7758.3dfc: 00007ffbf1579807 / 0x0059807: 20 != cc +7758.3dfc: 00007ffbf1579808 / 0x0059808: 01 != cc +7758.3dfc: 00007ffbf1579809 / 0x0059809: 00 != cc +7758.3dfc: 00007ffbf157980a / 0x005980a: 00 != cc +7758.3dfc: 00007ffbf157980b / 0x005980b: 00 != cc +7758.3dfc: 00007ffbf1579a50 / 0x0059a50: 40 != e9 +7758.3dfc: 00007ffbf1579a51 / 0x0059a51: 53 != eb +7758.3dfc: 00007ffbf1579a52 / 0x0059a52: 55 != 79 +7758.3dfc: 00007ffbf1579a53 / 0x0059a53: 56 != bd +7758.3dfc: 00007ffbf1579a54 / 0x0059a54: 57 != 02 +7758.3dfc: 00007ffbf1579c00 / 0x0059c00: 48 != e9 +7758.3dfc: 00007ffbf1579c01 / 0x0059c01: 89 != 9b +7758.3dfc: 00007ffbf1579c02 / 0x0059c02: 5c != 78 +7758.3dfc: 00007ffbf1579c03 / 0x0059c03: 24 != bd +7758.3dfc: 00007ffbf1579c04 / 0x0059c04: 20 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1579000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1581ac0 / 0x0061ac0: 48 != e9 +7758.3dfc: 00007ffbf1581ac1 / 0x0061ac1: 8b != fb +7758.3dfc: 00007ffbf1581ac2 / 0x0061ac2: c4 != 00 +7758.3dfc: 00007ffbf1581ac3 / 0x0061ac3: 48 != bd +7758.3dfc: 00007ffbf1581ac4 / 0x0061ac4: 89 != 02 +7758.3dfc: 00007ffbf1581ac5 / 0x0061ac5: 58 != cc +7758.3dfc: 00007ffbf1581ac6 / 0x0061ac6: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1581000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf158d500 / 0x006d500: 48 != e9 +7758.3dfc: 00007ffbf158d501 / 0x006d501: 89 != fb +7758.3dfc: 00007ffbf158d502 / 0x006d502: 5c != 45 +7758.3dfc: 00007ffbf158d503 / 0x006d503: 24 != bc +7758.3dfc: 00007ffbf158d504 / 0x006d504: 10 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf158d000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf158fb10 / 0x006fb10: 4c != e9 +7758.3dfc: 00007ffbf158fb11 / 0x006fb11: 8b != 0b +7758.3dfc: 00007ffbf158fb12 / 0x006fb12: dc != 0f +7758.3dfc: 00007ffbf158fb13 / 0x006fb13: 48 != bc +7758.3dfc: 00007ffbf158fb14 / 0x006fb14: 83 != 02 +7758.3dfc: 00007ffbf158fb15 / 0x006fb15: ec != cc +7758.3dfc: 00007ffbf158fb16 / 0x006fb16: 68 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf158f000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15956c0 / 0x00756c0: 45 != e9 +7758.3dfc: 00007ffbf15956c1 / 0x00756c1: 33 != 1b +7758.3dfc: 00007ffbf15956c2 / 0x00756c2: c9 != b4 +7758.3dfc: 00007ffbf15956c3 / 0x00756c3: e9 != bb +7758.3dfc: 00007ffbf15956c4 / 0x00756c4: 08 != 02 +7758.3dfc: 00007ffbf15956c5 / 0x00756c5: 00 != cc +7758.3dfc: 00007ffbf15956c6 / 0x00756c6: 00 != cc +7758.3dfc: 00007ffbf15956c7 / 0x00756c7: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1595000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1599270 / 0x0079270: 40 != e9 +7758.3dfc: 00007ffbf1599271 / 0x0079271: 53 != 6b +7758.3dfc: 00007ffbf1599272 / 0x0079272: 48 != 72 +7758.3dfc: 00007ffbf1599273 / 0x0079273: 83 != bb +7758.3dfc: 00007ffbf1599274 / 0x0079274: ec != 02 +7758.3dfc: 00007ffbf1599275 / 0x0079275: 30 != cc +7758.3dfc: 00007ffbf159aa70 / 0x007aa70: 48 != e9 +7758.3dfc: 00007ffbf159aa71 / 0x007aa71: 83 != 8b +7758.3dfc: 00007ffbf159aa72 / 0x007aa72: ec != 64 +7758.3dfc: 00007ffbf159aa73 / 0x007aa73: 38 != bb +7758.3dfc: 00007ffbf159aa74 / 0x007aa74: 44 != 02 +7758.3dfc: 00007ffbf159aa75 / 0x007aa75: 89 != cc +7758.3dfc: 00007ffbf159aa76 / 0x007aa76: 44 != cc +7758.3dfc: 00007ffbf159aa77 / 0x007aa77: 24 != cc +7758.3dfc: 00007ffbf159aa78 / 0x007aa78: 20 != cc +7758.3dfc: 00007ffbf159aaa0 / 0x007aaa0: 48 != e9 +7758.3dfc: 00007ffbf159aaa1 / 0x007aaa1: 8b != 1b +7758.3dfc: 00007ffbf159aaa2 / 0x007aaa2: c4 != 65 +7758.3dfc: 00007ffbf159aaa3 / 0x007aaa3: 48 != bb +7758.3dfc: 00007ffbf159aaa4 / 0x007aaa4: 89 != 02 +7758.3dfc: 00007ffbf159aaa5 / 0x007aaa5: 58 != cc +7758.3dfc: 00007ffbf159aaa6 / 0x007aaa6: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1599000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf159cba0 / 0x007cba0: 89 != e9 +7758.3dfc: 00007ffbf159cba1 / 0x007cba1: 4c != fb +7758.3dfc: 00007ffbf159cba2 / 0x007cba2: 24 != 4e +7758.3dfc: 00007ffbf159cba3 / 0x007cba3: 08 != bb +7758.3dfc: 00007ffbf159cba4 / 0x007cba4: 48 != 02 +7758.3dfc: 00007ffbf159cba5 / 0x007cba5: 83 != cc +7758.3dfc: 00007ffbf159cba6 / 0x007cba6: ec != cc +7758.3dfc: 00007ffbf159cba7 / 0x007cba7: 38 != cc +7758.3dfc: 00007ffbf159cc10 / 0x007cc10: 48 != e9 +7758.3dfc: 00007ffbf159cc11 / 0x007cc11: 8b != eb +7758.3dfc: 00007ffbf159cc12 / 0x007cc12: c4 != 54 +7758.3dfc: 00007ffbf159cc13 / 0x007cc13: 48 != bb +7758.3dfc: 00007ffbf159cc14 / 0x007cc14: 89 != 02 +7758.3dfc: 00007ffbf159cc15 / 0x007cc15: 58 != cc +7758.3dfc: 00007ffbf159cc16 / 0x007cc16: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf159b000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf159ea50 / 0x007ea50: 4c != e9 +7758.3dfc: 00007ffbf159ea52 / 0x007ea52: dc != 26 +7758.3dfc: 00007ffbf159ea53 / 0x007ea53: 48 != bb +7758.3dfc: 00007ffbf159ea54 / 0x007ea54: 83 != 02 +7758.3dfc: 00007ffbf159ea55 / 0x007ea55: ec != cc +7758.3dfc: 00007ffbf159ea56 / 0x007ea56: 68 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf159d000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15a0730 / 0x0080730: 45 != e9 +7758.3dfc: 00007ffbf15a0731 / 0x0080731: 33 != cb +7758.3dfc: 00007ffbf15a0732 / 0x0080732: c0 != 0a +7758.3dfc: 00007ffbf15a0733 / 0x0080733: 33 != bb +7758.3dfc: 00007ffbf15a0734 / 0x0080734: d2 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf159f000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15a1e20 / 0x0081e20: 48 != e9 +7758.3dfc: 00007ffbf15a1e21 / 0x0081e21: 89 != 7b +7758.3dfc: 00007ffbf15a1e22 / 0x0081e22: 5c != f3 +7758.3dfc: 00007ffbf15a1e23 / 0x0081e23: 24 != ba +7758.3dfc: 00007ffbf15a1e24 / 0x0081e24: 08 != 02 +7758.3dfc: 00007ffbf15a26c0 / 0x00826c0: 48 != e9 +7758.3dfc: 00007ffbf15a26c1 / 0x00826c1: 89 != 7b +7758.3dfc: 00007ffbf15a26c2 / 0x00826c2: 5c != f3 +7758.3dfc: 00007ffbf15a26c3 / 0x00826c3: 24 != ba +7758.3dfc: 00007ffbf15a26c4 / 0x00826c4: 08 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf15a1000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15a4230 / 0x0084230: 4c != e9 +7758.3dfc: 00007ffbf15a4231 / 0x0084231: 8b != 4b +7758.3dfc: 00007ffbf15a4232 / 0x0084232: dc != ce +7758.3dfc: 00007ffbf15a4233 / 0x0084233: 48 != ba +7758.3dfc: 00007ffbf15a4234 / 0x0084234: 83 != 02 +7758.3dfc: 00007ffbf15a4235 / 0x0084235: ec != cc +7758.3dfc: 00007ffbf15a4236 / 0x0084236: 68 != cc +7758.3dfc: 00007ffbf15a42b0 / 0x00842b0: 4c != e9 +7758.3dfc: 00007ffbf15a42b1 / 0x00842b1: 89 != 4b +7758.3dfc: 00007ffbf15a42b2 / 0x00842b2: 4c != c6 +7758.3dfc: 00007ffbf15a42b3 / 0x00842b3: 24 != ba +7758.3dfc: 00007ffbf15a42b4 / 0x00842b4: 20 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf15a3000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15a7090 / 0x0087090: 48 != e9 +7758.3dfc: 00007ffbf15a7091 / 0x0087091: 89 != cb +7758.3dfc: 00007ffbf15a7092 / 0x0087092: 5c != a1 +7758.3dfc: 00007ffbf15a7093 / 0x0087093: 24 != ba +7758.3dfc: 00007ffbf15a7094 / 0x0087094: 08 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf15a7000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15a9750 / 0x0089750: 48 != e9 +7758.3dfc: 00007ffbf15a9751 / 0x0089751: 89 != 0b +7758.3dfc: 00007ffbf15a9752 / 0x0089752: 5c != 8d +7758.3dfc: 00007ffbf15a9753 / 0x0089753: 24 != ba +7758.3dfc: 00007ffbf15a9754 / 0x0089754: 10 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf15a9000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf15ce2c0 / 0x00ae2c0: 48 != e9 +7758.3dfc: 00007ffbf15ce2c1 / 0x00ae2c1: 83 != db +7758.3dfc: 00007ffbf15ce2c2 / 0x00ae2c2: ec != 1f +7758.3dfc: 00007ffbf15ce2c3 / 0x00ae2c3: 38 != b8 +7758.3dfc: 00007ffbf15ce2c4 / 0x00ae2c4: 33 != 02 +7758.3dfc: 00007ffbf15ce2c5 / 0x00ae2c5: c0 != cc +7758.3dfc: 00007ffbf15ce2f0 / 0x00ae2f0: 48 != e9 +7758.3dfc: 00007ffbf15ce2f1 / 0x00ae2f1: 83 != 6b +7758.3dfc: 00007ffbf15ce2f2 / 0x00ae2f2: ec != 20 +7758.3dfc: 00007ffbf15ce2f3 / 0x00ae2f3: 38 != b8 +7758.3dfc: 00007ffbf15ce2f4 / 0x00ae2f4: b8 != 02 +7758.3dfc: 00007ffbf15ce2f5 / 0x00ae2f5: 03 != cc +7758.3dfc: 00007ffbf15ce2f6 / 0x00ae2f6: 00 != cc +7758.3dfc: 00007ffbf15ce2f7 / 0x00ae2f7: 00 != cc +7758.3dfc: 00007ffbf15ce2f8 / 0x00ae2f8: 00 != cc +7758.3dfc: 00007ffbf15ce6d0 / 0x00ae6d0: 48 != e9 +7758.3dfc: 00007ffbf15ce6d1 / 0x00ae6d1: 89 != 0b +7758.3dfc: 00007ffbf15ce6d2 / 0x00ae6d2: 5c != 1b +7758.3dfc: 00007ffbf15ce6d3 / 0x00ae6d3: 24 != b8 +7758.3dfc: 00007ffbf15ce6d4 / 0x00ae6d4: 08 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf15cd000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf16049d1 / 0x00e49d1: 9b != eb +7758.3dfc: 00007ffbf16049d2 / 0x00e49d2: 55 != cb +7758.3dfc: 00007ffbf16049d3 / 0x00e49d3: 07 != b4 +7758.3dfc: 00007ffbf16049d4 / 0x00e49d4: 00 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1603000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1606160 / 0x00e6160: 48 != e9 +7758.3dfc: 00007ffbf1606161 / 0x00e6161: 8b != fb +7758.3dfc: 00007ffbf1606162 / 0x00e6162: c4 != b3 +7758.3dfc: 00007ffbf1606163 / 0x00e6163: 48 != b4 +7758.3dfc: 00007ffbf1606164 / 0x00e6164: 89 != 02 +7758.3dfc: 00007ffbf1606165 / 0x00e6165: 58 != cc +7758.3dfc: 00007ffbf1606166 / 0x00e6166: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1605000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1607760 / 0x00e7760: 48 != e9 +7758.3dfc: 00007ffbf1607761 / 0x00e7761: 83 != 9b +7758.3dfc: 00007ffbf1607762 / 0x00e7762: ec != 8b +7758.3dfc: 00007ffbf1607763 / 0x00e7763: 38 != b4 +7758.3dfc: 00007ffbf1607764 / 0x00e7764: b8 != 02 +7758.3dfc: 00007ffbf1607765 / 0x00e7765: 03 != cc +7758.3dfc: 00007ffbf1607766 / 0x00e7766: 00 != cc +7758.3dfc: 00007ffbf1607767 / 0x00e7767: 00 != cc +7758.3dfc: 00007ffbf1607768 / 0x00e7768: 00 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1607000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1635580 / 0x0115580: 48 != e9 +7758.3dfc: 00007ffbf1635581 / 0x0115581: 8b != fb +7758.3dfc: 00007ffbf1635582 / 0x0115582: c4 != bd +7758.3dfc: 00007ffbf1635583 / 0x0115583: 48 != b1 +7758.3dfc: 00007ffbf1635584 / 0x0115584: 89 != 02 +7758.3dfc: 00007ffbf1635585 / 0x0115585: 58 != cc +7758.3dfc: 00007ffbf1635586 / 0x0115586: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1635000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf167c990 / 0x015c990: 48 != e9 +7758.3dfc: 00007ffbf167c991 / 0x015c991: 83 != ab +7758.3dfc: 00007ffbf167c992 / 0x015c992: ec != 38 +7758.3dfc: 00007ffbf167c993 / 0x015c993: 38 != ad +7758.3dfc: 00007ffbf167c994 / 0x015c994: 33 != 02 +7758.3dfc: 00007ffbf167c995 / 0x015c995: c0 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf167b000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf167d080 / 0x015d080: 40 != e9 +7758.3dfc: 00007ffbf167d081 / 0x015d081: 53 != 3b +7758.3dfc: 00007ffbf167d082 / 0x015d082: 48 != 42 +7758.3dfc: 00007ffbf167d083 / 0x015d083: 81 != ad +7758.3dfc: 00007ffbf167d084 / 0x015d084: ec != 02 +7758.3dfc: 00007ffbf167d085 / 0x015d085: 90 != cc +7758.3dfc: 00007ffbf167d086 / 0x015d086: 00 != cc +7758.3dfc: 00007ffbf167d087 / 0x015d087: 00 != cc +7758.3dfc: 00007ffbf167d088 / 0x015d088: 00 != cc +7758.3dfc: 00007ffbf167d960 / 0x015d960: 48 != e9 +7758.3dfc: 00007ffbf167d961 / 0x015d961: 89 != 1b +7758.3dfc: 00007ffbf167d962 / 0x015d962: 5c != 28 +7758.3dfc: 00007ffbf167d963 / 0x015d963: 24 != ad +7758.3dfc: 00007ffbf167d964 / 0x015d964: 08 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf167d000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1686300 / 0x0166300: 4c != e9 +7758.3dfc: 00007ffbf1686301 / 0x0166301: 8b != 1b +7758.3dfc: 00007ffbf1686302 / 0x0166302: dc != a4 +7758.3dfc: 00007ffbf1686303 / 0x0166303: 48 != ac +7758.3dfc: 00007ffbf1686304 / 0x0166304: 83 != 02 +7758.3dfc: 00007ffbf1686305 / 0x0166305: ec != cc +7758.3dfc: 00007ffbf1686306 / 0x0166306: 48 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1685000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1688150 / 0x0168150: 48 != e9 +7758.3dfc: 00007ffbf1688151 / 0x0168151: 89 != eb +7758.3dfc: 00007ffbf1688152 / 0x0168152: 5c != 8c +7758.3dfc: 00007ffbf1688153 / 0x0168153: 24 != ac +7758.3dfc: 00007ffbf1688154 / 0x0168154: 20 != 02 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1687000 +7758.3dfc: kernelbase.dll: Differences in section #1 (.text) between file and memory: +7758.3dfc: 00007ffbf1689110 / 0x0169110: 48 != e9 +7758.3dfc: 00007ffbf1689111 / 0x0169111: 89 != 6b +7758.3dfc: 00007ffbf1689112 / 0x0169112: 5c != 73 +7758.3dfc: 00007ffbf1689113 / 0x0169113: 24 != ac +7758.3dfc: 00007ffbf1689114 / 0x0169114: 08 != 02 +7758.3dfc: 00007ffbf168a150 / 0x016a150: 48 != e9 +7758.3dfc: 00007ffbf168a151 / 0x016a151: 8b != 0b +7758.3dfc: 00007ffbf168a152 / 0x016a152: c4 != 7a +7758.3dfc: 00007ffbf168a153 / 0x016a153: 48 != ac +7758.3dfc: 00007ffbf168a154 / 0x016a154: 89 != 02 +7758.3dfc: 00007ffbf168a155 / 0x016a155: 58 != cc +7758.3dfc: 00007ffbf168a156 / 0x016a156: 08 != cc +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf1689000 +7758.3dfc: kernelbase.dll: Differences in section #2 (.rdata) between file and memory: +7758.3dfc: 00007ffbf178e788 / 0x026e788: a0 != 90 +7758.3dfc: 00007ffbf178e789 / 0x026e789: 05 != 79 +7758.3dfc: 00007ffbf178e78a / 0x026e78a: fd != 3d +7758.3dfc: 00007ffbf178e78b / 0x026e78b: f3 != ed +7758.3dfc: 00007ffbf178e7c8 / 0x026e7c8: 60 != 10 +7758.3dfc: 00007ffbf178e7c9 / 0x026e7c9: 0b != 82 +7758.3dfc: 00007ffbf178e7ca / 0x026e7ca: fd != 40 +7758.3dfc: 00007ffbf178e7cb / 0x026e7cb: f3 != ed +7758.3dfc: 00007ffbf178e900 / 0x026e900: b0 != 00 +7758.3dfc: 00007ffbf178e901 / 0x026e901: 0c != 84 +7758.3dfc: 00007ffbf178e902 / 0x026e902: fd != 40 +7758.3dfc: 00007ffbf178e903 / 0x026e903: f3 != ed +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf178d000 +7758.3dfc: kernelbase.dll: Differences in section #2 (.rdata) between file and memory: +7758.3dfc: 00007ffbf178f0f8 / 0x026f0f8: b0 != 00 +7758.3dfc: 00007ffbf178f0f9 / 0x026f0f9: 0c != 84 +7758.3dfc: 00007ffbf178f0fa / 0x026f0fa: fd != 40 +7758.3dfc: 00007ffbf178f0fb / 0x026f0fb: f3 != ed +7758.3dfc: 00007ffbf178fd20 / 0x026fd20: 10 != f0 +7758.3dfc: 00007ffbf178fd21 / 0x026fd21: c3 != f0 +7758.3dfc: 00007ffbf178fd22 / 0x026fd22: 5f != fb +7758.3dfc: 00007ffbf178fd23 / 0x026fd23: f1 != f3 +7758.3dfc: 00007ffbf178fd28 / 0x026fd28: c0 != 30 +7758.3dfc: 00007ffbf178fd29 / 0x026fd29: c6 != f2 +7758.3dfc: 00007ffbf178fd2a / 0x026fd2a: 5f != fb +7758.3dfc: 00007ffbf178fd2b / 0x026fd2b: f1 != f3 +7758.3dfc: 00007ffbf178fd30 / 0x026fd30: 10 != f0 +7758.3dfc: 00007ffbf178fd31 / 0x026fd31: c3 != f0 +7758.3dfc: 00007ffbf178fd32 / 0x026fd32: 5f != fb +7758.3dfc: 00007ffbf178fd33 / 0x026fd33: f1 != f3 +7758.3dfc: 00007ffbf178fd38 / 0x026fd38: e0 != 30 +7758.3dfc: 00007ffbf178fd39 / 0x026fd39: c6 != f2 +7758.3dfc: 00007ffbf178fd3a / 0x026fd3a: 5f != fb +7758.3dfc: 00007ffbf178fd3b / 0x026fd3b: f1 != f3 +7758.3dfc: 00007ffbf178fd40 / 0x026fd40: e0 != 30 +7758.3dfc: 00007ffbf178fd41 / 0x026fd41: c6 != f2 +7758.3dfc: 00007ffbf178fd42 / 0x026fd42: 5f != fb +7758.3dfc: 00007ffbf178fd43 / 0x026fd43: f1 != f3 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbf178f000 +7758.3dfc: apphelp.dll: Differences in section #2 (.rdata) between file and memory: +7758.3dfc: 00007ffbed415280 / 0x0055280: d0 != f0 +7758.3dfc: 00007ffbed415281 / 0x0055281: ab != 55 +7758.3dfc: 00007ffbed415282 / 0x0055282: 58 != 02 +7758.3dfc: 00007ffbed415283 / 0x0055283: f1 != f3 +7758.3dfc: 00007ffbed415288 / 0x0055288: 50 != a0 +7758.3dfc: 00007ffbed415289 / 0x0055289: ea != 61 +7758.3dfc: 00007ffbed41528a / 0x005528a: 59 != 02 +7758.3dfc: 00007ffbed41528b / 0x005528b: f1 != f3 +7758.3dfc: 00007ffbed415290 / 0x0055290: f0 != 00 +7758.3dfc: 00007ffbed415291 / 0x0055291: 9b != 45 +7758.3dfc: 00007ffbed415292 / 0x0055292: 58 != 02 +7758.3dfc: 00007ffbed415293 / 0x0055293: f1 != f3 +7758.3dfc: 00007ffbed415298 / 0x0055298: 90 != c0 +7758.3dfc: 00007ffbed415299 / 0x0055299: 70 != 97 +7758.3dfc: 00007ffbed41529a / 0x005529a: 5a != 02 +7758.3dfc: 00007ffbed41529b / 0x005529b: f1 != f3 +7758.3dfc: 00007ffbed4152a0 / 0x00552a0: 00 != 50 +7758.3dfc: 00007ffbed4152a1 / 0x00552a1: 67 != 27 +7758.3dfc: 00007ffbed4152a2 / 0x00552a2: 53 != 01 +7758.3dfc: 00007ffbed4152a3 / 0x00552a3: f1 != f3 +7758.3dfc: 00007ffbed4152a8 / 0x00552a8: d0 != 60 +7758.3dfc: 00007ffbed4152a9 / 0x00552a9: 71 != 01 +7758.3dfc: 00007ffbed4152aa / 0x00552aa: 58 != 03 +7758.3dfc: 00007ffbed4152ab / 0x00552ab: f1 != f3 +7758.3dfc: 00007ffbed4152b0 / 0x00552b0: 40 != 70 +7758.3dfc: 00007ffbed4152b1 / 0x00552b1: 38 != 01 +7758.3dfc: 00007ffbed4152b2 / 0x00552b2: 56 != 03 +7758.3dfc: 00007ffbed4152b3 / 0x00552b3: f1 != f3 +7758.3dfc: 00007ffbed4152c0 / 0x00552c0: 00 != 30 +7758.3dfc: 00007ffbed4152c1 / 0x00552c1: 24 != 47 +7758.3dfc: 00007ffbed4152c2 / 0x00552c2: 55 != 02 +7758.3dfc: 00007ffbed4152c3 / 0x00552c3: f1 != f3 +7758.3dfc: 00007ffbed415898 / 0x0055898: 20 != f0 +7758.3dfc: 00007ffbed415899 / 0x0055899: 4b != f0 +7758.3dfc: 00007ffbed41589a / 0x005589a: 3d != fb +7758.3dfc: 00007ffbed41589b / 0x005589b: ed != f3 +7758.3dfc: 00007ffbed4158a0 / 0x00558a0: a0 != 30 +7758.3dfc: 00007ffbed4158a1 / 0x00558a1: 4c != f2 +7758.3dfc: 00007ffbed4158a2 / 0x00558a2: 3d != fb +7758.3dfc: 00007ffbed4158a3 / 0x00558a3: ed != f3 +7758.3dfc: 00007ffbed4158a8 / 0x00558a8: 20 != f0 +7758.3dfc: 00007ffbed4158a9 / 0x00558a9: 4b != f0 +7758.3dfc: 00007ffbed4158aa / 0x00558aa: 3d != fb +7758.3dfc: 00007ffbed4158ab / 0x00558ab: ed != f3 +7758.3dfc: 00007ffbed4158b0 / 0x00558b0: c0 != 30 +7758.3dfc: 00007ffbed4158b1 / 0x00558b1: 4c != f2 +7758.3dfc: 00007ffbed4158b2 / 0x00558b2: 3d != fb +7758.3dfc: 00007ffbed4158b3 / 0x00558b3: ed != f3 +7758.3dfc: 00007ffbed4158b8 / 0x00558b8: c0 != 30 +7758.3dfc: 00007ffbed4158b9 / 0x00558b9: 4c != f2 +7758.3dfc: 00007ffbed4158ba / 0x00558ba: 3d != fb +7758.3dfc: 00007ffbed4158bb / 0x00558bb: ed != f3 +7758.3dfc: Restored 0x2000 bytes of original file content at 00007ffbed415000 +7758.3dfc: supHardNtVpCheckHandles: +7758.3dfc: supHardNtVpCheckHandles: Inheritable file handle: 0000000000000064 +7758.3dfc: supHardNtVpCheckHandles: Inheritable file handle: 0000000000000060 +7758.3dfc: supHardNtVpCheckHandles: Inheritable file handle: 0000000000000050 +7758.3dfc: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=52 +7758.3dfc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +7758.3dfc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) +7758.3dfc: supR3HardNtEnableThreadCreationEx: +7758.3dfc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbf3fa42c0 pvNtTerminateThread=00007ffbf3fd0b20 +7758.3dfc: supR3HardenedWinDoReSpawn(1): New child 935c.98b0 [kernel32]. +7758.3dfc: supR3HardNtChildGatherData: PebBaseAddress=0000001a70830000 cbPeb=0x388 +7758.3dfc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbf3f30000 uNtDllChildAddr=00007ffbf3f30000 +7758.3dfc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbf3fa42c0 +7758.3dfc: supR3HardenedWinSetupChildInit: Initial context: + rax=0000000000000000 rbx=0000000000000000 rcx=00007ff66609b590 rdx=0000001a70830000 + rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000 + r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 + r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000 + rip=00007ffbf3f8aee0 rsp=0000001a70affe78 rbp=0000000000000000 ctxflags=0010001b + cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80 + P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000 + dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 + dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000 + lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000 +7758.3dfc: supR3HardenedWinSetupChildInit: Start child. +7758.3dfc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms. +7758.3dfc: supR3HardNtChildPurify: Startup delay kludge #1/0: 262 ms, 17 sleeps +7758.3dfc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION +7758.3dfc: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 +7758.3dfc: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000 +7758.3dfc: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000 +7758.3dfc: 000000007ffea000-0000001a707fffff 0x0001/0x0000 0x0000000 +7758.3dfc: *0000001a70800000-0000001a7082ffff 0x0000/0x0004 0x0020000 +7758.3dfc: 0000001a70830000-0000001a70832fff 0x0004/0x0004 0x0020000 +7758.3dfc: 0000001a70833000-0000001a709fffff 0x0000/0x0004 0x0020000 +7758.3dfc: *0000001a70a00000-0000001a70afafff 0x0000/0x0004 0x0020000 +7758.3dfc: 0000001a70afb000-0000001a70afdfff 0x0104/0x0004 0x0020000 +7758.3dfc: 0000001a70afe000-0000001a70afffff 0x0004/0x0004 0x0020000 +7758.3dfc: 0000001a70b00000-0000016f2142ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *0000016f21430000-0000016f2144ffff 0x0004/0x0004 0x0020000 +7758.3dfc: *0000016f21450000-0000016f2146efff 0x0002/0x0002 0x0040000 +7758.3dfc: 0000016f2146f000-0000016f2146ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *0000016f21470000-0000016f21473fff 0x0002/0x0002 0x0040000 +7758.3dfc: 0000016f21474000-0000016f2147ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *0000016f21480000-0000016f21480fff 0x0002/0x0002 0x0040000 +7758.3dfc: 0000016f21481000-0000016f2148ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *0000016f21490000-0000016f21491fff 0x0004/0x0004 0x0020000 +7758.3dfc: 0000016f21492000-00007df5a6e1ffff 0x0001/0x0000 0x0000000 +7758.3dfc: *00007df5a6e20000-00007df5a6e20fff 0x0020/0x0004 0x0020000 !! +7758.3dfc: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007df5a6e20000 (LB 0x1000, 00007df5a6e20000 LB 0x1000) +7758.3dfc: 000002983fd75270/0000: 16 00 20 00 00 00 00 00-10 00 e2 a6 f5 7d 00 00 .. ..........}.. +000002983fd75280/0010: 61 00 74 00 63 00 75 00-66 00 36 00 34 00 2e 00 a.t.c.u.f.6.4... +000002983fd75290/0020: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... +000002983fd752a0/0030: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. +000002983fd752b0/0040: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. +000002983fd752c0/0050: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. +000002983fd752d0/0060: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. +000002983fd752e0/0070: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. +000002983fd752f0/0080: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. +000002983fd75300/0090: 79 00 5c 00 61 00 74 00-63 00 75 00 66 00 5c 00 y.\.a.t.c.u.f.\. +000002983fd75310/00a0: 64 00 6c 00 6c 00 73 00-5f 00 32 00 36 00 37 00 d.l.l.s._.2.6.7. +000002983fd75320/00b0: 34 00 32 00 36 00 36 00-33 00 39 00 38 00 30 00 4.2.6.6.3.9.8.0. +000002983fd75330/00c0: 32 00 37 00 31 00 31 00-31 00 34 00 35 00 5c 00 2.7.1.1.1.4.5.\. +000002983fd75340/00d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +000002983fd75350/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +000002983fd75360/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +7758.3dfc: 000002983fd75670/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +**************** **** +000002983fd756a0/0030: 16 00 20 00 00 00 00 00-40 04 e2 a6 f5 7d 00 00 .. .....@....}.. +000002983fd756b0/0040: 62 00 64 00 68 00 6b 00-6d 00 36 00 34 00 2e 00 b.d.h.k.m.6.4... +000002983fd756c0/0050: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... +000002983fd756d0/0060: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. +000002983fd756e0/0070: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. +000002983fd756f0/0080: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. +000002983fd75700/0090: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. +000002983fd75710/00a0: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. +000002983fd75720/00b0: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. +000002983fd75730/00c0: 79 00 5c 00 62 00 64 00-68 00 6b 00 6d 00 5c 00 y.\.b.d.h.k.m.\. +000002983fd75740/00d0: 64 00 6c 00 6c 00 73 00-5f 00 32 00 36 00 37 00 d.l.l.s._.2.6.7. +000002983fd75750/00e0: 30 00 32 00 33 00 37 00-31 00 32 00 33 00 35 00 0.2.3.7.1.2.3.5. +000002983fd75760/00f0: 39 00 31 00 38 00 36 00-32 00 36 00 33 00 5c 00 9.1.8.6.2.6.3.\. +7758.3dfc: 000002983fd75a70/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +**************** **** +000002983fd75ad0/0060: 20 a6 f5 f3 fb 7f 00 00-c0 0a fd f3 fb 7f 00 00 ............... +000002983fd75ae0/0070: 48 89 5c 24 10 56 57 41-56 48 81 ec d0 00 00 00 H.\$.VWAVH...... +000002983fd75af0/0080: 48 83 ec 38 56 57 51 52-41 50 41 51 48 83 ec 40 H..8VWQRAPAQH..@ +000002983fd75b00/0090: 48 b9 ff ff ff ff ff ff-ff ff 48 8b 15 bf ff ff H.........H..... +000002983fd75b10/00a0: ff 48 89 54 24 38 48 8d-54 24 38 48 c7 44 24 28 .H.T$8H.T$8H.D$( +000002983fd75b20/00b0: 10 00 00 00 4c 8d 44 24-28 49 c7 c1 04 00 00 00 ....L.D$(I...... +000002983fd75b30/00c0: 48 8d 7c 24 30 48 89 7c-24 20 48 8b 05 97 ff ff H.|$0H.|$ H..... +000002983fd75b40/00d0: ff ff d0 85 c0 0f 88 00-01 00 00 48 8d 35 8e ff ...........H.5.. +000002983fd75b50/00e0: ff ff 48 8b 3d 77 ff ff-ff 48 c7 c1 10 00 00 00 ..H.=w...H...... +000002983fd75b60/00f0: fc f3 a4 48 b9 ff ff ff-ff ff ff ff ff 48 8b 15 ...H.........H.. +7758.3dfc: 000002983fd75b70/0000: 5c ff ff ff 48 89 54 24-38 48 8d 54 24 38 48 c7 \...H.T$8H.T$8H. +000002983fd75b80/0010: 44 24 28 10 00 00 00 4c-8d 44 24 28 4c 8b 4c 24 D$(....L.D$(L.L$ +000002983fd75b90/0020: 30 48 8d 7c 24 30 48 89-7c 24 20 48 8b 05 36 ff 0H.|$0H.|$ H..6. +000002983fd75ba0/0030: ff ff ff d0 85 c0 0f 88-9f 00 00 00 48 83 c4 40 ............H..@ +000002983fd75bb0/0040: 41 59 41 58 5a 59 5f 5e-48 8b 05 11 ff ff ff 48 AYAXZY_^H......H +000002983fd75bc0/0050: 83 ec 20 ff d0 48 83 c4-20 85 c0 0f 88 86 00 00 .. ..H.. ....... +000002983fd75bd0/0060: 00 65 48 8b 0c 25 60 00-00 00 ba 00 01 00 02 85 .eH..%`......... +000002983fd75be0/0070: 91 bc 00 00 00 75 70 48-8d 0d e2 fa ff ff 48 c7 .....upH......H. +000002983fd75bf0/0080: c2 00 00 00 00 4c 8d 05-a4 fa ff ff 4c 8d 4c 24 .....L......L.L$ +000002983fd75c00/0090: 20 48 8b 05 c8 fe ff ff-48 83 ec 20 ff d0 48 83 H......H.. ..H. +000002983fd75c10/00a0: c4 20 85 c0 74 05 48 31-c0 eb 3c 48 8d 0d 7e f6 . ..t.H1.. 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ffbf1520000 LB 0x003b7000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0] +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ffbf3010000 LB 0x000c4000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0] +935c.98b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3010000 'C:\Windows\System32\KERNEL32.DLL' +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ff666090000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe [fFlags=0x0] +935c.98b0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +935c.98b0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbf3fa42c0 pvNtTerminateThread=00007ffbf3fd0b20 +7758.3dfc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 46 ms. +935c.98b0: \SystemRoot\System32\ntdll.dll: +935c.98b0: CreationTime: 2024-10-12T16:13:13.337096100Z +935c.98b0: LastWriteTime: 2024-10-12T16:13:13.368170000Z +935c.98b0: ChangeTime: 2024-10-15T19:50:08.320152600Z +935c.98b0: FileAttributes: 0x20 +935c.98b0: Size: 0x216090 +935c.98b0: NT Headers: 0xe8 +935c.98b0: Timestamp: 0xf9f266e7 +935c.98b0: Machine: 0x8664 - amd64 +935c.98b0: Timestamp: 0xf9f266e7 +935c.98b0: Image Version: 10.0 +935c.98b0: SizeOfImage: 0x217000 (2191360) +935c.98b0: Resource Dir: 0x1a0000 LB 0x759a8 +935c.98b0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] +935c.98b0: [Raw version resource data: 0x1a00f0 LB 0x380, codepage 0x0 (reserved 0x0)] +935c.98b0: ProductName: Microsoft® Windows® Operating System +935c.98b0: ProductVersion: 10.0.22621.4317 +935c.98b0: FileVersion: 10.0.22621.4317 (WinBuild.160101.0800) +935c.98b0: FileDescription: NT Layer DLL +935c.98b0: \SystemRoot\System32\kernel32.dll: +935c.98b0: CreationTime: 2024-08-18T11:45:46.245614200Z +935c.98b0: LastWriteTime: 2024-08-18T11:45:46.259376700Z +935c.98b0: ChangeTime: 2024-10-12T16:14:17.580433400Z +935c.98b0: FileAttributes: 0x20 +935c.98b0: Size: 0xc7168 +935c.98b0: NT Headers: 0xe8 +935c.98b0: Timestamp: 0xa9f358b9 +935c.98b0: Machine: 0x8664 - amd64 +935c.98b0: Timestamp: 0xa9f358b9 +935c.98b0: Image Version: 10.0 +935c.98b0: SizeOfImage: 0xc4000 (802816) +935c.98b0: Resource Dir: 0xc2000 LB 0x520 +935c.98b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +935c.98b0: [Raw version resource data: 0xc20b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] +935c.98b0: ProductName: Microsoft® Windows® Operating System +935c.98b0: ProductVersion: 10.0.22621.3958 +935c.98b0: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +935c.98b0: FileDescription: Windows NT BASE API Client DLL +935c.98b0: \SystemRoot\System32\KernelBase.dll: +935c.98b0: CreationTime: 2024-10-12T16:13:13.874348200Z +935c.98b0: LastWriteTime: 2024-10-12T16:13:13.976987600Z +935c.98b0: ChangeTime: 2024-10-15T19:50:07.879884900Z +935c.98b0: FileAttributes: 0x20 +935c.98b0: Size: 0x3bdba0 +935c.98b0: NT Headers: 0xf8 +935c.98b0: Timestamp: 0xcf64c6a +935c.98b0: Machine: 0x8664 - amd64 +935c.98b0: Timestamp: 0xcf64c6a +935c.98b0: Image Version: 10.0 +935c.98b0: SizeOfImage: 0x3b7000 (3895296) +935c.98b0: Resource Dir: 0x386000 LB 0x548 +935c.98b0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +935c.98b0: [Raw version resource data: 0x3860b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] +935c.98b0: ProductName: Microsoft® Windows® Operating System +935c.98b0: ProductVersion: 10.0.22621.4249 +935c.98b0: FileVersion: 10.0.22621.4249 (WinBuild.160101.0800) +935c.98b0: FileDescription: Windows NT BASE API Client DLL +935c.98b0: \SystemRoot\System32\apisetschema.dll: +935c.98b0: CreationTime: 2024-08-18T11:45:33.363168100Z +935c.98b0: LastWriteTime: 2024-08-18T11:45:33.366168300Z +935c.98b0: ChangeTime: 2024-10-12T16:14:17.396998700Z +935c.98b0: FileAttributes: 0x20 +935c.98b0: Size: 0x245e0 +935c.98b0: NT Headers: 0xc8 +935c.98b0: Timestamp: 0x8f476251 +935c.98b0: Machine: 0x8664 - amd64 +935c.98b0: Timestamp: 0x8f476251 +935c.98b0: Image Version: 10.0 +935c.98b0: SizeOfImage: 0x23000 (143360) +935c.98b0: Resource Dir: 0x22000 LB 0x408 +935c.98b0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] +935c.98b0: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)] +935c.98b0: ProductName: Microsoft® Windows® Operating System +935c.98b0: ProductVersion: 10.0.22621.3958 +935c.98b0: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +935c.98b0: FileDescription: ApiSet Schema DLL +935c.98b0: supR3HardenedWinFindAdversaries: 0x0 +935c.98b0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +935c.98b0: Calling main() +935c.98b0: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 +935c.98b0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +935c.98b0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) +935c.98b0: SUPR3HardenedMain: Respawn #2 +935c.98b0: supR3HardNtEnableThreadCreationEx: +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ffbf1400000 LB 0x00028000 C:\Windows\System32\bcrypt.dll [fFlags=0x0] +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ffbf3a90000 LB 0x000a8000 C:\Windows\System32\sechost.dll [fFlags=0x0] +935c.98b0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'. +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll +935c.98b0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll +935c.98b0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... +935c.98b0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] +935c.98b0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3f30000 'C:\Windows\System32\ntdll.dll' +935c.98b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KernelBase.dll (Input=KernelBase, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'C:\Windows\System32\KernelBase.dll' +935c.98b0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll) +935c.98b0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000: [calling] +935c.98b0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedDllNotificationCallback: load 00007ffbed3c0000 LB 0x00097000 C:\Windows\system32\apphelp.dll [fFlags=0x0] +935c.98b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3f30000 'C:\Windows\System32\ntdll.dll' +935c.98b0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll [lacks WinVerifyTrust] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3f30000 'C:\Windows\System32\ntdll.dll' +935c.98b0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbed3c0000 'C:\Windows\system32\apphelp.dll' +935c.98b0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbf3fa42c0 pvNtTerminateThread=00007ffbf3fd0b20 +935c.98b0: supR3HardenedWinDoReSpawn(2): New child 9c80.8984 [kernel32]. +935c.98b0: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless) +935c.98b0: supR3HardNtChildGatherData: PebBaseAddress=000000b00abeb000 cbPeb=0x388 +935c.98b0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbf3f30000 uNtDllChildAddr=00007ffbf3f30000 +935c.98b0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbf3fa42c0 +935c.98b0: supR3HardenedWinSetupChildInit: Initial context: + rax=0000000000000000 rbx=0000000000000000 rcx=00007ff66609b590 rdx=000000b00abeb000 + rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000 + r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 + r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000 + rip=00007ffbf3f8aee0 rsp=000000b00acffde8 rbp=0000000000000000 ctxflags=0010001b + cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80 + P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000 + dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 + dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000 + lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000 +935c.98b0: kernel32.dll: timestamp 0xa9f358b9 (rc=VINF_SUCCESS) +935c.98b0: supR3HardenedWinSetupChildInit: Start child. +935c.98b0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. +935c.98b0: supR3HardNtChildPurify: Startup delay kludge #1/0: 261 ms, 17 sleeps +935c.98b0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION +935c.98b0: *0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000 +935c.98b0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 +935c.98b0: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000 +935c.98b0: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000 +935c.98b0: 000000007ffea000-000000b00a9fffff 0x0001/0x0000 0x0000000 +935c.98b0: *000000b00aa00000-000000b00abeafff 0x0000/0x0004 0x0020000 +935c.98b0: 000000b00abeb000-000000b00abedfff 0x0004/0x0004 0x0020000 +935c.98b0: 000000b00abee000-000000b00abfffff 0x0000/0x0004 0x0020000 +935c.98b0: *000000b00ac00000-000000b00acfafff 0x0000/0x0004 0x0020000 +935c.98b0: 000000b00acfb000-000000b00acfdfff 0x0104/0x0004 0x0020000 +935c.98b0: 000000b00acfe000-000000b00acfffff 0x0004/0x0004 0x0020000 +935c.98b0: 000000b00ad00000-000002207148ffff 0x0001/0x0000 0x0000000 +935c.98b0: *0000022071490000-00000220714affff 0x0004/0x0004 0x0020000 +935c.98b0: *00000220714b0000-00000220714cefff 0x0002/0x0002 0x0040000 +935c.98b0: 00000220714cf000-00000220714cffff 0x0001/0x0000 0x0000000 +935c.98b0: *00000220714d0000-00000220714d3fff 0x0002/0x0002 0x0040000 +935c.98b0: 00000220714d4000-00000220714dffff 0x0001/0x0000 0x0000000 +935c.98b0: *00000220714e0000-00000220714e0fff 0x0002/0x0002 0x0040000 +935c.98b0: 00000220714e1000-00000220714effff 0x0001/0x0000 0x0000000 +935c.98b0: *00000220714f0000-00000220714f1fff 0x0004/0x0004 0x0020000 +935c.98b0: 00000220714f2000-00007df5aaadffff 0x0001/0x0000 0x0000000 +935c.98b0: *00007df5aaae0000-00007df5aaae0fff 0x0020/0x0004 0x0020000 !! +935c.98b0: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007df5aaae0000 (LB 0x1000, 00007df5aaae0000 LB 0x1000) +935c.98b0: 0000016f22166570/0000: 16 00 20 00 00 00 00 00-10 00 ae aa f5 7d 00 00 .. ..........}.. +0000016f22166580/0010: 61 00 74 00 63 00 75 00-66 00 36 00 34 00 2e 00 a.t.c.u.f.6.4... +0000016f22166590/0020: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... +0000016f221665a0/0030: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. +0000016f221665b0/0040: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. +0000016f221665c0/0050: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. +0000016f221665d0/0060: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. +0000016f221665e0/0070: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. +0000016f221665f0/0080: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. +0000016f22166600/0090: 79 00 5c 00 61 00 74 00-63 00 75 00 66 00 5c 00 y.\.a.t.c.u.f.\. +0000016f22166610/00a0: 64 00 6c 00 6c 00 73 00-5f 00 32 00 36 00 37 00 d.l.l.s._.2.6.7. +0000016f22166620/00b0: 34 00 32 00 36 00 36 00-33 00 39 00 38 00 30 00 4.2.6.6.3.9.8.0. +0000016f22166630/00c0: 32 00 37 00 31 00 31 00-31 00 34 00 35 00 5c 00 2.7.1.1.1.4.5.\. +0000016f22166640/00d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +0000016f22166650/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +0000016f22166660/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +935c.98b0: 0000016f22166970/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +**************** **** +0000016f221669a0/0030: 16 00 20 00 00 00 00 00-40 04 ae aa f5 7d 00 00 .. .....@....}.. +0000016f221669b0/0040: 62 00 64 00 68 00 6b 00-6d 00 36 00 34 00 2e 00 b.d.h.k.m.6.4... +0000016f221669c0/0050: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l........... +0000016f221669d0/0060: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r. +0000016f221669e0/0070: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s. +0000016f221669f0/0080: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e. +0000016f22166a00/0090: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t. +0000016f22166a10/00a0: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r. +0000016f22166a20/00b0: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t. +0000016f22166a30/00c0: 79 00 5c 00 62 00 64 00-68 00 6b 00 6d 00 5c 00 y.\.b.d.h.k.m.\. +0000016f22166a40/00d0: 64 00 6c 00 6c 00 73 00-5f 00 32 00 36 00 37 00 d.l.l.s._.2.6.7. +0000016f22166a50/00e0: 30 00 32 00 33 00 37 00-31 00 32 00 33 00 35 00 0.2.3.7.1.2.3.5. +0000016f22166a60/00f0: 39 00 31 00 38 00 36 00-32 00 36 00 33 00 5c 00 9.1.8.6.2.6.3.\. +935c.98b0: 0000016f22166d70/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................ +**************** **** +0000016f22166dd0/0060: 20 a6 f5 f3 fb 7f 00 00-c0 0a fd f3 fb 7f 00 00 ............... +0000016f22166de0/0070: 48 89 5c 24 10 56 57 41-56 48 81 ec d0 00 00 00 H.\$.VWAVH...... +0000016f22166df0/0080: 48 83 ec 38 56 57 51 52-41 50 41 51 48 83 ec 40 H..8VWQRAPAQH..@ +0000016f22166e00/0090: 48 b9 ff ff ff ff ff ff-ff ff 48 8b 15 bf ff ff H.........H..... +0000016f22166e10/00a0: ff 48 89 54 24 38 48 8d-54 24 38 48 c7 44 24 28 .H.T$8H.T$8H.D$( +0000016f22166e20/00b0: 10 00 00 00 4c 8d 44 24-28 49 c7 c1 04 00 00 00 ....L.D$(I...... +0000016f22166e30/00c0: 48 8d 7c 24 30 48 89 7c-24 20 48 8b 05 97 ff ff H.|$0H.|$ H..... +0000016f22166e40/00d0: ff ff d0 85 c0 0f 88 00-01 00 00 48 8d 35 8e ff ...........H.5.. +0000016f22166e50/00e0: ff ff 48 8b 3d 77 ff ff-ff 48 c7 c1 10 00 00 00 ..H.=w...H...... +0000016f22166e60/00f0: fc f3 a4 48 b9 ff ff ff-ff ff ff ff ff 48 8b 15 ...H.........H.. +935c.98b0: 0000016f22166e70/0000: 5c ff ff ff 48 89 54 24-38 48 8d 54 24 38 48 c7 \...H.T$8H.T$8H. +0000016f22166e80/0010: 44 24 28 10 00 00 00 4c-8d 44 24 28 4c 8b 4c 24 D$(....L.D$(L.L$ +0000016f22166e90/0020: 30 48 8d 7c 24 30 48 89-7c 24 20 48 8b 05 36 ff 0H.|$0H.|$ H..6. +0000016f22166ea0/0030: ff ff ff d0 85 c0 0f 88-9f 00 00 00 48 83 c4 40 ............H..@ +0000016f22166eb0/0040: 41 59 41 58 5a 59 5f 5e-48 8b 05 11 ff ff ff 48 AYAXZY_^H......H +0000016f22166ec0/0050: 83 ec 20 ff d0 48 83 c4-20 85 c0 0f 88 86 00 00 .. ..H.. ....... +0000016f22166ed0/0060: 00 65 48 8b 0c 25 60 00-00 00 ba 00 01 00 02 85 .eH..%`......... +0000016f22166ee0/0070: 91 bc 00 00 00 75 70 48-8d 0d e2 fa ff ff 48 c7 .....upH......H. +0000016f22166ef0/0080: c2 00 00 00 00 4c 8d 05-a4 fa ff ff 4c 8d 4c 24 .....L......L.L$ +0000016f22166f00/0090: 20 48 8b 05 c8 fe ff ff-48 83 ec 20 ff d0 48 83 H......H.. ..H. +0000016f22166f10/00a0: c4 20 85 c0 74 05 48 31-c0 eb 3c 48 8d 0d 7e f6 . ..t.H1.. 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001: [calling] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1520000 LB 0x003b7000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3010000 LB 0x000c4000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3010000 'C:\Windows\System32\KERNEL32.DLL' +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ff666090000 LB 0x00108000 C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe [fFlags=0x0] +9c80.8984: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe +9c80.8984: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbf3fa42c0 pvNtTerminateThread=00007ffbf3fd0b20 +935c.98b0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 63 ms. +9c80.8984: \SystemRoot\System32\ntdll.dll: +9c80.8984: CreationTime: 2024-10-12T16:13:13.337096100Z +9c80.8984: LastWriteTime: 2024-10-12T16:13:13.368170000Z +9c80.8984: ChangeTime: 2024-10-15T19:50:08.320152600Z +9c80.8984: FileAttributes: 0x20 +9c80.8984: Size: 0x216090 +9c80.8984: NT Headers: 0xe8 +9c80.8984: Timestamp: 0xf9f266e7 +9c80.8984: Machine: 0x8664 - amd64 +9c80.8984: Timestamp: 0xf9f266e7 +9c80.8984: Image Version: 10.0 +9c80.8984: SizeOfImage: 0x217000 (2191360) +9c80.8984: Resource Dir: 0x1a0000 LB 0x759a8 +9c80.8984: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] +9c80.8984: [Raw version resource data: 0x1a00f0 LB 0x380, codepage 0x0 (reserved 0x0)] +9c80.8984: ProductName: Microsoft® Windows® Operating System +9c80.8984: ProductVersion: 10.0.22621.4317 +9c80.8984: FileVersion: 10.0.22621.4317 (WinBuild.160101.0800) +9c80.8984: FileDescription: NT Layer DLL +9c80.8984: \SystemRoot\System32\kernel32.dll: +9c80.8984: CreationTime: 2024-08-18T11:45:46.245614200Z +9c80.8984: LastWriteTime: 2024-08-18T11:45:46.259376700Z +9c80.8984: ChangeTime: 2024-10-12T16:14:17.580433400Z +9c80.8984: FileAttributes: 0x20 +9c80.8984: Size: 0xc7168 +9c80.8984: NT Headers: 0xe8 +9c80.8984: Timestamp: 0xa9f358b9 +9c80.8984: Machine: 0x8664 - amd64 +9c80.8984: Timestamp: 0xa9f358b9 +9c80.8984: Image Version: 10.0 +9c80.8984: SizeOfImage: 0xc4000 (802816) +9c80.8984: Resource Dir: 0xc2000 LB 0x520 +9c80.8984: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +9c80.8984: [Raw version resource data: 0xc20b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] +9c80.8984: ProductName: Microsoft® Windows® Operating System +9c80.8984: ProductVersion: 10.0.22621.3958 +9c80.8984: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +9c80.8984: FileDescription: Windows NT BASE API Client DLL +9c80.8984: \SystemRoot\System32\KernelBase.dll: +9c80.8984: CreationTime: 2024-10-12T16:13:13.874348200Z +9c80.8984: LastWriteTime: 2024-10-12T16:13:13.976987600Z +9c80.8984: ChangeTime: 2024-10-15T19:50:07.879884900Z +9c80.8984: FileAttributes: 0x20 +9c80.8984: Size: 0x3bdba0 +9c80.8984: NT Headers: 0xf8 +9c80.8984: Timestamp: 0xcf64c6a +9c80.8984: Machine: 0x8664 - amd64 +9c80.8984: Timestamp: 0xcf64c6a +9c80.8984: Image Version: 10.0 +9c80.8984: SizeOfImage: 0x3b7000 (3895296) +9c80.8984: Resource Dir: 0x386000 LB 0x548 +9c80.8984: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +9c80.8984: [Raw version resource data: 0x3860b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] +9c80.8984: ProductName: Microsoft® Windows® Operating System +9c80.8984: ProductVersion: 10.0.22621.4249 +9c80.8984: FileVersion: 10.0.22621.4249 (WinBuild.160101.0800) +9c80.8984: FileDescription: Windows NT BASE API Client DLL +9c80.8984: \SystemRoot\System32\apisetschema.dll: +9c80.8984: CreationTime: 2024-08-18T11:45:33.363168100Z +9c80.8984: LastWriteTime: 2024-08-18T11:45:33.366168300Z +9c80.8984: ChangeTime: 2024-10-12T16:14:17.396998700Z +9c80.8984: FileAttributes: 0x20 +9c80.8984: Size: 0x245e0 +9c80.8984: NT Headers: 0xc8 +9c80.8984: Timestamp: 0x8f476251 +9c80.8984: Machine: 0x8664 - amd64 +9c80.8984: Timestamp: 0x8f476251 +9c80.8984: Image Version: 10.0 +9c80.8984: SizeOfImage: 0x23000 (143360) +9c80.8984: Resource Dir: 0x22000 LB 0x408 +9c80.8984: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] +9c80.8984: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)] +9c80.8984: ProductName: Microsoft® Windows® Operating System +9c80.8984: ProductVersion: 10.0.22621.3958 +9c80.8984: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +9c80.8984: FileDescription: ApiSet Schema DLL +9c80.8984: supR3HardenedWinFindAdversaries: 0x0 +9c80.8984: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +9c80.8984: Calling main() +9c80.8984: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 +9c80.8984: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +9c80.8984: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) +9c80.8984: SUPR3HardenedMain: Final process, opening VBoxDrv... +9c80.8984: supR3HardenedEarlyCompact: Removed heap 1 (0x00022071600000 LB 0x800000) +9c80.8984: supR3HardNtEnableThreadCreationEx: +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbd2460000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd2460000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd2460000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd2460000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1c80000 LB 0x000a7000 C:\Windows\System32\msvcrt.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1d30000 LB 0x00114000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1bf0000 LB 0x0006c000 C:\Windows\System32\Wintrust.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1240000 LB 0x00111000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1a80000 LB 0x00166000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-fibers-l1-1-1' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf0b40000 LB 0x00012000 C:\Windows\SYSTEM32\MSASN1.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\system32\Wintrust.dll' +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1400000 LB 0x00028000 C:\Windows\System32\bcrypt.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1400000 'C:\Windows\system32\bcrypt.dll' +9c80.8984: bcrypt.dll loaded at 00007ffbf1400000, BCryptOpenAlgorithmProvider at 00007ffbf1404520, preloading providers: +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf18e0000 LB 0x0007b000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf18e0000 'C:\Windows\system32\bcryptprimitives.dll' +9c80.8984: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000022071ed3ff0) +9c80.8984: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000022071ed42f0) +9c80.8984: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000022071ed4640) +9c80.8984: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000022071ed4990) +9c80.8984: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000022071ed4ce0) +9c80.8984: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000022071ed6040) +9c80.8984: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000022071ed6390) +9c80.8984: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000022071ed66e0) +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf0af0000 LB 0x0001b000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf02c0000 LB 0x00035000 C:\Windows\system32\rsaenh.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf0ad0000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3010000 'C:\Windows\System32\kernel32.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\System32\WINTRUST.DLL' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\CRYPT32.dll' +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1c60000 LB 0x0001f000 C:\Windows\System32\imagehlp.dll [fFlags=0x0] +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3a90000 LB 0x000a8000 C:\Windows\System32\sechost.dll [fFlags=0x0] +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'bcrypt.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf0810000 LB 0x00026000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbeaa90000 LB 0x00032000 C:\Windows\System32\cryptnet.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbeaa90000 'C:\Windows\System32\cryptnet.dll' +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1170000 LB 0x00027000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf2f50000 LB 0x000b2000 C:\Windows\System32\advapi32.dll [fFlags=0x0] +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E45681AAA4DF35F95CF4CDCC7434AD683E6F09E9 +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1d30000 'C:\Windows\System32\rpcrt4.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package051420~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\SystemRoot\System32\ntdll.dll' +9c80.8984: g_pfnWinVerifyTrust=00007ffbf1c024c0 +9c80.8984: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\system32\crypt32.dll' +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xba02d0ab12c5ed00 CN=XBL Client IPsec Issuing CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x90db3c55e94ed6ab CN=Bitdefender Personal CA.Net-Defender, OU=IDS, O=Bitdefender, C=US +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x62e562aabc48cf00 C=DE, Email=info@win-unattended.de, CN=Win-Unattended +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x9546d06a8d70b800 CN=XBL Server IPsec Issuing CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x7cffd65c5161f300 C=US, ST=California, L=Irvine, O=Blizzard Entertainment, OU=Battle.net, CN=Blizzard Battle.net Local Cert +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xb58b8802a8fec00 CN=DESKTOP-OP1A +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp. +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc. +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x4a25c87eb933b700 C=RO, O=certSIGN, OU=certSIGN ROOT CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x670683072a91b300 C=US, O=Microsoft Corporation, CN=Microsoft Identity Verification Root Certificate Authority 2020 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x3d993fde1950a700 C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x80d5e6f878f9bd00 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x2404221294e78d00 C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x96cb178d285f9e36 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x298c3394be5bca00 C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x362d8807333b600 C=US, O=DigiCert, Inc., CN=DigiCert CS RSA4096 Root G5 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048) +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x7b3081c535b843ae C=US, O=Google Trust Services LLC, CN=GTS Root R4 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3 +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA +9c80.8984: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root +9c80.8984: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=74 +9c80.8984: SUPR3HardenedMain: Load Runtime... +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'mpr.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp140.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [redoing WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbd2b70000 LB 0x0001e000 C:\Windows\SYSTEM32\VCRUNTIME140.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbe9a70000 LB 0x0000c000 C:\Windows\SYSTEM32\VCRUNTIME140_1.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffb7a600000 LB 0x0008d000 C:\Windows\SYSTEM32\MSVCP140.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbea480000 LB 0x0001e000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3510000 LB 0x00071000 C:\Windows\System32\WS2_32.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffb1ec00000 LB 0x006f4000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-fibers-l1-1-1' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-fibers-l1-1-1' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3010000 'C:\Windows\System32\kernel32.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-string-l1-1-0' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-l1-2-1' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-datetime-l1-1-1' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-obsolete-l1-2-0' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ec00000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\system32\Wintrust.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\system32\crypt32.dll' +9c80.8984: SUPR3HardenedMain: Load TrustedMain... +9c80.50dc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-appmodel-runtime-l1-1-2) -> 0x0, fPresent=1 +9c80.50dc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-appmodel-runtime-l1-1-2 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.50dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcrt.dll'. +9c80.50dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll) +9c80.50dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.50dc: supR3HardenedDllNotificationCallback: load 00007ffbf02a0000 LB 0x00018000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0] +9c80.50dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust] +9c80.50dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02a0000 'api-ms-win-appmodel-runtime-l1-1-2' +9c80.50dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.50dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.50dc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vboxrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'advapi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'combase.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] +9c80.8984: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf14f0000 LB 0x00026000 C:\Windows\System32\win32u.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1360000 LB 0x0009a000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1960000 LB 0x00118000 C:\Windows\System32\gdi32full.dll [fFlags=0x0] +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'win32u.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf2f20000 LB 0x00029000 C:\Windows\System32\GDI32.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf1e50000 LB 0x001af000 C:\Windows\System32\USER32.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf21c0000 LB 0x0038e000 C:\Windows\System32\combase.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf2010000 LB 0x001a5000 C:\Windows\System32\ole32.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf30e0000 LB 0x000d7000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffb97ce0000 LB 0x00047000 C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.dll +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll +9c80.8984: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000004bc (hFile=0000000000000488) with 0xc0000022 -> STATUS_TRUST_FAILURE +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'. +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'. +9c80.8984: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'. +9c80.8984: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3270000 LB 0x00031000 C:\Windows\System32\IMM32.DLL [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3270000 'C:\Windows\system32\IMM32.DLL' +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled] +9c80.8984: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'. +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97ce0000 'C:\Program Files\Oracle\VirtualBox\VBoxHeadless.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' +9c80.8984: SUPR3HardenedMain: Calling TrustedMain (00007ffb97ce3490)... +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'bcryptprimitives.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #52 'msvcp_win.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcss.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcss.dll +9c80.8984: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000478 (hFile=00000000000005f8) with 0xc0000022 -> STATUS_TRUST_FAILURE +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3de0000 LB 0x000b0000 C:\Windows\System32\clbcatq.dll [fFlags=0x0] +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005fc pwszName=\Device\HarddiskVolume3\Windows\System32\rpcss.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A0A23DE01FB3729AE4266F045E5F688E575998C9 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05142030~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcss.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcss.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'advapi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'ole32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffb1be10000 LB 0x003f5000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1be10000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll' +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcss.dll +9c80.8984: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000005cc (hFile=00000000000005e0) with 0xc0000022 -> STATUS_TRUST_FAILURE +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shlwapi.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf3b60000 LB 0x0005e000 C:\Windows\System32\SHLWAPI.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffb58170000 LB 0x000e5000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb58170000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf30e0000 'C:\Windows\System32\oleaut32.dll' +9c80.1eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.1eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.1eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'. +9c80.1eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust +9c80.1eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.1eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.1eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.1eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.1eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll +9c80.1eb4: supR3HardenedDllNotificationCallback: load 00007ffb1b690000 LB 0x0057c000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0] +9c80.1eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll +9c80.1eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1b690000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf2010000 'C:\Windows\System32\ole32.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf30e0000 'C:\Windows\System32\OLEAUT32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007f4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9AD36488966AA7858FEFB09EE4C1DB68C5F52047 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wbemcomn.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007fc pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=48E4CF81FAA1F76B63306E69DB1B016762CEEDB5 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbe42d0000 LB 0x00080000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbe44d0000 LB 0x00010000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe44d0000 'C:\Windows\system32\wbem\wbemprox.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000834 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=90D9CA995849F184A9BB705EF47370C35858B12B +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbe3aa0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3aa0000 'C:\Windows\system32\wbem\wbemsvc.dll' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-l1-2-0.dll' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-obsolete-l1-1-0.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000804 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DC8B991B33B1EAEF6ABE184956A7D591BF63E61B +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbe3ac0000 LB 0x000f8000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3ac0000 'C:\Windows\system32\wbem\fastprox.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000085c pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E2ACDC6C91AD00483DCF60BAE07E77D4A30A9EA6 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll' +9c80.8984: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbd14e0000 LB 0x0001d000 C:\Windows\System32\amsi.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd14e0000 'C:\Windows\System32\amsi.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbf0840000 LB 0x00028000 C:\Windows\SYSTEM32\USERENV.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll [avoiding WinVerifyTrust] +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\userenv.dll' +9c80.8984: \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll: Owner is administrators group. +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'. +9c80.8984: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'. +9c80.8984: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll) WinVerifyTrust +9c80.8984: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... +9c80.8984: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] +9c80.8984: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll +9c80.8984: supR3HardenedDllNotificationCallback: load 00007ffbcf480000 LB 0x000cb000 C:\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll [fFlags=0x0] +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-fibers-l1-1-1' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-synch-l1-2-0' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3010000 'C:\Windows\System32\kernel32.dll' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-string-l1-1-0' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-l1-2-1' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-datetime-l1-1-1' +9c80.8984: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1 +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1520000 'api-ms-win-core-localization-obsolete-l1-2-0' +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbcf480000 'C:\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267083866836976369\antimalware_provider64.dll' +9c80.8984: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8984: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8984: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf2f50000 'C:\Windows\System32\ADVAPI32.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf2010000 'C:\Windows\system32\ole32.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shell32.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'. +9c80.8ae8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust +9c80.8ae8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'user32.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #76 'gdi32.dll'. +9c80.8ae8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll) WinVerifyTrust +9c80.8ae8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8ae8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll +9c80.8ae8: supR3HardenedDllNotificationCallback: load 00007ffbf2560000 LB 0x00869000 C:\Windows\System32\SHELL32.dll [fFlags=0x0] +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll +9c80.8ae8: supR3HardenedDllNotificationCallback: load 00007ffba16b0000 LB 0x00021000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0] +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffba16b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL' +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cfc pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DA70DD2CC774EF1F0FAB230285C360AB287142D8 +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll' +9c80.8ae8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'. +9c80.8ae8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'user32.dll'. +9c80.8ae8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust +9c80.8ae8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009: [calling] +9c80.8ae8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll +9c80.8ae8: supR3HardenedDllNotificationCallback: load 00007ffbee670000 LB 0x000b1000 C:\Windows\system32\uxtheme.dll [fFlags=0x0] +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbee670000 'C:\Windows\system32\uxtheme.dll' +9c80.8c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.8c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'. +9c80.8c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust +9c80.8c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.8c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll +9c80.8c44: supR3HardenedDllNotificationCallback: load 00007ffbd2400000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0] +9c80.8c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll +9c80.8c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd2400000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf2560000 'C:\Windows\system32\Shell32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll) +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll) +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbef030000 LB 0x0013f000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust] +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbef170000 LB 0x008ff000 C:\Windows\SYSTEM32\windows.storage.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust] +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbf2e20000 LB 0x000f9000 C:\Windows\System32\SHCORE.dll [fFlags=0x0] +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll) +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c98 pwszName=\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000022071f1bc70 +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000022071f1bc70 +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E00664AAD131505CFEA4FB69BEF260571D07D0D8 +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll' +9c80.8b28: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900) +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'devobj.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'cfgmgr32.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume3\Windows\System32\vid.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll) +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vid.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vid.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust] +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbdc2f0000 LB 0x0003e000 C:\Windows\SYSTEM32\vid.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbf0f50000 LB 0x0004e000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust] +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbf0f00000 LB 0x0002c000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffb95fd0000 LB 0x00047000 C:\Windows\system32\WinHvPlatform.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95fd0000 'C:\Windows\system32\WinHvPlatform.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdc2f0000 'C:\Windows\system32\vid.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf3f30000 'C:\Windows\system32\NTDLL.DLL' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vcruntime140.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'. +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbf3590000 LB 0x00474000 C:\Windows\System32\SETUPAPI.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffb5e200000 LB 0x00071000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffb1a400000 LB 0x0085d000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbefd40000 LB 0x0002d000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffb1ac60000 LB 0x00a2c000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1ac60000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1be10000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb1a400000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL' +9c80.52dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.52dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.52dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.52dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'. +9c80.52dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust +9c80.52dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll +9c80.52dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.52dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.52dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.52dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.52dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.52dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll +9c80.52dc: supR3HardenedDllNotificationCallback: load 00007ffbbec40000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0] +9c80.52dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll +9c80.52dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbbec40000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL' +9c80.8618: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8618: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8618: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.8618: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.8618: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.8618: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'. +9c80.8618: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust +9c80.8618: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.8618: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.8618: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.8618: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vcruntime140.dll +9c80.8618: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8618: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll +9c80.8618: supR3HardenedDllNotificationCallback: load 00007ffbd2110000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0] +9c80.8618: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll +9c80.8618: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd2110000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL' +9c80.41bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.41bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.41bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vcruntime140.dll'. +9c80.41bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vcruntime140_1.dll'. +9c80.41bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp140.dll'. +9c80.41bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'. +9c80.41bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust +9c80.41bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'... +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008] +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp140.dll'... +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp140.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp140.dll' [rcNtRedir=0xc0150008] +9c80.41bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp140.dll +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140_1.dll'... +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140_1.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140_1.dll' [rcNtRedir=0xc0150008] +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vcruntime140.dll'... +9c80.41bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vcruntime140.dll' -> '\Device\HarddiskVolume3\Windows\System32\vcruntime140.dll' [rcNtRedir=0xc0150008] +9c80.41bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.41bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll +9c80.41bc: supR3HardenedDllNotificationCallback: load 00007ffbce9e0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0] +9c80.41bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll +9c80.41bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbce9e0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8b28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.8b28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust +9c80.8b28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.8b28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.8b28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009: [calling] +9c80.8b28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll +9c80.8b28: supR3HardenedDllNotificationCallback: load 00007ffbe1ba0000 LB 0x0009e000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0] +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1ba0000 'C:\Windows\System32\MMDevApi.dll' +9c80.8b28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8b28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1ba0000 'C:\Windows\System32\MMDEVAPI.DLL' +9c80.7d1c: supR3HardenedDllNotificationCallback: load 00007ffbf32b0000 LB 0x00160000 C:\Windows\System32\MSCTF.dll [fFlags=0x0] +9c80.7d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.7d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll) +9c80.7d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll +84dc.7e2c: \SystemRoot\System32\ntdll.dll: +84dc.7e2c: CreationTime: 2024-10-12T16:13:13.337096100Z +84dc.7e2c: LastWriteTime: 2024-10-12T16:13:13.368170000Z +84dc.7e2c: ChangeTime: 2024-10-15T19:50:08.320152600Z +84dc.7e2c: FileAttributes: 0x20 +84dc.7e2c: Size: 0x216090 +84dc.7e2c: NT Headers: 0xe8 +84dc.7e2c: Timestamp: 0xf9f266e7 +84dc.7e2c: Machine: 0x8664 - amd64 +84dc.7e2c: Timestamp: 0xf9f266e7 +84dc.7e2c: Image Version: 10.0 +84dc.7e2c: SizeOfImage: 0x217000 (2191360) +84dc.7e2c: Resource Dir: 0x1a0000 LB 0x759a8 +84dc.7e2c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] +84dc.7e2c: [Raw version resource data: 0x1a00f0 LB 0x380, codepage 0x0 (reserved 0x0)] +84dc.7e2c: ProductName: Microsoft® Windows® Operating System +84dc.7e2c: ProductVersion: 10.0.22621.4317 +84dc.7e2c: FileVersion: 10.0.22621.4317 (WinBuild.160101.0800) +84dc.7e2c: FileDescription: NT Layer DLL +84dc.7e2c: \SystemRoot\System32\kernel32.dll: +84dc.7e2c: CreationTime: 2024-08-18T11:45:46.245614200Z +84dc.7e2c: LastWriteTime: 2024-08-18T11:45:46.259376700Z +84dc.7e2c: ChangeTime: 2024-10-12T16:14:17.580433400Z +84dc.7e2c: FileAttributes: 0x20 +84dc.7e2c: Size: 0xc7168 +84dc.7e2c: NT Headers: 0xe8 +84dc.7e2c: Timestamp: 0xa9f358b9 +84dc.7e2c: Machine: 0x8664 - amd64 +84dc.7e2c: Timestamp: 0xa9f358b9 +84dc.7e2c: Image Version: 10.0 +84dc.7e2c: SizeOfImage: 0xc4000 (802816) +84dc.7e2c: Resource Dir: 0xc2000 LB 0x520 +84dc.7e2c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +84dc.7e2c: [Raw version resource data: 0xc20b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] +84dc.7e2c: ProductName: Microsoft® Windows® Operating System +84dc.7e2c: ProductVersion: 10.0.22621.3958 +84dc.7e2c: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +84dc.7e2c: FileDescription: Windows NT BASE API Client DLL +84dc.7e2c: \SystemRoot\System32\KernelBase.dll: +84dc.7e2c: CreationTime: 2024-10-12T16:13:13.874348200Z +84dc.7e2c: LastWriteTime: 2024-10-12T16:13:13.976987600Z +84dc.7e2c: ChangeTime: 2024-10-15T19:50:07.879884900Z +84dc.7e2c: FileAttributes: 0x20 +84dc.7e2c: Size: 0x3bdba0 +84dc.7e2c: NT Headers: 0xf8 +84dc.7e2c: Timestamp: 0xcf64c6a +84dc.7e2c: Machine: 0x8664 - amd64 +84dc.7e2c: Timestamp: 0xcf64c6a +84dc.7e2c: Image Version: 10.0 +84dc.7e2c: SizeOfImage: 0x3b7000 (3895296) +84dc.7e2c: Resource Dir: 0x386000 LB 0x548 +84dc.7e2c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] +84dc.7e2c: [Raw version resource data: 0x3860b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] +84dc.7e2c: ProductName: Microsoft® Windows® Operating System +84dc.7e2c: ProductVersion: 10.0.22621.4249 +84dc.7e2c: FileVersion: 10.0.22621.4249 (WinBuild.160101.0800) +84dc.7e2c: FileDescription: Windows NT BASE API Client DLL +84dc.7e2c: \SystemRoot\System32\apisetschema.dll: +84dc.7e2c: CreationTime: 2024-08-18T11:45:33.363168100Z +84dc.7e2c: LastWriteTime: 2024-08-18T11:45:33.366168300Z +84dc.7e2c: ChangeTime: 2024-10-12T16:14:17.396998700Z +84dc.7e2c: FileAttributes: 0x20 +84dc.7e2c: Size: 0x245e0 +84dc.7e2c: NT Headers: 0xc8 +84dc.7e2c: Timestamp: 0x8f476251 +84dc.7e2c: Machine: 0x8664 - amd64 +84dc.7e2c: Timestamp: 0x8f476251 +84dc.7e2c: Image Version: 10.0 +84dc.7e2c: SizeOfImage: 0x23000 (143360) +84dc.7e2c: Resource Dir: 0x22000 LB 0x408 +84dc.7e2c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] +84dc.7e2c: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)] +84dc.7e2c: ProductName: Microsoft® Windows® Operating System +84dc.7e2c: ProductVersion: 10.0.22621.3958 +84dc.7e2c: FileVersion: 10.0.22621.3958 (WinBuild.160101.0800) +84dc.7e2c: FileDescription: ApiSet Schema DLL +84dc.7e2c: supR3HardenedWinFindAdversaries: 0x0 +84dc.7e2c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +84dc.7e2c: Calling main() +84dc.7e2c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x3 +84dc.7e2c: supR3HardenedWinInitAppBin(0x3): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' +84dc.7e2c: System32: \Device\HarddiskVolume3\Windows\System32 +84dc.7e2c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS +84dc.7e2c: KnownDllPath: C:\Windows\System32 +84dc.7e2c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports +84dc.7e2c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe) +84dc.7e2c: supR3HardNtEnableThreadCreationEx: +84dc.7e2c: bcrypt.dll loaded at 00007ffbf1400000, BCryptOpenAlgorithmProvider at 00007ffbf1404520, preloading providers: +84dc.7e2c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000001f11eb5b000) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000001f11eb63870) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000001f11eb63bc0) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000001f11eb63f10) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000001f11eb64260) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000001f11eb645b0) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000001f11eb64900) +84dc.7e2c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000001f11eb64c50) +84dc.7e2c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll +84dc.7e2c: supR3HardNtViCallWinVerifyTrustCatFile: New context 000001f11eba4330 +84dc.7e2c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000001f11eba4330 +84dc.7e2c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E45681AAA4DF35F95CF4CDCC7434AD683E6F09E9 +84dc.7e2c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package051420~31bf3856ad364e35~amd64~~10.0.22621.4317.cat'; file='\SystemRoot\System32\ntdll.dll' +84dc.7e2c: g_pfnWinVerifyTrust=00007ffbf1c024c0 +84dc.7e2c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll) WinVerifyTrust +84dc.7e2c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll +84dc.7e2c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +84dc.7e2c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'. +84dc.7e2c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll) WinVerifyTrust +84dc.7e2c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xba02d0ab12c5ed00 CN=XBL Client IPsec Issuing CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x90db3c55e94ed6ab CN=Bitdefender Personal CA.Net-Defender, OU=IDS, O=Bitdefender, C=US +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x62e562aabc48cf00 C=DE, Email=info@win-unattended.de, CN=Win-Unattended +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x9546d06a8d70b800 CN=XBL Server IPsec Issuing CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x7cffd65c5161f300 C=US, ST=California, L=Irvine, O=Blizzard Entertainment, OU=Battle.net, CN=Blizzard Battle.net Local Cert +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xb58b8802a8fec00 CN=DESKTOP-OP1A +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp. +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc. +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x4a25c87eb933b700 C=RO, O=certSIGN, OU=certSIGN ROOT CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x670683072a91b300 C=US, O=Microsoft Corporation, CN=Microsoft Identity Verification Root Certificate Authority 2020 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d993fde1950a700 C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x80d5e6f878f9bd00 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x2404221294e78d00 C=GB, O=Sectigo Limited, CN=Sectigo Public Code Signing Root R46 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x96cb178d285f9e36 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x298c3394be5bca00 C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x362d8807333b600 C=US, O=DigiCert, Inc., CN=DigiCert CS RSA4096 Root G5 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048) +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x7b3081c535b843ae C=US, O=Google Trust Services LLC, CN=GTS Root R4 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3 +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA +84dc.7e2c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root +84dc.7e2c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=74 +84dc.7e2c: SUPR3HardenedMain: Load Runtime... +84dc.7e2c: SUPR3HardenedMain: Load TrustedMain... +84dc.7e2c: SUPR3HardenedMain: Calling TrustedMain (00007ffb249a19a0)... +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll +9c80.9748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\System32\WINTRUST.DLL' +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\CRYPT32.dll' +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9748: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll' +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9748: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'ws2_32.dll'. +9c80.9748: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'. +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll) WinVerifyTrust +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.9748: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'... +9c80.9748: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008] +9c80.9748: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll +9c80.9748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.9748: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbf07a0000 LB 0x00069000 C:\Windows\system32\mswsock.dll [fFlags=0x0] +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf07a0000 'C:\Windows\system32\mswsock.dll' +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll +9c80.9748: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.9748: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf07a0000 'C:\Windows\system32\mswsock.dll' +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dnsapi.dll) +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dnsapi.dll +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbefd70000 LB 0x00102000 C:\Windows\SYSTEM32\DNSAPI.dll [fFlags=0x0] +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust] +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbf3b50000 LB 0x00009000 C:\Windows\System32\NSI.dll [fFlags=0x0] +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll) +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll +9c80.9748: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll) +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbed630000 LB 0x00019000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0] +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust] +9c80.9748: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'. +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll) +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbed610000 LB 0x0001f000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0] +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust] +9c80.9748: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll) +9c80.9748: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll +9c80.9748: supR3HardenedDllNotificationCallback: load 00007ffbee930000 LB 0x0000d000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0] +9c80.9748: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust] +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll +9c80.9730: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\System32\WINTRUST.DLL' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\CRYPT32.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dnsapi.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.9730: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'. +9c80.9730: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'. +9c80.9730: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) WinVerifyTrust +9c80.9730: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'... +9c80.9730: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008] +9c80.9730: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.9730: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll +9c80.9730: supR3HardenedDllNotificationCallback: load 00007ffbd3070000 LB 0x001ed000 C:\Windows\System32\AUDIOSES.DLL [fFlags=0x0] +9c80.9730: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll +9c80.9730: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbd3070000 'C:\Windows\System32\AUDIOSES.DLL' +9c80.9730: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.9730: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'. +9c80.9730: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll) +9c80.9730: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll +9c80.9730: supR3HardenedDllNotificationCallback: load 00007ffbeec20000 LB 0x00015000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0] +9c80.9730: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust] +9c80.9730: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'. +9c80.9730: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll) +9c80.9730: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll +9c80.9730: supR3HardenedDllNotificationCallback: load 00007ffbf00b0000 LB 0x0004d000 C:\Windows\SYSTEM32\powrprof.dll [fFlags=0x0] +9c80.9730: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll [avoiding WinVerifyTrust] +9c80.9730: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll) +9c80.9730: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll +9c80.9730: supR3HardenedDllNotificationCallback: load 00007ffbf0090000 LB 0x00013000 C:\Windows\SYSTEM32\UMPDC.dll [fFlags=0x0] +9c80.9730: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [avoiding WinVerifyTrust] +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'... +9c80.8ae8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008] +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1bf0000 'C:\Windows\System32\WINTRUST.DLL' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\CRYPT32.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf02c0000 'C:\Windows\system32\rsaenh.dll' +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1a80000 'C:\Windows\System32\crypt32.dll' +9c80.8ae8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll' +9c80.8ae8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\User32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001: [calling] +9c80.8ae8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf1e50000 'C:\Windows\system32\User32.dll' +9c80.5538: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'. +9c80.5538: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\edputil.dll) +9c80.5538: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\edputil.dll +9c80.5538: supR3HardenedDllNotificationCallback: load 00007ffbbf780000 LB 0x00028000 C:\Windows\SYSTEM32\edputil.dll [fFlags=0x0] +9c80.5538: supR3HardenedScreenImage/LdrLoadDll: cache hit (22900) on \Device\HarddiskVolume3\Windows\System32\edputil.dll [avoiding WinVerifyTrust] +9c80.41bc: supR3HardenedDllNotificationCallback: Unload 00007ffbce9e0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0] +9c80.8618: supR3HardenedDllNotificationCallback: Unload 00007ffbd2110000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0] +9c80.52dc: supR3HardenedDllNotificationCallback: Unload 00007ffbbec40000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0] +9c80.8c44: supR3HardenedDllNotificationCallback: Unload 00007ffbd2400000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0] +9c80.8ae8: supR3HardenedDllNotificationCallback: Unload 00007ffba16b0000 LB 0x00021000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0] +9c80.8b28: supR3HardenedDllNotificationCallback: Unload 00007ffb1ac60000 LB 0x00a2c000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0] +9c80.8b28: supR3HardenedDllNotificationCallback: Unload 00007ffb5e200000 LB 0x00071000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0] +9c80.8b28: supR3HardenedDllNotificationCallback: Unload 00007ffb1a400000 LB 0x0085d000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0] +9c80.8b28: supR3HardenedDllNotificationCallback: Unload 00007ffbf3590000 LB 0x00474000 C:\Windows\System32\SETUPAPI.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffb1b690000 LB 0x0057c000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffb58170000 LB 0x000e5000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffbe3aa0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffbe44d0000 LB 0x00010000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffb1be10000 LB 0x003f5000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffbe3ac0000 LB 0x000f8000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0] +9c80.8984: supR3HardenedDllNotificationCallback: Unload 00007ffbe42d0000 LB 0x00080000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0] +9c80.8984: Terminating the normal way: rcExit=0 +935c.98b0: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2619221 ms, the end); +7758.3dfc: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2620127 ms, the end); +84dc.7e2c: Terminating the normal way: rcExit=0 diff --git a/bimmertools/Logs/VBoxUI.log b/bimmertools/Logs/VBoxUI.log new file mode 100644 index 0000000..762a85f --- /dev/null +++ b/bimmertools/Logs/VBoxUI.log @@ -0,0 +1,247 @@ +00:00:00.218791 VirtualBox GUI (separate) 7.1.4 r165100 win.amd64 (Oct 10 2024 18:57:17) release log +00:00:00.218792 Log opened 2024-11-18T19:56:07.389290500Z +00:00:00.218793 Build Type: release +00:00:00.218794 OS Product: Windows 11 +00:00:00.218795 OS Release: 10.0.22631 +00:00:00.218795 OS Service Pack: +00:00:00.259031 DMI Product Name: MS-7D89 +00:00:00.266894 DMI Product Version: 1.0 +00:00:00.266914 Firmware type: UEFI +00:00:00.267409 Secure Boot: Enabled +00:00:00.267418 Host RAM: 32532MB (31.7GB) total, 13345MB (13.0GB) available +00:00:00.267421 Executable: C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe +00:00:00.267421 Process ID: 34012 +00:00:00.267421 Package type: WINDOWS_64BITS_GENERIC +00:00:00.267421 Windows Features: +00:00:00.267422 Core Isolation (Memory Integrity): ENABLED +00:00:00.268465 GUI: UIMediumEnumerator: Initial medium-enumeration finished! +00:00:00.294729 GUI: UIMediumEnumerator: Medium-enumeration started... +00:00:00.694372 GUI: UIFrameBufferPrivate::performResize: Size=640x480, Using fallback buffer since no source bitmap is provided +00:00:00.708558 DnD: User Interface Privilege Isolation (UIPI) is running with SECURITY_MANDATORY_HIGH_RID +00:00:00.708591 DnD: Warning: The VM process' integrity level is higher than most regular processes on the system. This means that drag'n drop most likely will not work with other applications! +00:00:00.709987 GUI: UIMachineViewNormal::resendSizeHint: Restoring guest size-hint for screen 0 to 800x600 +00:00:02.195200 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:00:02.195250 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:00:02.217335 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:00:02.217373 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:00:02.264774 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:00:02.267181 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:00:12.057421 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:00:13.203900 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:00:19.308758 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:13:02.797701 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:13:09.254988 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:13:13.283806 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:14:37.384150 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:14:39.801437 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:16:04.060533 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:18:59.921295 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:22:23.971522 GUI: UIMediumEnumerator: Medium with key={{af2e6681-05eb-4dc7-835c-171ebc0f5278}} created +00:22:24.419414 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:22:59.459168 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:23:27.530337 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:23:27.530362 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:23:27.530812 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:23:27.530833 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:23:27.531210 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:23:27.531230 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:23:27.531271 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:23:27.532076 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:23:27.532121 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:23:35.191616 GUI: UIFrameBufferPrivate::IsVideoModeSupported: Mode: BPP=32, Size=1920x1440 is NOT supported +00:23:35.300505 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:23:51.440563 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:23:51.444065 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:23:51.444108 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:23:51.444163 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:23:51.445112 GUI: UIMachineLogic: Guest-screen count changed +00:23:51.924994 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:23:52.692306 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:24:00.283846 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:00.283871 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:00.284515 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:00.284549 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:00.284600 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:00.284813 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:00.284832 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:00.285915 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:00.285925 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:18.060843 GUI: UIFrameBufferPrivate::IsVideoModeSupported: Mode: BPP=32, Size=1920x1440 is NOT supported +00:24:18.160767 GUI: UIFrameBufferPrivate::performResize: Size=1024x768, Using fallback buffer since no source bitmap is provided +00:24:25.723886 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:25.723923 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:25.780587 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:25.780624 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:25.780678 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:25.782648 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:25.782672 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:25.782714 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:28.258187 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:28.258222 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:28.258276 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:28.259386 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:28.259420 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:28.259485 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:30.539671 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:30.539720 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:30.539779 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:30.539944 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:30.539972 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:30.540046 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:32.937355 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:32.937402 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:32.937476 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:32.937761 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:32.937792 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:32.940164 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:35.139498 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:35.139530 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:35.139582 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:35.140764 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:35.140797 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:35.140862 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:37.373194 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:37.373243 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:37.373301 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:37.373609 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:37.373631 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:37.376259 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:39.601327 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:39.601366 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:39.601417 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:39.601528 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:39.601539 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:39.601574 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:41.811079 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:41.811101 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:41.811439 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:24:41.811461 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:44.044507 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:44.044539 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:44.044577 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:44.046112 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:44.046129 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:44.046165 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:46.281813 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:46.281846 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:46.281952 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:46.283762 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:46.283798 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:46.283872 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:24:48.498874 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:24:48.498912 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:24:48.498956 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:25:25.163981 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:25:25.164025 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:25:25.727541 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:25:25.727576 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:25:25.728363 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:25:25.821962 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:25:25.822008 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:25:25.822071 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:25:25.822280 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:25:25.822310 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:25:39.171049 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:25:50.778119 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:25:57.178840 GUI: UIMachineView::sltPerformGuestResize: Sending guest size-hint to screen 0 as 1115x786 +00:25:57.180989 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1115x786 to guest-screen 0 because this hint was previously sent. +00:25:57.181923 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:25:57.186955 GUI: UIFrameBufferPrivate::performResize: Size=1115x786, Using fallback buffer since no source bitmap is provided +00:25:57.199492 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1115x786 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.205262 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1115x786 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.265973 GUI: UIMachineView::sltPerformGuestResize: Sending guest size-hint to screen 0 as 1117x786 +00:25:57.306774 GUI: UIMachineView::sltPerformGuestResize: Sending guest size-hint to screen 0 as 1127x787 +00:25:57.308375 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because this hint was previously sent. +00:25:57.374632 GUI: UIMachineView::sltPerformGuestResize: Sending guest size-hint to screen 0 as 1139x789 +00:25:57.374938 GUI: UIFrameBufferPrivate::performResize: Size=1117x786, Using fallback buffer since no source bitmap is provided +00:25:57.420866 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1117x786 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.421121 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1117x786 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.421185 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1117x786 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.421196 GUI: UIFrameBufferPrivate::performResize: Size=1127x787, Using fallback buffer since no source bitmap is provided +00:25:57.535697 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.536062 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.536090 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.536109 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.536127 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1127x787 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.536196 GUI: UIFrameBufferPrivate::performResize: Size=1139x789, Using fallback buffer since no source bitmap is provided +00:25:57.588273 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.588303 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.589344 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.589376 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.589856 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.606944 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:25:57.615341 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.690132 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.741809 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1139x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:57.885207 GUI: UIMachineView::sltPerformGuestResize: Sending guest size-hint to screen 0 as 1140x789 +00:25:57.886892 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:25:57.890155 GUI: UIFrameBufferPrivate::performResize: Size=1140x789, Using fallback buffer since no source bitmap is provided +00:25:58.103994 GUI: UIMachineView::sltPerformGuestResize: Omitting to send size-hint 1140x789 to guest-screen 0 because frame-buffer is already of the same size. +00:25:58.105269 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:26:06.562217 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:26:10.118942 GUI: UIMediumEnumerator: Medium-enumeration finished! +00:28:23.981275 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:28:23.981339 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:28:23.981416 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:28:25.767653 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:28:25.767693 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:28:25.767738 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:28:25.768197 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:28:25.768228 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:28:25.768281 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:37:53.612222 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:37:53.612283 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:37:53.612360 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:37:56.843564 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:37:56.843601 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:37:56.845202 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:37:56.845402 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:37:56.845421 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:39:11.243098 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:39:11.243153 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:39:11.243227 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:39:14.727536 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:39:14.727594 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:39:14.727712 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:39:14.727889 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:39:14.727907 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:42:32.847653 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:42:32.847697 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:42:32.847792 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:42:33.660656 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:42:33.660702 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:42:33.660735 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:42:33.662718 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:42:33.662747 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:11.812422 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:43:11.812465 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:43:11.812727 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:17.674788 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:43:17.674835 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:43:17.674942 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:19.906809 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:43:19.906858 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:43:19.906933 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:19.907254 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:43:19.907297 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:43:19.907369 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:21.542514 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:43:21.542549 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:22.132633 GUI: UISession::sltAdditionsChange: GA state really changed, notifying listeners. +00:43:22.132667 GUI: UIMachineViewNormal::adjustGuestScreenSize: Adjust guest-screen size if necessary +00:43:22.132748 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:22.137001 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:43:22.137027 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:22.137206 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:43:22.137222 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:22.138475 GUI: UISession::sltAdditionsChange: GA state doesn't really changed, still notifying listeners. +00:43:22.138495 GUI: UIMachineLogicNormal::sltCheckForRequestedVisualStateType: Requested-state=1, Machine-state=6 +00:43:30.577086 GUI: UIFrameBufferPrivate::performResize: Size=1140x789, Using fallback buffer since no source bitmap is provided +00:43:30.924470 GUI: Waiting for session to be unlocked to close Runtime UI.. +00:43:30.983413 GUI: Request to close Runtime UI because session is unlocked. +00:43:30.983433 GUI: Request for async QApp quit. +00:43:30.985163 GUI: Cannot notify guest about VM window out-of-focus event +00:43:30.998297 GUI: UICommon: Handling aboutToQuit request.. +00:43:32.233596 ERROR [COM]: aRC=E_UNEXPECTED (0x8000ffff) aIID={c0447716-ff5a-4795-b57a-ecd5fffa18a4} aComponent={SessionWrap} aText={The session is not locked (session state: Unlocked)}, preserve=false aResultDetail=0 +00:43:32.233944 ERROR [COM]: aRC=E_UNEXPECTED (0x8000ffff) aIID={c0447716-ff5a-4795-b57a-ecd5fffa18a4} aComponent={SessionWrap} aText={The session is not locked (session state: Unlocked)}, preserve=false aResultDetail=0 +00:43:32.243835 GUI: UICommon: aboutToQuit request handled! diff --git a/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-VBOXPOST.CMD b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-VBOXPOST.CMD new file mode 100644 index 0000000..9c5038f --- /dev/null +++ b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-VBOXPOST.CMD @@ -0,0 +1,59 @@ +@echo off +rem $Id: win_postinstall.cmd 164827 2024-09-16 14:03:52Z bird $ +rem rem @file +rem Post installation script template for Windows. +rem +rem This runs after the target system has been booted, typically as +rem part of the first logon. +rem + +rem +rem Copyright (C) 2017-2024 Oracle and/or its affiliates. +rem +rem This file is part of VirtualBox base platform packages, as +rem available from https://www.virtualbox.org. +rem +rem This program is free software; you can redistribute it and/or +rem modify it under the terms of the GNU General Public License +rem as published by the Free Software Foundation, in version 3 of the +rem License. +rem +rem This program is distributed in the hope that it will be useful, but +rem WITHOUT ANY WARRANTY; without even the implied warranty of +rem MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +rem General Public License for more details. +rem +rem You should have received a copy of the GNU General Public License +rem along with this program; if not, see . +rem +rem SPDX-License-Identifier: GPL-3.0-only +rem + +rem Globals. +set MY_LOG_FILE=C:\vboxpostinstall.log + +rem Log header. +echo *** started >> %MY_LOG_FILE% +echo *** CD=%CD% >> %MY_LOG_FILE% +echo *** Environment BEGIN >> %MY_LOG_FILE% +set >> %MY_LOG_FILE% +echo *** Environment END >> %MY_LOG_FILE% + + + + + + + + + + + +rem +rem Eject/rename no longer needed unattended install configuration and media. +rem +if exist a:\autounattend.xml ren a:\autounattend.xml autounattend-disabled.xml +rem rem @todo eject DVD install media + +echo *** done >> %MY_LOG_FILE% + diff --git a/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-autounattend.xml b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-autounattend.xml new file mode 100644 index 0000000..61d6816 --- /dev/null +++ b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-autounattend.xml @@ -0,0 +1,279 @@ + + + + + + + en-US + en-US + en-US + + en-us + + + + + + OnError + + 0 + true + + + + + 1 + Primary + 300 + + + 2 + EFI + 100 + + + 3 + MSR + 128 + + + 4 + Primary + true + + + + + 1 + 1 + + NTFS + de94bba4-06d1-4d40-a16a-bfd50179d6ac + + + 2 + 2 + + FAT32 + + + 3 + 3 + + + 4 + 4 + + C + NTFS + + + + + + + + + true + + + + + + + + /IMAGE/INDEX + 1 + + + + + 0 + + + 4 + + + OnError + false + + + + + OnError + + + + + + 1 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassCPUCheck /t REG_DWORD /d 1 /f + Windows 11 disable CPU check + + + 2 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassRAMCheck /t REG_DWORD /d 1 /f + Windows 11 disable RAM check + + + 3 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassSecureBootCheck /t REG_DWORD /d 1 /f + Windows 11 disable Secure Boot check + + + 4 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassStorageCheck /t REG_DWORD /d 1 /f + Windows 11 disable Storage check + + + 5 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassTPMCheck /t REG_DWORD /d 1 /f + Windows 11 disable TPM check + + + + + + + + + bimmertools + + + + + + + + 1 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassCPUCheck /t REG_DWORD /d 1 /f + Windows 11 disable CPU check + + + 2 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassRAMCheck /t REG_DWORD /d 1 /f + Windows 11 disable RAM check + + + 3 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassSecureBootCheck /t REG_DWORD /d 1 /f + Windows 11 disable Secure Boot check + + + 4 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassStorageCheck /t REG_DWORD /d 1 /f + Windows 11 disable Storage check + + + 5 + reg.exe ADD HKLM\SYSTEM\Setup\LabConfig /v BypassTPMCheck /t REG_DWORD /d 1 /f + Windows 11 disable TPM check + + + + + + + + + + bimmer + true</PlainText> + </Password> + <Enabled>true</Enabled> + <Username>tools</Username> + </AutoLogon> + + <UserAccounts> + + <AdministratorPassword> + <Value>bimmer</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Name>tools</Name> + <DisplayName>tools</DisplayName> + <Group>administrators;users</Group> + <Password> + <Value>bimmer</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + </LocalAccounts> + + + </UserAccounts> + + <VisualEffects> + <FontSmoothing>ClearType</FontSmoothing> + </VisualEffects> + + <OOBE> + <ProtectYourPC>3</ProtectYourPC> + <HideEULAPage>true</HideEULAPage> + <SkipUserOOBE>true</SkipUserOOBE> + <SkipMachineOOBE>true</SkipMachineOOBE> + <!-- Make this (NetworkLocation) default to public and make it configurable --> + <NetworkLocation>Home</NetworkLocation> + </OOBE> + + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <!-- For which OS versions do we need to do this? --> + <Order>1</Order> + <Description>Turn Off Network Selection pop-up</Description> + <CommandLine>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff"</CommandLine> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <Order>2</Order> + <Description>VirtualBox post guest install steps </Description> + <CommandLine>cmd.exe /c E:\VBOXPOST.CMD --vista-or-newer</CommandLine> + </SynchronousCommand> + </FirstLogonCommands> + + <TimeZone>W. Europe Standard Time</TimeZone> + </component> + + </settings> +</unattend> + diff --git a/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso new file mode 100644 index 0000000..4e7a34b --- /dev/null +++ b/bimmertools/Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso @@ -0,0 +1 @@ +--iprt-iso-maker-file-marker-bourne-sh d8be4979-3ff0-45c0-b92a-db9fe100b0e3 --file-mode=0444 --dir-mode=0555 '/autounattend.xml=F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-autounattend.xml' '/VBOXPOST.CMD=F:\VHDs\Tiny10-Bimmer-Tools\bimmertools\Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-VBOXPOST.CMD' \ No newline at end of file diff --git a/bimmertools/bimmertools.nvram b/bimmertools/bimmertools.nvram new file mode 100644 index 0000000..65f8cbf Binary files /dev/null and b/bimmertools/bimmertools.nvram differ diff --git a/bimmertools/bimmertools.vbox b/bimmertools/bimmertools.vbox new file mode 100644 index 0000000..c266b16 --- /dev/null +++ b/bimmertools/bimmertools.vbox @@ -0,0 +1,94 @@ +<?xml version="1.0"?> +<!-- +** DO NOT EDIT THIS FILE. +** If you make changes to this file while any VirtualBox related application +** is running, your changes will be overwritten later, without taking effect. +** Use VBoxManage or the VirtualBox Manager GUI to make changes. +--> +<VirtualBox xmlns="http://www.virtualbox.org/" version="1.19-windows"> + <Machine uuid="{0188e0d2-8e1a-4ca1-82fc-76b77e2ac976}" name="bimmertools" OSType="Windows10_64" snapshotFolder="Snapshots" lastStateChange="2024-11-18T20:39:38Z"> + <MediaRegistry> + <HardDisks> + <HardDisk uuid="{dd3897d7-3c4a-4eca-9dc9-77704c1c960f}" location="bimmertools.vhd" format="VHD" type="Normal"/> + </HardDisks> + <DVDImages> + <Image uuid="{9103ae46-d74a-49b5-871d-6b148636de8d}" location="F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso"/> + <Image uuid="{20c1492d-a300-4043-a9fc-6eaaacf28bdd}" location="Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso" format="VBoxIsoMaker"> + <Property name="UnattendedInstall" value="1"/> + </Image> + <Image uuid="{af2e6681-05eb-4dc7-835c-171ebc0f5278}" location="C:/Program Files/Oracle/VirtualBox/VBoxGuestAdditions.iso"/> + </DVDImages> + </MediaRegistry> + <ExtraData> + <ExtraDataItem name="GUI/LastGuestSizeHint" value="1140,789"/> + <ExtraDataItem name="GUI/LastNormalWindowPosition" value="1240,393,1140,832"/> + </ExtraData> + <Hardware> + <Memory RAMSize="2048"/> + <HID Pointing="USBTablet"/> + <Boot> + <Order position="1" device="HardDisk"/> + <Order position="2" device="DVD"/> + <Order position="3" device="Floppy"/> + <Order position="4" device="None"/> + </Boot> + <Display controller="VBoxSVGA" VRAMSize="128"/> + <Firmware type="EFI"/> + <BIOS> + <IOAPIC enabled="true"/> + <SmbiosUuidLittleEndian enabled="true"/> + <AutoSerialNumGen enabled="true"/> + </BIOS> + <USB> + <Controllers> + <Controller name="XHCI" type="XHCI"/> + </Controllers> + </USB> + <Network> + <Adapter slot="0" enabled="true" MACAddress="08002784EE0A" type="82540EM"> + <NAT/> + </Adapter> + </Network> + <AudioAdapter controller="HDA" useDefault="true" driver="WAS" enabled="true" enabledOut="true"/> + <Clipboard mode="HostToGuest" fileTransfersEnabled="true"/> + <GuestProperties> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxControl.exe" value="7.1.4r165100" timestamp="1731961233108780900" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxGuest.sys" value="7.1.4r165100" timestamp="1731961233723705500" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxHook.dll" value="7.1.4r165100" timestamp="1731961233172804300" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxMRXNP.dll" value="7.1.4r165100" timestamp="1731961233311778100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxMouse.sys" value="7.1.4r165100" timestamp="1731961233725667900" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxSF.sys" value="7.1.4r165100" timestamp="1731961233727230600" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxService.exe" value="7.1.4r165100" timestamp="1731961233213707000" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxTray.exe" value="7.1.4r165100" timestamp="1731961233212731100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/HostVerLastChecked" value="7.1.4" timestamp="1731961303011828300" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/InstallDir" value="C:/Program Files/Oracle/VirtualBox Guest Additions" timestamp="1731961232946900103" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Revision" value="165100" timestamp="1731961232946900102" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Version" value="7.1.4" timestamp="1731961232946900100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/VersionExt" value="7.1.4" timestamp="1731961232946900101" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/MAC" value="08002784EE0A" timestamp="1731961233855330504" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/Status" value="Up" timestamp="1731961233855330503" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/Broadcast" value="255.255.255.255" timestamp="1731961233855330501" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/IP" value="10.0.2.15" timestamp="1731961233855330500" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/Netmask" value="255.255.255.0" timestamp="1731961233855330502" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/Count" value="1" timestamp="1731961334177133900" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Product" value="Windows 10" timestamp="1731961232944409000" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Release" value="10.0.19044" timestamp="1731961232945385500" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/ServicePack" value="" timestamp="1731961232945385502" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Version" value="" timestamp="1731961232945385501" flags=""/> + <GuestProperty name="/VirtualBox/HostInfo/GUI/LanguageID" value="en_US" timestamp="1731961325234555100" flags="RDONLYGUEST"/> + </GuestProperties> + <StorageControllers> + <StorageController name="SATA" type="AHCI" PortCount="3" useHostIOCache="false" Bootable="true" IDE0MasterEmulationPort="0" IDE0SlaveEmulationPort="1" IDE1MasterEmulationPort="2" IDE1SlaveEmulationPort="3"> + <AttachedDevice type="HardDisk" hotpluggable="false" port="0" device="0"> + <Image uuid="{dd3897d7-3c4a-4eca-9dc9-77704c1c960f}"/> + </AttachedDevice> + </StorageController> + </StorageControllers> + <CPU> + <HardwareVirtExLargePages enabled="true"/> + <PAE enabled="false"/> + <LongMode enabled="true"/> + </CPU> + </Hardware> + </Machine> +</VirtualBox> diff --git a/bimmertools/bimmertools.vbox-prev b/bimmertools/bimmertools.vbox-prev new file mode 100644 index 0000000..baebea4 --- /dev/null +++ b/bimmertools/bimmertools.vbox-prev @@ -0,0 +1,96 @@ +<?xml version="1.0"?> +<!-- +** DO NOT EDIT THIS FILE. +** If you make changes to this file while any VirtualBox related application +** is running, your changes will be overwritten later, without taking effect. +** Use VBoxManage or the VirtualBox Manager GUI to make changes. +--> +<VirtualBox xmlns="http://www.virtualbox.org/" version="1.19-windows"> + <Machine uuid="{0188e0d2-8e1a-4ca1-82fc-76b77e2ac976}" name="bimmertools" OSType="Windows10_64" snapshotFolder="Snapshots" lastStateChange="2024-11-18T20:39:38Z"> + <MediaRegistry> + <HardDisks> + <HardDisk uuid="{dd3897d7-3c4a-4eca-9dc9-77704c1c960f}" location="bimmertools.vhd" format="VHD" type="Normal"/> + </HardDisks> + <DVDImages> + <Image uuid="{9103ae46-d74a-49b5-871d-6b148636de8d}" location="F:/Downloads/QTorrent/_data/tiny-10-23-h2/tiny10 x64 23h2.iso"/> + <Image uuid="{20c1492d-a300-4043-a9fc-6eaaacf28bdd}" location="Unattended-0188e0d2-8e1a-4ca1-82fc-76b77e2ac976-aux-iso.viso" format="VBoxIsoMaker"> + <Property name="UnattendedInstall" value="1"/> + </Image> + <Image uuid="{af2e6681-05eb-4dc7-835c-171ebc0f5278}" location="C:/Program Files/Oracle/VirtualBox/VBoxGuestAdditions.iso"/> + </DVDImages> + </MediaRegistry> + <ExtraData> + <ExtraDataItem name="GUI/LastGuestSizeHint" value="1140,789"/> + <ExtraDataItem name="GUI/LastNormalWindowPosition" value="1240,393,1140,832"/> + </ExtraData> + <Hardware> + <Memory RAMSize="2048"/> + <HID Pointing="USBTablet"/> + <Boot> + <Order position="1" device="HardDisk"/> + <Order position="2" device="DVD"/> + <Order position="3" device="Floppy"/> + <Order position="4" device="None"/> + </Boot> + <Display controller="VBoxSVGA" VRAMSize="128"/> + <Firmware type="EFI"/> + <BIOS> + <IOAPIC enabled="true"/> + <SmbiosUuidLittleEndian enabled="true"/> + <AutoSerialNumGen enabled="true"/> + </BIOS> + <USB> + <Controllers> + <Controller name="XHCI" type="XHCI"/> + </Controllers> + </USB> + <Network> + <Adapter slot="0" enabled="true" MACAddress="08002784EE0A" type="82540EM"> + <NAT/> + </Adapter> + </Network> + <AudioAdapter controller="HDA" useDefault="true" driver="WAS" enabled="true" enabledOut="true"/> + <Clipboard mode="HostToGuest" fileTransfersEnabled="true"/> + <GuestProperties> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxControl.exe" value="7.1.4r165100" timestamp="1731961233108780900" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxGuest.sys" value="7.1.4r165100" timestamp="1731961233723705500" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxHook.dll" value="7.1.4r165100" timestamp="1731961233172804300" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxMRXNP.dll" value="7.1.4r165100" timestamp="1731961233311778100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxMouse.sys" value="7.1.4r165100" timestamp="1731961233725667900" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxSF.sys" value="7.1.4r165100" timestamp="1731961233727230600" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxService.exe" value="7.1.4r165100" timestamp="1731961233213707000" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Components/VBoxTray.exe" value="7.1.4r165100" timestamp="1731961233212731100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/HostVerLastChecked" value="7.1.4" timestamp="1731961303011828300" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/InstallDir" value="C:/Program Files/Oracle/VirtualBox Guest Additions" timestamp="1731961232946900103" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Revision" value="165100" timestamp="1731961232946900102" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/Version" value="7.1.4" timestamp="1731961232946900100" flags=""/> + <GuestProperty name="/VirtualBox/GuestAdd/VersionExt" value="7.1.4" timestamp="1731961232946900101" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/MAC" value="08002784EE0A" timestamp="1731961233855330504" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/Status" value="Up" timestamp="1731961233855330503" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/Broadcast" value="255.255.255.255" timestamp="1731961233855330501" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/IP" value="10.0.2.15" timestamp="1731961233855330500" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/0/V4/Netmask" value="255.255.255.0" timestamp="1731961233855330502" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/Net/Count" value="1" timestamp="1731961334177133900" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Product" value="Windows 10" timestamp="1731961232944409000" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Release" value="10.0.19044" timestamp="1731961232945385500" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/ServicePack" value="" timestamp="1731961232945385502" flags=""/> + <GuestProperty name="/VirtualBox/GuestInfo/OS/Version" value="" timestamp="1731961232945385501" flags=""/> + <GuestProperty name="/VirtualBox/HostInfo/GUI/LanguageID" value="en_US" timestamp="1731961325234555100" flags="RDONLYGUEST"/> + </GuestProperties> + <StorageControllers> + <StorageController name="SATA" type="AHCI" PortCount="3" useHostIOCache="false" Bootable="true" IDE0MasterEmulationPort="0" IDE0SlaveEmulationPort="1" IDE1MasterEmulationPort="2" IDE1SlaveEmulationPort="3"> + <AttachedDevice type="HardDisk" hotpluggable="false" port="0" device="0"> + <Image uuid="{dd3897d7-3c4a-4eca-9dc9-77704c1c960f}"/> + </AttachedDevice> + <AttachedDevice passthrough="false" type="DVD" hotpluggable="false" port="1" device="0"/> + <AttachedDevice passthrough="false" type="DVD" hotpluggable="false" port="2" device="0"/> + </StorageController> + </StorageControllers> + <CPU> + <HardwareVirtExLargePages enabled="true"/> + <PAE enabled="false"/> + <LongMode enabled="true"/> + </CPU> + </Hardware> + </Machine> +</VirtualBox> diff --git a/bimmertools/bimmertools.vhd b/bimmertools/bimmertools.vhd new file mode 100644 index 0000000..db37fab --- /dev/null +++ b/bimmertools/bimmertools.vhd @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bad9ae2aa5dc633556500c85d6997acfb1c9700dcb0d93ab1c3475871eaf9b34 +size 11371470336 diff --git a/readme.txt b/readme.txt new file mode 100644 index 0000000..a30a0dc --- /dev/null +++ b/readme.txt @@ -0,0 +1,26 @@ +BIMMERTOOLS VM. In Tiny10 want WindowsPE werkte niet met de USB drivers etc + +default user account: + + user: tools + password: bimmer + +Tools: + + In 5.0.6 (with English script files & Support for F-series) + EDIABAS 7.3.0 + NCS Expert (with English menus and buttons, and NCS Dummy Profile pre-installed) + NCS Dummy 4.0.1 + Tool32 4.0.3 + WinKFP 5.3.1 + Integrated SP-DATEN v53.3 + BMW Coding Tool v2.5.0 (for use as an alternative to NCS Dummy, or to update DATEN files as new ones become available) + USB Drivers for cable + +Howto: + + import .ova in VirtualBox (of mount de vhd die in releases staat) + Zet je USB passthrough in actie in virtualbox, ga maar googlen hoe. + en lees the instructions.txt op je bureaublad. + +Ez \ No newline at end of file