virtualbox.org

End user forums for VirtualBox
https://forums.virtualbox.org/

VirtualBox - Error In supR3HardenedWinReSpawn

https://forums.virtualbox.org/viewtopic.php?t=76393

Page 1 of 1

VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 22. Feb 2016, 20:06
by ArcusStudent
Since a month, when i try to start a Virtual Machine, MS DOS, Windows 10, Windows7 etc, i get the following error:
Title: VirtualBox - Error In supR3HardenedWinReSpawn
Text: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034
STATUS_OBJECT_NAME_NOT_FOUND (0 retries) (rc=-101)

Make sure the kernel module has been loaded succesfully.

where: supR3HardenenWinReSpawn what: 3 VERR_OPEN_FAILED (-101) - File/Device open failed. Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
Before people are going to ask it, yes, i already tried rebooting, but it doesn't make any sense.
Then i click the "Ok" button. After this, i get the following message:
The virtual machine 'W10' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\User\VirtualBox VMs\W10\Logs\VBoxHardening.log'.

Resultcode: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
So next, i head to the location for more details.
This are the details:

Code: Select all

fc8.fe0: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
fc8.fe0: \SystemRoot\System32\ntdll.dll:
fc8.fe0:     CreationTime:    2016-02-09T23:00:18.790555000Z
fc8.fe0:     LastWriteTime:   2016-01-19T19:12:58.151193700Z
fc8.fe0:     ChangeTime:      2016-02-19T13:29:40.475126100Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x1a8180
fc8.fe0:     NT Headers:      0xd8
fc8.fe0:     Timestamp:       0x569e7d02
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x569e7d02
fc8.fe0:     Image Version:   6.3
fc8.fe0:     SizeOfImage:     0x1ad000 (1757184)
fc8.fe0:     Resource Dir:    0x149000 LB 0x624a0
fc8.fe0:     ProductName:     Microsoft® Windows® Operating System
fc8.fe0:     ProductVersion:  6.3.9600.18202
fc8.fe0:     FileVersion:     6.3.9600.18202 (winblue_ltsb.160119-0600)
fc8.fe0:     FileDescription: NT Layer DLL
fc8.fe0: \SystemRoot\System32\kernel32.dll:
fc8.fe0:     CreationTime:    2015-09-08T06:49:43.916107200Z
fc8.fe0:     LastWriteTime:   2014-10-29T04:09:24.572407200Z
fc8.fe0:     ChangeTime:      2016-02-19T13:29:40.608275800Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x13fc30
fc8.fe0:     NT Headers:      0xf8
fc8.fe0:     Timestamp:       0x545054ca
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x545054ca
fc8.fe0:     Image Version:   6.3
fc8.fe0:     SizeOfImage:     0x13e000 (1302528)
fc8.fe0:     Resource Dir:    0x12e000 LB 0x518
fc8.fe0:     ProductName:     Microsoft® Windows® Operating System
fc8.fe0:     ProductVersion:  6.3.9600.17415
fc8.fe0:     FileVersion:     6.3.9600.17415 (winblue_r4.141028-1500)
fc8.fe0:     FileDescription: Windows NT BASE API Client DLL
fc8.fe0: \SystemRoot\System32\KernelBase.dll:
fc8.fe0:     CreationTime:    2016-02-09T23:00:19.081883300Z
fc8.fe0:     LastWriteTime:   2016-01-19T19:12:20.143460800Z
fc8.fe0:     ChangeTime:      2016-02-19T13:29:40.671346700Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x114cb0
fc8.fe0:     NT Headers:      0xf0
fc8.fe0:     Timestamp:       0x569e7eb1
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x569e7eb1
fc8.fe0:     Image Version:   6.3
fc8.fe0:     SizeOfImage:     0x115000 (1134592)
fc8.fe0:     Resource Dir:    0x110000 LB 0x3530
fc8.fe0:     ProductName:     Microsoft® Windows® Operating System
fc8.fe0:     ProductVersion:  6.3.9600.18202
fc8.fe0:     FileVersion:     6.3.9600.18202 (winblue_ltsb.160119-0600)
fc8.fe0:     FileDescription: Windows NT BASE API Client DLL
fc8.fe0: \SystemRoot\System32\apisetschema.dll:
fc8.fe0:     CreationTime:    2013-08-22T12:13:09.745625900Z
fc8.fe0:     LastWriteTime:   2013-08-22T12:35:12.091034400Z
fc8.fe0:     ChangeTime:      2015-03-20T14:06:45.518940200Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x11360
fc8.fe0:     NT Headers:      0xd0
fc8.fe0:     Timestamp:       0x52160049
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x52160049
fc8.fe0:     Image Version:   6.3
fc8.fe0:     SizeOfImage:     0x13000 (77824)
fc8.fe0:     Resource Dir:    0x11000 LB 0x3f8
fc8.fe0:     ProductName:     Microsoft® Windows® Operating System
fc8.fe0:     ProductVersion:  6.3.9600.16384
fc8.fe0:     FileVersion:     6.3.9600.16384 (winblue_rtm.130821-1623)
fc8.fe0:     FileDescription: ApiSet Schema DLL
fc8.fe0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
fc8.fe0: supR3HardenedWinFindAdversaries: 0x180
fc8.fe0: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
fc8.fe0:     CreationTime:    2016-01-25T11:06:31.881688400Z
fc8.fe0:     LastWriteTime:   2016-01-29T15:00:57.617253900Z
fc8.fe0:     ChangeTime:      2016-01-29T15:00:57.617253900Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x2eed8
fc8.fe0:     NT Headers:      0xe0
fc8.fe0:     Timestamp:       0x55b855d9
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x55b855d9
fc8.fe0:     Image Version:   6.1
fc8.fe0:     SizeOfImage:     0x33000 (208896)
fc8.fe0:     Resource Dir:    0x31000 LB 0x3b8
fc8.fe0:     ProductName:     Malwarebytes Anti-Malware
fc8.fe0:     ProductVersion:  0.3.0.0
fc8.fe0:     FileVersion:     0.3.0.0
fc8.fe0:     FileDescription: Malwarebytes Anti-Malware
fc8.fe0: \SystemRoot\System32\drivers\mwac.sys:
fc8.fe0:     CreationTime:    2016-01-25T11:06:07.893563400Z
fc8.fe0:     LastWriteTime:   2015-10-05T08:50:22.000000000Z
fc8.fe0:     ChangeTime:      2016-01-25T11:06:07.924820100Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0xfad8
fc8.fe0:     NT Headers:      0xe0
fc8.fe0:     Timestamp:       0x53a0f444
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x53a0f444
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x13000 (77824)
fc8.fe0:     Resource Dir:    0x11000 LB 0x3e0
fc8.fe0:     ProductName:     Malwarebytes Web Access Control
fc8.fe0:     ProductVersion:  1.0.6.0
fc8.fe0:     FileVersion:     1.0.6.0
fc8.fe0:     FileDescription: Malwarebytes Web Access Control
fc8.fe0: \SystemRoot\System32\drivers\mbamchameleon.sys:
fc8.fe0:     CreationTime:    2016-01-25T11:06:07.924820100Z
fc8.fe0:     LastWriteTime:   2015-10-05T08:50:10.000000000Z
fc8.fe0:     ChangeTime:      2016-01-25T11:06:07.971697500Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x1aad8
fc8.fe0:     NT Headers:      0xd8
fc8.fe0:     Timestamp:       0x55c103c3
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x55c103c3
fc8.fe0:     Image Version:   6.1
fc8.fe0:     SizeOfImage:     0x1e000 (122880)
fc8.fe0:     Resource Dir:    0x1c000 LB 0xba8
fc8.fe0:     ProductName:     Malwarebytes Chameleon
fc8.fe0:     ProductVersion:  1.1.21.0
fc8.fe0:     FileVersion:     1.1.21.0
fc8.fe0:     FileDescription: Malwarebytes Chameleon Protection Driver
fc8.fe0: \SystemRoot\System32\drivers\mbam.sys:
fc8.fe0:     CreationTime:    2016-01-25T11:06:07.878018800Z
fc8.fe0:     LastWriteTime:   2015-10-05T08:50:06.000000000Z
fc8.fe0:     ChangeTime:      2016-01-25T11:06:07.878018800Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x64d8
fc8.fe0:     NT Headers:      0xd8
fc8.fe0:     Timestamp:       0x55ca3257
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x55ca3257
fc8.fe0:     Image Version:   6.1
fc8.fe0:     SizeOfImage:     0xa000 (40960)
fc8.fe0:     Resource Dir:    0x8000 LB 0x3a0
fc8.fe0:     ProductName:     Malwarebytes Anti-Malware
fc8.fe0:     ProductVersion:  0.1.16.0
fc8.fe0:     FileVersion:     0.1.16.0
fc8.fe0:     FileDescription: Malwarebytes Anti-Malware
fc8.fe0: \SystemRoot\System32\drivers\avgrkx64.sys:
fc8.fe0:     CreationTime:    2015-12-04T13:27:46.000000000Z
fc8.fe0:     LastWriteTime:   2015-12-04T13:27:46.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:44.447674500Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0xa5b0
fc8.fe0:     NT Headers:      0xe0
fc8.fe0:     Timestamp:       0x566194ce
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x566194ce
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0xa000 (40960)
fc8.fe0:     Resource Dir:    0x9000 LB 0x540
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.30.0.7335
fc8.fe0:     FileVersion:     16.30.0.7335
fc8.fe0:     SpecialBuild:    AvCompile_2015_1204_142206(7335), SVNRev fa914e9b103a669edb745634540621ca585f110d (release/SmallUpdate2016-03_beta), av, gbn 16.30.1.46227
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG Anti-Rootkit Driver
fc8.fe0: \SystemRoot\System32\drivers\avgmfx64.sys:
fc8.fe0:     CreationTime:    2016-01-22T14:15:46.000000000Z
fc8.fe0:     LastWriteTime:   2016-01-22T14:15:46.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:45.463840700Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x3f9b0
fc8.fe0:     NT Headers:      0xe8
fc8.fe0:     Timestamp:       0x56a23990
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x56a23990
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x40000 (262144)
fc8.fe0:     Resource Dir:    0x3e000 LB 0x560
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.41.0.7440
fc8.fe0:     FileVersion:     16.41.0.7440
fc8.fe0:     SpecialBuild:    AvCompile_2016_0122_150536(7440), SVNRev 50e5b2f807ced69a535d0fb4fefd22af81a392f1 (release/SmallUpdate2016-04_release), av, gbn 16.41.1.53679
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG Resident Shield Minifilter Driver
fc8.fe0: \SystemRoot\System32\drivers\avgidsdrivera.sys:
fc8.fe0:     CreationTime:    2016-01-05T15:02:38.000000000Z
fc8.fe0:     LastWriteTime:   2016-01-05T15:02:38.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:47.516192800Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x4cfb0
fc8.fe0:     NT Headers:      0xe8
fc8.fe0:     Timestamp:       0x568bdaff
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x568bdaff
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x53000 (339968)
fc8.fe0:     Resource Dir:    0x51000 LB 0x54c
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.40.0.7405
fc8.fe0:     FileVersion:     16.40.0.7405
fc8.fe0:     SpecialBuild:    AvCompile_2016_0105_155347(7405), SVNRev 6a4956fdbd3a51630d3100dd3b75b8017cebd7f9 (av/devel), av, gbn 16.40.1.50158
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG IDS Application Activity Monitor Driver.
fc8.fe0: \SystemRoot\System32\drivers\avgidsha.sys:
fc8.fe0:     CreationTime:    2016-01-08T09:46:46.000000000Z
fc8.fe0:     LastWriteTime:   2016-01-08T09:46:46.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:47.064103700Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x427b0
fc8.fe0:     NT Headers:      0xe8
fc8.fe0:     Timestamp:       0x568f8582
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x568f8582
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x42000 (270336)
fc8.fe0:     Resource Dir:    0x40000 LB 0x540
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.40.0.7408
fc8.fe0:     FileVersion:     16.40.0.7408
fc8.fe0:     SpecialBuild:    AvCompile_2016_0108_103803(7408), SVNRev 51688b1d915df446f2402fe327685ab42989f5c2 (av/devel), av, gbn 16.40.1.50924
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG Application Activity Monitor Helper Driver
fc8.fe0: \SystemRoot\System32\drivers\avgloga.sys:
fc8.fe0:     CreationTime:    2015-08-14T12:24:40.000000000Z
fc8.fe0:     LastWriteTime:   2015-08-14T12:24:40.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:43.511520900Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x613b0
fc8.fe0:     NT Headers:      0xe0
fc8.fe0:     Timestamp:       0x55cdde04
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x55cdde04
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x62000 (401408)
fc8.fe0:     Resource Dir:    0x60000 LB 0x4d4
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.0.0.7023
fc8.fe0:     FileVersion:     16.0.0.7023
fc8.fe0:     SpecialBuild:    AvCompile_2015_0814_141417(7023), SVNRev 3f0381b1756dd093311a0a028b8a3dbdd65d1ea3 (av/devel), av
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG Logging Driver
fc8.fe0: \SystemRoot\System32\drivers\avgldx64.sys:
fc8.fe0:     CreationTime:    2015-10-21T15:16:48.000000000Z
fc8.fe0:     LastWriteTime:   2015-10-21T15:16:48.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:44.767742300Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x455b0
fc8.fe0:     NT Headers:      0xd8
fc8.fe0:     Timestamp:       0x5627ac5c
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x5627ac5c
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x46000 (286720)
fc8.fe0:     Resource Dir:    0x44000 LB 0x538
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.7.0.7225
fc8.fe0:     FileVersion:     16.7.0.7225
fc8.fe0:     SpecialBuild:    AvCompile_2015_1021_170455(7225), SVNRev 7c855447f1a8108ea241fa3c579387fa3a34c4a1 (release/SmallUpdate2016-01_release), av, gbn 16.7.1.29462
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG AVI Loader Driver
fc8.fe0: \SystemRoot\System32\drivers\avgdiska.sys:
fc8.fe0:     CreationTime:    2015-11-06T14:50:34.000000000Z
fc8.fe0:     LastWriteTime:   2015-11-06T14:50:34.000000000Z
fc8.fe0:     ChangeTime:      2016-02-19T11:02:47.832246400Z
fc8.fe0:     FileAttributes:  0x20
fc8.fe0:     Size:            0x2cfb0
fc8.fe0:     NT Headers:      0xd8
fc8.fe0:     Timestamp:       0x563cbe23
fc8.fe0:     Machine:         0x8664 - amd64
fc8.fe0:     Timestamp:       0x563cbe23
fc8.fe0:     Image Version:   6.2
fc8.fe0:     SizeOfImage:     0x2d000 (184320)
fc8.fe0:     Resource Dir:    0x2b000 LB 0x53c
fc8.fe0:     ProductName:     AVG Internet Security
fc8.fe0:     ProductVersion:  16.10.0.7261
fc8.fe0:     FileVersion:     16.10.0.7261
fc8.fe0:     SpecialBuild:    AvCompile_2015_1106_154256(7261), SVNRev 60acb51db486a91a637a0638931db84615308444 (release/SmallUpdate2016-02_beta), av, gbn 16.10.1.36830
fc8.fe0:     PrivateBuild:    x64 Release_Unicode_DRIVER
fc8.fe0:     FileDescription: AVG File Vault Driver
fc8.fe0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
fc8.fe0: Calling main()
fc8.fe0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
fc8.fe0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
fc8.fe0: SUPR3HardenedMain: Respawn #1
fc8.fe0: System32:  \Device\HarddiskVolume4\Windows\System32
fc8.fe0: WinSxS:    \Device\HarddiskVolume4\Windows\WinSxS
fc8.fe0: KnownDllPath: C:\Windows\system32
fc8.fe0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
fc8.fe0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
fc8.fe0: supR3HardNtEnableThreadCreation:
fc8.fe0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff87ab48c80 pvNtTerminateThread=00007ff87abc0be0
fc8.fe0: supR3HardenedWinDoReSpawn(1): New child 1c34.1c54 [kernel32].
fc8.fe0: supR3HardNtChildGatherData: PebBaseAddress=00007ff6cbb0a000 cbPeb=0x388
fc8.fe0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff87ab30000 uNtDllChildAddr=00007ff87ab30000
fc8.fe0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff87ab48c80
fc8.fe0: supR3HardenedWinSetupChildInit: Start child.
fc8.fe0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
fc8.fe0: supR3HardNtChildPurify: Startup delay kludge #1/0: 523 ms, 35 sleeps
fc8.fe0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
fc8.fe0:  *0000000000000000-ffffffffffc1ffff 0x0001/0x0000 0x0000000
fc8.fe0:  *00000000003e0000-00000000003bffff 0x0004/0x0004 0x0020000
fc8.fe0:  *0000000000400000-00000000003f0fff 0x0002/0x0002 0x0040000
fc8.fe0:   000000000040f000-000000000040dfff 0x0001/0x0000 0x0000000
fc8.fe0:  *0000000000410000-0000000000313fff 0x0000/0x0004 0x0020000
fc8.fe0:   000000000050c000-0000000000508fff 0x0104/0x0004 0x0020000
fc8.fe0:   000000000050f000-000000000050dfff 0x0004/0x0004 0x0020000
fc8.fe0:  *0000000000510000-000000000050bfff 0x0002/0x0002 0x0040000
fc8.fe0:   0000000000514000-0000000000507fff 0x0001/0x0000 0x0000000
fc8.fe0:  *0000000000520000-000000000051dfff 0x0004/0x0004 0x0020000
fc8.fe0:   0000000000522000-ffffffff80a63fff 0x0001/0x0000 0x0000000
fc8.fe0:  *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
fc8.fe0:   000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
fc8.fe0:   000000007fff0000-ffff800a344fffff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ff6cbae0000-00007ff6cbabcfff 0x0002/0x0002 0x0040000
fc8.fe0:   00007ff6cbb03000-00007ff6cbafbfff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ff6cbb0a000-00007ff6cbb08fff 0x0004/0x0004 0x0020000
fc8.fe0:   00007ff6cbb0b000-00007ff6cbb07fff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ff6cbb0e000-00007ff6cbb0bfff 0x0004/0x0004 0x0020000
fc8.fe0:   00007ff6cbb10000-00007ff6cb77ffff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ff6cbea0000-00007ff6cbea0fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbea1000-00007ff6cbf27fff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf28000-00007ff6cbf28fff 0x0080/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf29000-00007ff6cbf73fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf74000-00007ff6cbf74fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf75000-00007ff6cbf75fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf76000-00007ff6cbf7afff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf7b000-00007ff6cbf7bfff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf7c000-00007ff6cbf7cfff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf7d000-00007ff6cbf80fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbf81000-00007ff6cbfcbfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
fc8.fe0:   00007ff6cbfcc000-00007ff51d467fff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ff87ab30000-00007ff87ab30fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ab31000-00007ff87ac5dfff 0x0020/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac5e000-00007ff87ac63fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac64000-00007ff87ac70fff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac71000-00007ff87ac71fff 0x0004/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac72000-00007ff87ac74fff 0x0008/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac75000-00007ff87ac75fff 0x0010/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87ac76000-00007ff87acdcfff 0x0002/0x0080 0x1000000  \Device\HarddiskVolume4\Windows\System32\ntdll.dll
fc8.fe0:   00007ff87acdd000-00007ff0f59d9fff 0x0001/0x0000 0x0000000
fc8.fe0:  *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
fc8.fe0: VirtualBox.exe: timestamp 0x569e6712 (rc=VINF_SUCCESS)
fc8.fe0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
fc8.fe0: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
fc8.fe0: supR3HardNtChildPurify: Done after 569 ms and 0 fixes (loop #0).
1c34.1c54: Log file opened: 5.0.14r105127 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
1c34.1c54: supR3HardenedVmProcessInit: uNtDllAddr=00007ff87ab30000
1c34.1c54: ntdll.dll: timestamp 0x569e7d02 (rc=VINF_SUCCESS)
1c34.1c54: New simple heap: #1 0000000000630000 LB 0x400000 (for 1757184 allocation)
fc8.fe0: supR3HardNtEnableThreadCreation:
1c34.1c54: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
1c34.1c54: System32:  \Device\HarddiskVolume4\Windows\System32
1c34.1c54: WinSxS:    \Device\HarddiskVolume4\Windows\WinSxS
1c34.1c54: KnownDllPath: C:\Windows\system32
1c34.1c54: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1c34.1c54: Error opening VBoxDrvStub:  STATUS_OBJECT_NAME_NOT_FOUND
1c34.1c54: supR3HardenedWinReadErrorInfoDevice: NtCreateFile -> 0xc0000034
1c34.1c54: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
1c34.1c54: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
fc8.fe0: supR3HardenedWinCheckChild: enmRequest=2 rc=-101 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
fc8.fe0: Error -101 in supR3HardenedWinReSpawn! (enmWhat=3)
fc8.fe0: NtCreateFile(\Device\VBoxDrvStub) failed: 0xc0000034 STATUS_OBJECT_NAME_NOT_FOUND (0 retries)

Driver is probably stuck stopping/starting. Try 'sc.exe query vboxdrv' to get more information about its state. Rebooting may actually help.
Could someone help me fixing this problem?
Because it's pretty frustrating, because of this problem,
I get failure by failure at school..
I think the best way is to contact me at Skype and help me ny using Teamviewer.
My Skype: PsycoCripth

-ArcusStudent

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 22. Feb 2016, 22:11
by aldegoeij
Same issue for me, seems to be related to upgrading to Win 10 Build 14267.rs1_release.160213-0213 as was the case with an earlier update. 'Solution' back then was to go back to VirtualBox 4.3.12-93733

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 23. Feb 2016, 10:43
by ArcusStudent
So you've upgraded your host computer to Windows 10?
Because, i'm not going to upgrade, Wndows 8.1 works fine for me.

-ArcusStudent

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 23. Feb 2016, 11:18
by mpack
Your post isn't entirely clear. I gather that you upgraded your host to Win10. Did you also reinstall VirtualBox afterwards? VirtualBox installs a number of device drivers, I would not expect these to survive an OS upgrade.

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 23. Feb 2016, 11:57
by molkemon
I'm having a very similar issue:

2624.1e8c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2624.1e8c: supR3HardenedWinReadErrorInfoDevice: 'ntdll.dll: 4 differences between 0x14a050 and 0x14a053 in #5 (.da'
2624.1e8c: Error -5600 in supR3HardenedWinReSpawn! (enmWhat=3)
2624.1e8c: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5600 (0xffffea20) (rcNt=0xe986ea20)
VBoxDrvStub error: ntdll.dll: 4 differences between 0x14a050 and 0x14a053 in #5 (.da
244c.14f8: supR3HardenedWinCheckChild: enmRequest=2 rc=-5600 enmWhat=3 supR3HardenedWinReSpawn: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5600 (0xffffea20) (rcNt=0xe986ea20)
VBoxDrvStub error: ntdll.dll: 4 differences between 0x14a050 and 0x14a053 in #5 (.da
244c.14f8: Error -5600 in supR3HardenedWinReSpawn! (enmWhat=3)
244c.14f8: NtCreateFile(\Device\VBoxDrvStub) failed: Unknown Status -5600 (0xffffea20) (rcNt=0xe986ea20)
VBoxDrvStub error: ntdll.dll: 4 differences between 0x14a050 and 0x14a053 in #5 (.da


I'm running Win 10 Insider 14267.rs1_release

Fresh install, same error with 5.14 and newest nightly.
Any suggestions?

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 23. Feb 2016, 13:55
by ArcusStudent
mpack wrote:Your post isn't entirely clear. I gather that you upgraded your host to Win10. Did you also reinstall VirtualBox afterwards? VirtualBox installs a number of device drivers, I would not expect these to survive an OS upgrade.
No, my host is still Win8.1. And yes, i reinstalled VirtualBox many times.

Re: VirtualBox - Error In supR3HardenedWinReSpawn

Posted: 23. Feb 2016, 19:46
by Markle
Windows changed the ntdll.dll from Windows 10 build 14257 to build 14267. This is one of the joys of living on the edge. We just need to be patient until that dll gets added to the security policy. This has happened before (see ticket 14052) and it will happen again.

Edit: No surprise, but it is still the case with build 14271. Added URL to ticket.
Edit2: Confirmed fixed in 5.0.15 r105747.
All times are UTC+02:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited