VBoxHardening Error

Discussions related to using VirtualBox on Windows hosts.
Post Reply
Mewy
Posts: 2
Joined: 19. Mar 2021, 10:07

VBoxHardening Error

Post by Mewy »

I started to use the beta cause my navida drivers wernt working with the relases but everytime I start it any vm I get a error

Code: Select all

VirtaulBox - supR3HardenedWinReSpawn
NtCreateFile(Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries) (rc=-101)
Make sure the kernel module has been loaded successfully.
where: supR3HardenedWinReSpawn what: 3 VERR_OPEN_FAILED (-101) - File/Device open failed. Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.

Running "sc.exe query vboxdrv" tells me its STOPPED so I do sc.exe start vboxdrv but it tells me that "Windows cannot verify the digital signature for this file."

Code: Select all

C:\WINDOWS\system32>sc.exe query vboxdrv

SERVICE_NAME: vboxdrv
        TYPE               : 1  KERNEL_DRIVER
        STATE              : 1  STOPPED
        WIN32_EXIT_CODE    : 31  (0x1f)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

C:\WINDOWS\system32>sc.exe start vboxdrv
[SC] StartService FAILED 577:

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
after restarting and opening it and running the commands it still does not work.
How do I fix it?

VBoxHardening.log

Code: Select all

25b8.2568: Log file opened: 6.1.19r143292 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa04a6200
25b8.2568: \SystemRoot\System32\ntdll.dll:
25b8.2568:     CreationTime:    2021-02-27T01:31:06.666194300Z
25b8.2568:     LastWriteTime:   2021-02-27T01:31:06.706193400Z
25b8.2568:     ChangeTime:      2021-03-10T03:27:57.518170800Z
25b8.2568:     FileAttributes:  0x20
25b8.2568:     Size:            0x1ee320
25b8.2568:     NT Headers:      0xe8
25b8.2568:     Timestamp:       0x60a6ca36
25b8.2568:     Machine:         0x8664 - amd64
25b8.2568:     Timestamp:       0x60a6ca36
25b8.2568:     Image Version:   10.0
25b8.2568:     SizeOfImage:     0x1f5000 (2052096)
25b8.2568:     Resource Dir:    0x184000 LB 0x6fd28
25b8.2568:     [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
25b8.2568:     [Raw version resource data: 0x1840f0 LB 0x380, codepage 0x0 (reserved 0x0)]
25b8.2568:     ProductName:     Microsoft® Windows® Operating System
25b8.2568:     ProductVersion:  10.0.19041.844
25b8.2568:     FileVersion:     10.0.19041.844 (WinBuild.160101.0800)
25b8.2568:     FileDescription: NT Layer DLL
25b8.2568: \SystemRoot\System32\kernel32.dll:
25b8.2568:     CreationTime:    2021-02-22T22:55:24.061991300Z
25b8.2568:     LastWriteTime:   2021-02-22T22:55:24.080136200Z
25b8.2568:     ChangeTime:      2021-03-10T03:27:57.329128100Z
25b8.2568:     FileAttributes:  0x20
25b8.2568:     Size:            0xbac30
25b8.2568:     NT Headers:      0xe8
25b8.2568:     Timestamp:       0xd714134a
25b8.2568:     Machine:         0x8664 - amd64
25b8.2568:     Timestamp:       0xd714134a
25b8.2568:     Image Version:   10.0
25b8.2568:     SizeOfImage:     0xbd000 (774144)
25b8.2568:     Resource Dir:    0xbb000 LB 0x520
25b8.2568:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
25b8.2568:     [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
25b8.2568:     ProductName:     Microsoft® Windows® Operating System
25b8.2568:     ProductVersion:  10.0.19041.804
25b8.2568:     FileVersion:     10.0.19041.804 (WinBuild.160101.0800)
25b8.2568:     FileDescription: Windows NT BASE API Client DLL
25b8.2568: \SystemRoot\System32\KernelBase.dll:
25b8.2568:     CreationTime:    2021-02-22T22:55:33.511997100Z
25b8.2568:     LastWriteTime:   2021-02-22T22:55:33.587109100Z
25b8.2568:     ChangeTime:      2021-03-10T03:27:57.495165500Z
25b8.2568:     FileAttributes:  0x20
25b8.2568:     Size:            0x2c9798
25b8.2568:     NT Headers:      0xf0
25b8.2568:     Timestamp:       0xe9c5eae
25b8.2568:     Machine:         0x8664 - amd64
25b8.2568:     Timestamp:       0xe9c5eae
25b8.2568:     Image Version:   10.0
25b8.2568:     SizeOfImage:     0x2c9000 (2920448)
25b8.2568:     Resource Dir:    0x2a0000 LB 0x548
25b8.2568:     [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
25b8.2568:     [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
25b8.2568:     ProductName:     Microsoft® Windows® Operating System
25b8.2568:     ProductVersion:  10.0.19041.804
25b8.2568:     FileVersion:     10.0.19041.804 (WinBuild.160101.0800)
25b8.2568:     FileDescription: Windows NT BASE API Client DLL
25b8.2568: \SystemRoot\System32\apisetschema.dll:
25b8.2568:     CreationTime:    2019-12-07T09:08:13.518339400Z
25b8.2568:     LastWriteTime:   2019-12-07T09:08:13.518339400Z
25b8.2568:     ChangeTime:      2021-03-10T03:27:57.294120000Z
25b8.2568:     FileAttributes:  0x20
25b8.2568:     Size:            0x1f538
25b8.2568:     NT Headers:      0xd0
25b8.2568:     Timestamp:       0x31288ce0
25b8.2568:     Machine:         0x8664 - amd64
25b8.2568:     Timestamp:       0x31288ce0
25b8.2568:     Image Version:   10.0
25b8.2568:     SizeOfImage:     0x20000 (131072)
25b8.2568:     Resource Dir:    0x1f000 LB 0x408
25b8.2568:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
25b8.2568:     [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
25b8.2568:     ProductName:     Microsoft® Windows® Operating System
25b8.2568:     ProductVersion:  10.0.19041.1
25b8.2568:     FileVersion:     10.0.19041.1 (WinBuild.160101.0800)
25b8.2568:     FileDescription: ApiSet Schema DLL
25b8.2568: NtOpenDirectoryObject failed on \Driver: 0xc0000022
25b8.2568: supR3HardenedWinFindAdversaries: 0x0
25b8.2568: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
25b8.2568: Calling main()
25b8.2568: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
25b8.2568: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
25b8.2568: SUPR3HardenedMain: Respawn #1
25b8.2568: System32:  \Device\HarddiskVolume4\Windows\System32
25b8.2568: WinSxS:    \Device\HarddiskVolume4\Windows\WinSxS
25b8.2568: KnownDllPath: C:\WINDOWS\System32
25b8.2568: supR3HardenedWinInit: Performing a limited self purification...
25b8.2568: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
25b8.2568:  *0000000000000000-00000000007fffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000800000-0000000000932fff 0x0000/0x0004 0x0020000
25b8.2568:   0000000000933000-0000000000935fff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000936000-00000000009fffff 0x0000/0x0004 0x0020000
25b8.2568:  *0000000000a00000-0000000000a0ffff 0x0004/0x0004 0x0040000
25b8.2568:   0000000000a10000-0000000000a1ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000a20000-0000000000a3cfff 0x0002/0x0002 0x0040000
25b8.2568:   0000000000a3d000-0000000000a3ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000a40000-0000000000af8fff 0x0000/0x0004 0x0020000
25b8.2568:   0000000000af9000-0000000000afbfff 0x0104/0x0004 0x0020000
25b8.2568:   0000000000afc000-0000000000b3ffff 0x0004/0x0004 0x0020000
25b8.2568:  *0000000000b40000-0000000000b43fff 0x0002/0x0002 0x0040000
25b8.2568:   0000000000b44000-0000000000b4ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000b50000-0000000000b51fff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000b52000-0000000000b5ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000b60000-0000000000b61fff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000b62000-0000000000bc1fff 0x0000/0x0004 0x0020000
25b8.2568:   0000000000bc2000-0000000000bcffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000bd0000-0000000000bd4fff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000bd5000-0000000000ccffff 0x0000/0x0004 0x0020000
25b8.2568:  *0000000000cd0000-0000000000d98fff 0x0002/0x0002 0x0040000
25b8.2568:   0000000000d99000-0000000000d9ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000da0000-0000000000dbcfff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000dbd000-0000000000e9ffff 0x0000/0x0004 0x0020000
25b8.2568:  *0000000000ea0000-0000000000eaefff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000eaf000-0000000000eaffff 0x0000/0x0004 0x0020000
25b8.2568:  *0000000000eb0000-0000000000eb4fff 0x0000/0x0004 0x0020000
25b8.2568:   0000000000eb5000-00000000010aafff 0x0004/0x0004 0x0020000
25b8.2568:   00000000010ab000-00000000010abfff 0x0000/0x0004 0x0020000
25b8.2568:   00000000010ac000-000000007ffdffff 0x0001/0x0000 0x0000000
25b8.2568:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
25b8.2568:   000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
25b8.2568:  *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
25b8.2568:   000000007ffef000-00007ff436cdffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff436ce0000-00007ff436ce4fff 0x0002/0x0002 0x0040000
25b8.2568:   00007ff436ce5000-00007ff436ddffff 0x0000/0x0002 0x0040000
25b8.2568:  *00007ff436de0000-00007ff536dfffff 0x0000/0x0004 0x0020000
25b8.2568:  *00007ff536e00000-00007ff538dfffff 0x0000/0x0004 0x0020000
25b8.2568:   00007ff538e00000-00007ff538e00fff 0x0004/0x0004 0x0020000
25b8.2568:   00007ff538e01000-00007ff538e0ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff538e10000-00007ff538e10fff 0x0002/0x0002 0x0040000
25b8.2568:   00007ff538e11000-00007ff538e1ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff538e20000-00007ff538e42fff 0x0002/0x0002 0x0040000
25b8.2568:   00007ff538e43000-00007ff6352cffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff6352d0000-00007ff6352d0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff6352d1000-00007ff635347fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635348000-00007ff635348fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635349000-00007ff635391fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635392000-00007ff635394fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635395000-00007ff635397fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635398000-00007ff63539afff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539b000-00007ff63539bfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539c000-00007ff63539dfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539e000-00007ff63539efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539f000-00007ff6353e7fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff6353e8000-00007ffcea5affff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ffcea5b0000-00007ffcea5b0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea5b1000-00007ffcea6c2fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea6c3000-00007ffcea83afff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea83b000-00007ffcea83efff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea83f000-00007ffcea83ffff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea840000-00007ffcea878fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
25b8.2568:   00007ffcea879000-00007ffceb9effff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ffceb9f0000-00007ffceb9f0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffceb9f1000-00007ffceba6efff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffceba6f000-00007ffcebaa1fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffcebaa2000-00007ffcebaa2fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffcebaa3000-00007ffcebaa3fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffcebaa4000-00007ffcebaacfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25b8.2568:   00007ffcebaad000-00007ffcece6ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ffcece70000-00007ffcece70fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcece71000-00007ffcecf8bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecf8c000-00007ffcecfd3fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfd4000-00007ffcecfd4fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfd5000-00007ffcecfd6fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfd7000-00007ffcecfdffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfe0000-00007ffced064fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffced065000-00007ffffffeffff 0x0001/0x0000 0x0000000
25b8.2568: kernel32.dll: timestamp 0xd714134a (rc=VINF_SUCCESS)
25b8.2568: kernelbase.dll: timestamp 0xe9c5eae (rc=VINF_SUCCESS)
25b8.2568: VirtualBoxVM.exe: timestamp 0x605121a6 (rc=VINF_SUCCESS)
25b8.2568: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
25b8.2568: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
25b8.2568: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
25b8.2568: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
25b8.2568: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
25b8.2568: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
25b8.2568: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
25b8.2568: supR3HardNtEnableThreadCreationEx:
25b8.2568: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffcecee4b10 pvNtTerminateThread=00007ffcecf0d660
25b8.2568: supR3HardenedWinDoReSpawn(1): New child 245c.24b8 [kernel32].
25b8.2568: supR3HardNtChildGatherData: PebBaseAddress=00000000003dc000 cbPeb=0x388
25b8.2568: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffcece70000 uNtDllChildAddr=00007ffcece70000
25b8.2568: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffcecee4b10
25b8.2568: supR3HardenedWinSetupChildInit: Initial context:
  rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6352d7900 rdx=00000000003dc000
  rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
  r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
  r14=0000000000000000 r15=0000000000000000  P1=0000000000000000  P2=0000000000000000
  rip=00007ffcecec2630 rsp=00000000004ff948 rbp=0000000000000000    ctxflags=0010001b
  cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000    eflags=00000200   mxcrx=00001f80
   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
25b8.2568: supR3HardenedWinSetupChildInit: Start child.
25b8.2568: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
25b8.2568: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 17 sleeps
25b8.2568: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
25b8.2568:  *0000000000000000-000000000016ffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000170000-000000000018ffff 0x0004/0x0004 0x0020000
25b8.2568:  *0000000000190000-00000000001acfff 0x0002/0x0002 0x0040000
25b8.2568:   00000000001ad000-00000000001affff 0x0001/0x0000 0x0000000
25b8.2568:  *00000000001b0000-00000000001b3fff 0x0002/0x0002 0x0040000
25b8.2568:   00000000001b4000-00000000001bffff 0x0001/0x0000 0x0000000
25b8.2568:  *00000000001c0000-00000000001c1fff 0x0004/0x0004 0x0020000
25b8.2568:   00000000001c2000-00000000001fffff 0x0001/0x0000 0x0000000
25b8.2568:  *0000000000200000-00000000003dbfff 0x0000/0x0004 0x0020000
25b8.2568:   00000000003dc000-00000000003defff 0x0004/0x0004 0x0020000
25b8.2568:   00000000003df000-00000000003fffff 0x0000/0x0004 0x0020000
25b8.2568:  *0000000000400000-00000000004fafff 0x0000/0x0004 0x0020000
25b8.2568:   00000000004fb000-00000000004fdfff 0x0104/0x0004 0x0020000
25b8.2568:   00000000004fe000-00000000004fffff 0x0004/0x0004 0x0020000
25b8.2568:   0000000000500000-000000007ffdffff 0x0001/0x0000 0x0000000
25b8.2568:  *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
25b8.2568:   000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
25b8.2568:  *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
25b8.2568:   000000007ffef000-00007ff5b776ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff5b7770000-00007ff5b7770fff 0x0002/0x0002 0x0040000
25b8.2568:   00007ff5b7771000-00007ff5b777ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff5b7780000-00007ff5b77a2fff 0x0002/0x0002 0x0040000
25b8.2568:   00007ff5b77a3000-00007ff6352cffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ff6352d0000-00007ff6352d0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff6352d1000-00007ff635347fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635348000-00007ff635348fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635349000-00007ff635391fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635392000-00007ff635392fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635393000-00007ff635393fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635394000-00007ff635398fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff635399000-00007ff635399fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539a000-00007ff63539afff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539b000-00007ff63539efff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff63539f000-00007ff6353e7fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
25b8.2568:   00007ff6353e8000-00007ffcece6ffff 0x0001/0x0000 0x0000000
25b8.2568:  *00007ffcece70000-00007ffcece70fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcece71000-00007ffcecf8bfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecf8c000-00007ffcecfd3fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfd4000-00007ffcecfdffff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfe0000-00007ffcecfeefff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecfef000-00007ffcecfeffff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecff0000-00007ffcecff2fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffcecff3000-00007ffced064fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
25b8.2568:   00007ffced065000-00007ffffffeffff 0x0001/0x0000 0x0000000
25b8.2568: supR3HardNtChildPurify: Done after 266 ms and 0 fixes (loop #0).
245c.24b8: Log file opened: 6.1.19r143292 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6200
245c.24b8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffcece70000 g_uNtVerCombined=0xa04a6200 (stack ~00000000004ff3d8)
245c.24b8: ntdll.dll: timestamp 0x60a6ca36 (rc=VINF_SUCCESS)
245c.24b8: New simple heap: #1 0000000000600000 LB 0x400000 (for 2052096 allocation)
25b8.2568: supR3HardNtEnableThreadCreationEx:
245c.24b8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
245c.24b8: System32:  \Device\HarddiskVolume4\Windows\System32
245c.24b8: WinSxS:    \Device\HarddiskVolume4\Windows\WinSxS
245c.24b8: KnownDllPath: C:\WINDOWS\System32
245c.24b8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
245c.24b8: Error opening VBoxDrvStub:  STATUS_OBJECT_NAME_NOT_FOUND
245c.24b8: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
245c.24b8: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
245c.24b8: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
25b8.2568: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
245c.24b8: KiUserExceptionDispatcher: 0xc0000005 (0000000000000001, 0000000000000024) @ 00007ffceced3416 (flags=0x0)
  rax=0000000000000000 rbx=00007ffcecfda3c0 rcx=00007ffcecfda3c0 rdx=00000000fffffffa
  rsi=0000000000000000 rdi=00007ffcecfda000 r8 =0000000000000000 r9 =00007ffcecfda300
  r10=0000056a503387b3 r11=0000056a503385b5 r12=0000000000000000 r13=00000000003dd000
  r14=0000000000000001 r15=0000000000000000  P1=00000000ffffffff  P2=0000000000002010
  rip=00007ffceced3416 rsp=00000000004f8ad0 rbp=00000000ffffff00    ctxflags=0010005f
  cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b    eflags=00010213   mxcrx=00001f80
   P3=0000000000000000  P4=0000000000000000  P5=0000000000000000  P6=0000000000000000
  dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
  dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
  lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
25b8.2568: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
25b8.2568: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
Top
mpack
Site Moderator
Posts: 39134
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: VBoxHardening Error

Post by mpack »

Partial logs are useless to us. Zip the complete hardening log and attach to a new post here.
Top
Mewy
Posts: 2
Joined: 19. Mar 2021, 10:07

Re: VBoxHardening Error

Post by Mewy »

Here is the zip
Attachments
VBoxHardening.zip
From E:\VM\MS DOS - Windows 10\Logs
(3.65 KiB) Downloaded 16 times
Top
Post Reply

Return to “VirtualBox on Windows Hosts”