virtualbox.org

End user forums for VirtualBox
https://forums.virtualbox.org/

Help, Thanks. MY Box couldn`t start....

https://forums.virtualbox.org/viewtopic.php?t=76041

Page 1 of 1

Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 01:53
by jighter
Host OS : Win 10 Version 10586
Virtual Box Version :5.0.14 r105127

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 04:49
by scottgus1
Post the VboxHardening.log mentioned and we'll see what we can see.

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 05:42
by jighter
scottgus1 wrote:Post the VboxHardening.log mentioned and we'll see what we can see.
Thank you for your reply. But it said that this file is too big ... I show the first page about this log...
------------------------------------------------------------------------------------------------------------------------------------
34c0.34e8: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000058 g_uNtVerCombined=0xa0295a00
34c0.34e8: \SystemRoot\System32\ntdll.dll:
34c0.34e8: CreationTime: 2015-12-18T05:42:52.183298800Z
34c0.34e8: LastWriteTime: 2015-11-24T12:07:40.779862300Z
34c0.34e8: ChangeTime: 2015-12-18T15:13:37.504122000Z
34c0.34e8: FileAttributes: 0x20
34c0.34e8: Size: 0x1bba48
34c0.34e8: NT Headers: 0xe0
34c0.34e8: Timestamp: 0x56540c3b
34c0.34e8: Machine: 0x8664 - amd64
34c0.34e8: Timestamp: 0x56540c3b
34c0.34e8: Image Version: 10.0
34c0.34e8: SizeOfImage: 0x1c1000 (1839104)
34c0.34e8: Resource Dir: 0x159000 LB 0x66218
34c0.34e8: ProductName: Microsoft® Windows® Operating System
34c0.34e8: ProductVersion: 10.0.10586.20
34c0.34e8: FileVersion: 10.0.10586.20 (th2_release_sec.151123-1940)
34c0.34e8: FileDescription: NT Layer DLL
34c0.34e8: \SystemRoot\System32\kernel32.dll:
34c0.34e8: CreationTime: 2015-10-30T07:17:46.221743200Z
34c0.34e8: LastWriteTime: 2015-10-30T07:17:46.221743200Z
34c0.34e8: ChangeTime: 2015-12-12T10:55:08.574392900Z
34c0.34e8: FileAttributes: 0x20
34c0.34e8: Size: 0xac430
34c0.34e8: NT Headers: 0xf0
34c0.34e8: Timestamp: 0x5632d5aa
34c0.34e8: Machine: 0x8664 - amd64
34c0.34e8: Timestamp: 0x5632d5aa
34c0.34e8: Image Version: 10.0
34c0.34e8: SizeOfImage: 0xad000 (708608)
34c0.34e8: Resource Dir: 0xab000 LB 0x528
34c0.34e8: ProductName: Microsoft® Windows® Operating System
34c0.34e8: ProductVersion: 10.0.10586.0
34c0.34e8: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
34c0.34e8: FileDescription: Windows NT BASE API Client DLL
34c0.34e8: \SystemRoot\System32\KernelBase.dll:
34c0.34e8: CreationTime: 2015-10-30T07:18:03.596688800Z
34c0.34e8: LastWriteTime: 2015-10-30T07:18:03.596688800Z
34c0.34e8: ChangeTime: 2015-12-12T10:55:08.777522100Z
34c0.34e8: FileAttributes: 0x20
34c0.34e8: Size: 0x1e7a08
34c0.34e8: NT Headers: 0xf0
34c0.34e8: Timestamp: 0x5632d1de
34c0.34e8: Machine: 0x8664 - amd64
34c0.34e8: Timestamp: 0x5632d1de
34c0.34e8: Image Version: 10.0
34c0.34e8: SizeOfImage: 0x1e8000 (1998848)
34c0.34e8: Resource Dir: 0x1d1000 LB 0x540
34c0.34e8: ProductName: Microsoft® Windows® Operating System
34c0.34e8: ProductVersion: 10.0.10586.0
34c0.34e8: FileVersion: 10.0.10586.0 (th2_release.151029-1700)
34c0.34e8: FileDescription: Windows NT BASE API Client DLL
34c0.34e8: \SystemRoot\System32\apisetschema.dll:
34c0.34e8: CreationTime: 2015-10-30T07:17:57.502957900Z
34c0.34e8: LastWriteTime: 2015-10-30T07:17:57.502957900Z
34c0.34e8: ChangeTime: 2015-12-12T10:55:03.621158200Z
34c0.34e8: FileAttributes: 0x20
34c0.34e8: Size: 0x16d60
34c0.34e8: NT Headers: 0xc8
34c0.34e8: Timestamp: 0x5632d94c
34c0.34e8: Machine:

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 11:01
by mpack
Zip the (complete) log, then attach it.

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 12:32
by jighter
mpack wrote:Zip the (complete) log, then attach it.
Got it~~

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 13:12
by mpack
You have a bunch of untrusted DLLs being injected into the VirtualBox process, but I can't see why they are untrusted. Everything I see looks standard(ish). If you have antivirus installed then try disabling it, see if that makes a difference.

It seems to have a particular problem with "\system32\msacm32.drv". You might want to look at the properties on this file and check its version and certification.

Did you install any third party theme hacks, anything intended to alter how the OS works? I notice that your system seems to be "\Device\HarddiskVolume5\", which I would consider unusual - but I haven't played with Win10 yet.

Re: Help, Thanks. MY Box couldn`t start....

Posted: 2. Feb 2016, 13:37
by jighter
mpack wrote:You have a bunch of untrusted DLLs being injected into the VirtualBox process, but I can't see why they are untrusted. Everything I see looks standard(ish), If you have antivirus installed then try disabling it, see if that makes a difference.

It seems to have a particular problem with "\system32\msacm32.drv". You might want to look at the properties on this file and check its version and certification.

Did you install any third party theme hacks, anything intended to alter how the OS works? I notice that your system seems to be "\Device\HarddiskVolume5\", which I would consider unusual - but I haven't played with Win10 yet.
Thank you for your response. I use windows defender and do not have a third party theme hack. I find that the file "msacm32.drv" is in the document of" \Windows\WinSxS\".
Today I noticed that some friends have the same promble, and they also use Win 10 OS, I think it may be associated with the updating of Windows.
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited