Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1) on Windows 10

[rockdrigo]

Hi
I'm trying to start a Fedora VM on Virtual Box 5.2.18 on Windows 10 and I'm getting this error:
Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)

It used worked before but I'm guessing the latest windows updated (automatically applied on the 14th) messed the whole thing up according to the VBoxHardening log.

2574.27d4: \SystemRoot\System32\apisetschema.dll:
2574.27d4:     CreationTime:    2017-09-29T13:42:07.095026600Z
2574.27d4:     LastWriteTime:   2017-09-29T13:42:07.095026600Z
2574.27d4:     ChangeTime:      2018-08-16T15:34:07.583441300Z
2574.27d4:     FileAttributes:  0x20
2574.27d4:     Size:            0x1b398
2574.27d4:     NT Headers:      0xc8
2574.27d4:     Timestamp:       0xf30abf31
2574.27d4:     Machine:         0x8664 - amd64
2574.27d4:     Timestamp:       0xf30abf31
2574.27d4:     Image Version:   10.0
2574.27d4:     SizeOfImage:     0x1c000 (114688)
2574.27d4:     Resource Dir:    0x1b000 LB 0x408
2574.27d4:     [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2574.27d4:     [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
2574.27d4:     ProductName:     Microsoft® Windows® Operating System
2574.27d4:     ProductVersion:  10.0.16299.15
2574.27d4:     FileVersion:     10.0.16299.15 (WinBuild.160101.0800)
2574.27d4:     FileDescription: ApiSet Schema DLL
2574.27d4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2574.27d4: supR3HardenedWinFindAdversaries: 0x0
2574.27d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2574.27d4: Calling main()
2574.27d4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
2574.27d4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
2574.27d4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2574.27d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2574.27d4: SUPR3HardenedMain: Respawn #2
2574.27d4: Error (rc=-5640):
2574.27d4: More than one thread in process
2574.27d4: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)
2574.27d4: More than one thread in process

Any of you guys running into the same issue? Any work around besides uninstalling the updates?

Windows updates (KB4093112,KB4339420)

Thanks

[socratis]

2574.27d4: More than one thread in process

According to one of the developers:

The main thread running the hardening checks spots that it's not alone (as it should be, straight after the process was created). There's no way to know who created this 2nd thread. Could be a magically preloaded DLL or some driver which is intercepting process creation in the kernel. Since this took place before the hardening code kicked off, it can't trust itself. This extra thread can easily interfere with the checking of DLL signatures and so on, because it lives in the same address space.

Since the whole purpose of hardening is to establish a level of trust that nothing is tampering with VM processes, there's no choice but to refuse continuing.

Please read really carefully the following FAQ: Diagnosing VirtualBox Hardening Issues for some generic guidelines/ideas. Remember, these are guidelines, not the exact solution, you have to use your judgement as to which program might be responsible...