VM's wont start

Author	Message
Daan Busman Send message Joined: 25 Jul 20 Posts: 15 Credit: 104,487 RAC: 484	Message 51007 - Posted: 2 Nov 2024, 22:01:21 UTC When i try to run tasks, the vm's pop up in virtualbox, but disappear after 5 seconds, they don't start, the stderr log says something about an exit code 0x1 and to go to the vboxhardening.log for more information, under here is the hardening log of one of the tasks 3dbc.4980: \SystemRoot\System32\ntdll.dll: 3dbc.4980: CreationTime: 2024-10-24T20:05:11.101790600Z 3dbc.4980: LastWriteTime: 2024-10-24T20:05:11.365124200Z 3dbc.4980: ChangeTime: 2024-10-24T20:38:23.523043900Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0x263b18 3dbc.4980: NT Headers: 0xe8 3dbc.4980: Timestamp: 0x6c29f8c2 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x6c29f8c2 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0x263000 (2502656) 3dbc.4980: Resource Dir: 0x1e9000 LB 0x788d8 3dbc.4980: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0x1e90f0 LB 0x380, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Microsoft® Windows® Operating System 3dbc.4980: ProductVersion: 10.0.26100.2161 3dbc.4980: FileVersion: 10.0.26100.2161 (WinBuild.160101.0800) 3dbc.4980: FileDescription: NT Layer DLL 3dbc.4980: \SystemRoot\System32\kernel32.dll: 3dbc.4980: CreationTime: 2024-10-24T20:05:10.362133600Z 3dbc.4980: LastWriteTime: 2024-10-24T20:05:10.382102700Z 3dbc.4980: ChangeTime: 2024-10-24T20:38:21.485633400Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0xcb230 3dbc.4980: NT Headers: 0x100 3dbc.4980: Timestamp: 0x95724cb0 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x95724cb0 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0xc8000 (819200) 3dbc.4980: Resource Dir: 0xc6000 LB 0x520 3dbc.4980: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0xc60b0 LB 0x3a4, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Microsoft® Windows® Operating System 3dbc.4980: ProductVersion: 10.0.26100.2161 3dbc.4980: FileVersion: 10.0.26100.2161 (WinBuild.160101.0800) 3dbc.4980: FileDescription: Windows NT BASE API Client DLL 3dbc.4980: \SystemRoot\System32\KernelBase.dll: 3dbc.4980: CreationTime: 2024-10-24T20:05:10.371148800Z 3dbc.4980: LastWriteTime: 2024-10-24T20:05:10.613740000Z 3dbc.4980: ChangeTime: 2024-10-24T20:38:23.082312600Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0x3b7a78 3dbc.4980: NT Headers: 0x100 3dbc.4980: Timestamp: 0x31da495c 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x31da495c 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0x3b1000 (3870720) 3dbc.4980: Resource Dir: 0x37b000 LB 0x548 3dbc.4980: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0x37b0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Microsoft® Windows® Operating System 3dbc.4980: ProductVersion: 10.0.26100.2161 3dbc.4980: FileVersion: 10.0.26100.2161 (WinBuild.160101.0800) 3dbc.4980: FileDescription: Windows NT BASE API Client DLL 3dbc.4980: \SystemRoot\System32\apisetschema.dll: 3dbc.4980: CreationTime: 2024-10-24T18:57:37.172319300Z 3dbc.4980: LastWriteTime: 2024-10-24T18:57:37.182656900Z 3dbc.4980: ChangeTime: 2024-10-24T20:07:47.913631500Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0x255a0 3dbc.4980: NT Headers: 0xc8 3dbc.4980: Timestamp: 0x2c64d588 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x2c64d588 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0x24000 (147456) 3dbc.4980: Resource Dir: 0x23000 LB 0x408 3dbc.4980: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0x23060 LB 0x3a8, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Microsoft® Windows® Operating System 3dbc.4980: ProductVersion: 10.0.26100.1591 3dbc.4980: FileVersion: 10.0.26100.1591 (WinBuild.160101.0800) 3dbc.4980: FileDescription: ApiSet Schema DLL 3dbc.4980: NtOpenDirectoryObject failed on \Driver: 0xc0000022 3dbc.4980: supR3HardenedWinFindAdversaries: 0x80 3dbc.4980: \SystemRoot\System32\drivers\MBAMSwissArmy.sys: 3dbc.4980: CreationTime: 2023-02-20T15:40:46.140669300Z 3dbc.4980: LastWriteTime: 2024-10-27T13:25:31.420667800Z 3dbc.4980: ChangeTime: 2024-10-27T13:25:31.420667800Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0x3a7d0 3dbc.4980: NT Headers: 0xf0 3dbc.4980: Timestamp: 0x665f4373 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x665f4373 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0x3e000 (253952) 3dbc.4980: Resource Dir: 0x3c000 LB 0x3b8 3dbc.4980: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0x3c060 LB 0x358, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Malwarebytes SwissArmy 3dbc.4980: ProductVersion: 4.4.0.212 3dbc.4980: FileVersion: 4.4.0.212 3dbc.4980: FileDescription: Malwarebytes SwissArmy 3dbc.4980: \SystemRoot\System32\drivers\mbamchameleon.sys: 3dbc.4980: CreationTime: 2024-06-18T12:16:42.779128100Z 3dbc.4980: LastWriteTime: 2024-06-18T12:16:42.779128100Z 3dbc.4980: ChangeTime: 2024-10-24T19:48:34.852739100Z 3dbc.4980: FileAttributes: 0x20 3dbc.4980: Size: 0x35fd0 3dbc.4980: NT Headers: 0xf0 3dbc.4980: Timestamp: 0x66427ca6 3dbc.4980: Machine: 0x8664 - amd64 3dbc.4980: Timestamp: 0x66427ca6 3dbc.4980: Image Version: 10.0 3dbc.4980: SizeOfImage: 0x3a000 (237568) 3dbc.4980: Resource Dir: 0x38000 LB 0x3b8 3dbc.4980: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)] 3dbc.4980: [Raw version resource data: 0x38060 LB 0x358, codepage 0x0 (reserved 0x0)] 3dbc.4980: ProductName: Malwarebytes Chameleon 3dbc.4980: ProductVersion: 3.2.0.418 3dbc.4980: FileVersion: 3.2.0.418 3dbc.4980: FileDescription: Malwarebytes Chameleon 3dbc.4980: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 3dbc.4980: Calling main() 3dbc.4980: SUPR3HardenedMain: pszProgName=VBoxHeadless fFlags=0x0 3dbc.4980: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox' 3dbc.4980: SUPR3HardenedMain: Respawn #1 3dbc.4980: System32: \Device\HarddiskVolume3\Windows\System32 3dbc.4980: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS 3dbc.4980: KnownDllPath: C:\WINDOWS\System32 3dbc.4980: supR3HardenedWinInit: Performing a limited self purification... 3dbc.4980: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION 3dbc.4980: 0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000 3dbc.4980: 000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 3dbc.4980: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000 3dbc.4980: 000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000 3dbc.4980: 000000007ffe5000-0000000894ebffff 0x0001/0x0000 0x0000000 3dbc.4980: 0000000894ec0000-0000000894f70fff 0x0000/0x0004 0x0020000 3dbc.4980: 0000000894f71000-0000000894f73fff 0x0104/0x0004 0x0020000 3dbc.4980: 0000000894f74000-0000000894fbffff 0x0004/0x0004 0x0020000 3dbc.4980: 0000000894fc0000-0000000894ffffff 0x0001/0x0000 0x0000000 3dbc.4980: 0000000895000000-0000000895134fff 0x0000/0x0004 0x0020000 3dbc.4980: 0000000895135000-0000000895137fff 0x0004/0x0004 0x0020000 3dbc.4980: 0000000895138000-00000008951fffff 0x0000/0x0004 0x0020000 3dbc.4980: 0000000895200000-00000189abd5ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abd60000-00000189abd61fff 0x0002/0x0004 0x0020000 3dbc.4980: 00000189abd62000-00000189abd6ffff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189abd70000-00000189abd70fff 0x0004/0x0004 0x0040000 3dbc.4980: 00000189abd71000-00000189abd71fff 0x0000/0x0004 0x0040000 3dbc.4980: 00000189abd72000-00000189abd7ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abd80000-00000189abd9ffff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abda0000-00000189abda3fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abda4000-00000189abdaffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abdb0000-00000189abdb0fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abdb1000-00000189abdbffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abdc0000-00000189abdc1fff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189abdc2000-00000189abdcffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abdd0000-00000189abdd2fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abdd3000-00000189abddffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abde0000-00000189abde3fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abde4000-00000189abdeffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abdf0000-00000189abdf3fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abdf4000-00000189abdfffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abe00000-00000189abe00fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abe01000-00000189abe0ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abe10000-00000189abe11fff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189abe12000-00000189abe71fff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189abe72000-00000189abe7ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abe80000-00000189abe8ffff 0x0004/0x0004 0x0040000 3dbc.4980: 00000189abe90000-00000189abe92fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abe93000-00000189abe9ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abea0000-00000189abf72fff 0x0002/0x0002 0x0040000 3dbc.4980: 00000189abf73000-00000189abf8ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189abf90000-00000189abf9bfff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189abf9c000-00000189ac08ffff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac090000-00000189ac091fff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189ac092000-00000189ac0f1fff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac0f2000-00000189ac12ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189ac130000-00000189ac13efff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189ac13f000-00000189ac13ffff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac140000-00000189ac14efff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac14f000-00000189ac3b2fff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189ac3b3000-00000189ac3b3fff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac3b4000-00000189ac3bffff 0x0001/0x0000 0x0000000 3dbc.4980: 00000189ac3c0000-00000189ac3edfff 0x0004/0x0004 0x0020000 3dbc.4980: 00000189ac3ee000-00000189ac4bffff 0x0000/0x0004 0x0020000 3dbc.4980: 00000189ac4c0000-00007df463f9ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007df463fa0000-00007df563fbffff 0x0000/0x0004 0x0020000 3dbc.4980: 00007df563fc0000-00007df565559fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007df56555a000-00007df565708fff 0x0001/0x0001 0x0040000 3dbc.4980: 00007df565709000-00007df565d8bfff 0x0000/0x0001 0x0040000 3dbc.4980: 00007df565d8c000-00007df565d8cfff 0x0001/0x0001 0x0040000 3dbc.4980: 00007df565d8d000-00007ff53d090fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff53d091000-00007ff53d095fff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff53d096000-00007ff54a022fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff54a023000-00007ff54da9cfff 0x0001/0x0001 0x0040000 3dbc.4980: 00007ff54da9d000-00007ff54daacfff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff54daad000-00007ff54dacefff 0x0001/0x0001 0x0040000 3dbc.4980: 00007ff54dacf000-00007ff54dad2fff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff54dad3000-00007ff54db39fff 0x0001/0x0001 0x0040000 3dbc.4980: 00007ff54db3a000-00007ff54db44fff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff54db45000-00007ff563fbffff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff563fc0000-00007ff5efe8ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ff5efe90000-00007ff5efe94fff 0x0002/0x0002 0x0040000 3dbc.4980: 00007ff5efe95000-00007ff5eff8ffff 0x0000/0x0002 0x0040000 3dbc.4980: 00007ff5eff90000-00007ff5f1f8ffff 0x0000/0x0004 0x0020000 3dbc.4980: 00007ff5f1f90000-00007ff5f1f90fff 0x0004/0x0004 0x0020000 3dbc.4980: 00007ff5f1f91000-00007ff5f1f9ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ff5f1fa0000-00007ff5f1fa0fff 0x0002/0x0002 0x0040000 3dbc.4980: 00007ff5f1fa1000-00007ff64344ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ff643450000-00007ff643450fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643451000-00007ff6434bafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff6434bb000-00007ff6434bbfff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff6434bc000-00007ff64350efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff64350f000-00007ff643511fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643512000-00007ff643514fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643515000-00007ff643517fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643518000-00007ff643518fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643519000-00007ff64351afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff64351b000-00007ff64351bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff64351c000-00007ff643563fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643564000-00007ffa6b76ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ffa6b770000-00007ffa6b770fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6b771000-00007ffa6b8fbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6b8fc000-00007ffa6bad0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6bad1000-00007ffa6bad6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6bad7000-00007ffa6bb20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6bb21000-00007ffa6bb21fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6bb22000-00007ffa6bb23fff 0x0000/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll 3dbc.4980: 00007ffa6bb24000-00007ffa6c3cffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ffa6c3d0000-00007ffa6c3d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c3d1000-00007ffa6c456fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c457000-00007ffa6c48dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c48e000-00007ffa6c48ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c490000-00007ffa6c497fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c498000-00007ffa6c498fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c499000-00007ffa6c49afff 0x0000/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll 3dbc.4980: 00007ffa6c49b000-00007ffa6de9ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ffa6dea0000-00007ffa6dea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6dea1000-00007ffa6e010fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e011000-00007ffa6e069fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e06a000-00007ffa6e072fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e073000-00007ffa6e102fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e103000-00007ffa6e103fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e104000-00007ffa6e105fff 0x0000/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e106000-00007ffffffeffff 0x0001/0x0000 0x0000000 3dbc.4980: kernel32.dll: timestamp 0x95724cb0 (rc=VINF_SUCCESS) 3dbc.4980: kernelbase.dll: timestamp 0x31da495c (rc=VINF_SUCCESS) 3dbc.4980: VBoxHeadless.exe: timestamp 0x63bee674 (rc=VINF_SUCCESS) 3dbc.4980: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe: Signature #1/2: info status: 24202 3dbc.4980: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 3dbc.4980: VBoxHeadless.exe: Differences in section #7 (.00cfg) between file and memory: 3dbc.4980: 00007ff643523000 / 0x00d3000: 00 != 40 3dbc.4980: 00007ff643523001 / 0x00d3001: 0b != 31 3dbc.4980: 00007ff643523002 / 0x00d3002: 47 != 10 3dbc.4980: 00007ff643523003 / 0x00d3003: 43 != 6e 3dbc.4980: 00007ff643523004 / 0x00d3004: f6 != fa 3dbc.4980: 00007ff643523008 / 0x00d3008: 00 != 40 3dbc.4980: 00007ff643523009 / 0x00d3009: 0b != 31 3dbc.4980: 00007ff64352300a / 0x00d300a: 47 != 10 3dbc.4980: 00007ff64352300b / 0x00d300b: 43 != 6e 3dbc.4980: 00007ff64352300c / 0x00d300c: f6 != fa 3dbc.4980: 00007ff643523011 / 0x00d3011: a9 != 30 3dbc.4980: 00007ff643523012 / 0x00d3012: 4b != 10 3dbc.4980: 00007ff643523013 / 0x00d3013: 43 != 6e 3dbc.4980: 00007ff643523014 / 0x00d3014: f6 != fa 3dbc.4980: 00007ff643523018 / 0x00d3018: 60 != 40 3dbc.4980: 00007ff643523019 / 0x00d3019: a9 != 30 3dbc.4980: 00007ff64352301a / 0x00d301a: 4b != 10 3dbc.4980: 00007ff64352301b / 0x00d301b: 43 != 6e 3dbc.4980: 00007ff64352301c / 0x00d301c: f6 != fa 3dbc.4980: 00007ff643523020 / 0x00d3020: 60 != 40 3dbc.4980: 00007ff643523021 / 0x00d3021: a9 != 30 3dbc.4980: 00007ff643523022 / 0x00d3022: 4b != 10 3dbc.4980: 00007ff643523023 / 0x00d3023: 43 != 6e 3dbc.4980: 00007ff643523024 / 0x00d3024: f6 != fa 3dbc.4980: Restored 0x28 bytes of original file content at 00007ff643523000 3dbc.4980: VBoxHeadless.exe: Differences in section #8 (.rsrc) between file and memory: 3dbc.4980: 00007ff6435625f8 / 0x01125f8: 00 != 50 3dbc.4980: 00007ff6435625f9 / 0x01125f9: 00 != 41 3dbc.4980: 00007ff6435625fa / 0x01125fa: 00 != 44 3dbc.4980: 00007ff6435625fb / 0x01125fb: 00 != 44 3dbc.4980: 00007ff6435625fc / 0x01125fc: 00 != 49 3dbc.4980: 00007ff6435625fd / 0x01125fd: 00 != 4e 3dbc.4980: 00007ff6435625fe / 0x01125fe: 00 != 47 3dbc.4980: 00007ff6435625ff / 0x01125ff: 00 != 58 3dbc.4980: Restored 0xa08 bytes of original file content at 00007ff6435625f8 3dbc.4980: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports 3dbc.4980: Error (rc=-5607): 3dbc.4980: ntdll.dll: SizeOfImage (0x263000) isn't close enough to the mapping size (0x266000) 3dbc.4980: supHardNtVpCheckHandles: 3dbc.4980: supHardNtVpCheckHandles: Inheritable file handle: 000000000000006c 3dbc.4980: supHardNtVpCheckHandles: Inheritable file handle: 0000000000000068 3dbc.4980: supHardNtVpCheckHandles: Inheritable file handle: 0000000000000064 3dbc.4980: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=2 3dbc.4980: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe: Signature #1/2: info status: 24202 3dbc.4980: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe' has no imports 3dbc.4980: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe) 3dbc.4980: supR3HardNtEnableThreadCreationEx: 3dbc.4980: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa6df92350 pvNtTerminateThread=00007ffa6e0000b0 3dbc.4980: supR3HardenedWinDoReSpawn(1): New child 352c.2180 [kernel32]. 3dbc.4980: supR3HardNtChildGatherData: PebBaseAddress=000000730d0d9000 cbPeb=0x388 3dbc.4980: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa6dea0000 uNtDllChildAddr=00007ffa6dea0000 3dbc.4980: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa6df92350 3dbc.4980: supR3HardenedWinSetupChildInit: Initial context: rax=0000000000000000 rbx=0000000000000000 rcx=00007ff64345b5a0 rdx=000000730d0d9000 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000 rip=00007ffa6df7fbc0 rsp=000000730cf9ff58 rbp=0000000000000000 ctxflags=0010001b cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000 3dbc.4980: supR3HardenedWinSetupChildInit: Start child. 3dbc.4980: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms. 3dbc.4980: supR3HardNtChildPurify: Startup delay kludge #1/0: 524 ms, 34 sleeps 3dbc.4980: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION 3dbc.4980: 0000000000000000-000000007ffdffff 0x0001/0x0000 0x0000000 3dbc.4980: 000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000 3dbc.4980: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000 3dbc.4980: 000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000 3dbc.4980: 000000007ffe5000-000000730ce9ffff 0x0001/0x0000 0x0000000 3dbc.4980: 000000730cea0000-000000730cf9afff 0x0000/0x0004 0x0020000 3dbc.4980: 000000730cf9b000-000000730cf9dfff 0x0104/0x0004 0x0020000 3dbc.4980: 000000730cf9e000-000000730cf9ffff 0x0004/0x0004 0x0020000 3dbc.4980: 000000730cfa0000-000000730cffffff 0x0001/0x0000 0x0000000 3dbc.4980: 000000730d000000-000000730d0d8fff 0x0000/0x0004 0x0020000 3dbc.4980: 000000730d0d9000-000000730d0dbfff 0x0004/0x0004 0x0020000 3dbc.4980: 000000730d0dc000-000000730d1fffff 0x0000/0x0004 0x0020000 3dbc.4980: 000000730d200000-000001847dd5ffff 0x0001/0x0000 0x0000000 3dbc.4980: 000001847dd60000-000001847dd7ffff 0x0004/0x0004 0x0020000 3dbc.4980: 000001847dd80000-000001847dd9ffff 0x0002/0x0002 0x0040000 3dbc.4980: 000001847dda0000-000001847dda3fff 0x0002/0x0002 0x0040000 3dbc.4980: 000001847dda4000-000001847ddaffff 0x0001/0x0000 0x0000000 3dbc.4980: 000001847ddb0000-000001847ddb0fff 0x0002/0x0002 0x0040000 3dbc.4980: 000001847ddb1000-000001847ddbffff 0x0001/0x0000 0x0000000 3dbc.4980: 000001847ddc0000-000001847ddc1fff 0x0004/0x0004 0x0020000 3dbc.4980: 000001847ddc2000-00007df563faffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007df563fb0000-00007df563fb0fff 0x0002/0x0002 0x0040000 3dbc.4980: 00007df563fb1000-00007df563fbffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007df563fc0000-00007df565559fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007df56555a000-00007df565708fff 0x0001/0x0001 0x0040000 3dbc.4980: 00007df565709000-00007df565d8bfff 0x0000/0x0001 0x0040000 3dbc.4980: 00007df565d8c000-00007df565d8cfff 0x0001/0x0001 0x0040000 3dbc.4980: 00007df565d8d000-00007ff53d090fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff53d091000-00007ff53d095fff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff53d096000-00007ff54a022fff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff54a023000-00007ff54db39fff 0x0001/0x0001 0x0040000 3dbc.4980: 00007ff54db3a000-00007ff54db44fff 0x0002/0x0001 0x0040000 3dbc.4980: 00007ff54db45000-00007ff563fbffff 0x0000/0x0001 0x0040000 3dbc.4980: 00007ff563fc0000-00007ff64344ffff 0x0001/0x0000 0x0000000 3dbc.4980: 00007ff643450000-00007ff643450fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643451000-00007ff6434bafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff6434bb000-00007ff6434bbfff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff6434bc000-00007ff64350efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff64350f000-00007ff64350ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643510000-00007ff643510fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643511000-00007ff643515fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643516000-00007ff64351bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff64351c000-00007ff643563fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxHeadless.exe 3dbc.4980: 00007ff643564000-00007ffa6de9ffff 0x0001/0x0000 0x0000000 3dbc.4980: *00007ffa6dea0000-00007ffa6dea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6dea1000-00007ffa6e010fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e011000-00007ffa6e069fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e06a000-00007ffa6e072fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e073000-00007ffa6e083fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e084000-00007ffa6e086fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e087000-00007ffa6e087fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e088000-00007ffa6e102fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e103000-00007ffa6e103fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e104000-00007ffa6e105fff 0x0000/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll 3dbc.4980: 00007ffa6e106000-00007ffffffeffff 0x0001/0x0000 0x0000000 3dbc.4980: VBoxHeadless.exe: Differences in section #8 (.rsrc) between file and memory: 3dbc.4980: 00007ff6435625f8 / 0x01125f8: 00 != 50 3dbc.4980: 00007ff6435625f9 / 0x01125f9: 00 != 41 3dbc.4980: 00007ff6435625fa / 0x01125fa: 00 != 44 3dbc.4980: 00007ff6435625fb / 0x01125fb: 00 != 44 3dbc.4980: 00007ff6435625fc / 0x01125fc: 00 != 49 3dbc.4980: 00007ff6435625fd / 0x01125fd: 00 != 4e 3dbc.4980: 00007ff6435625fe / 0x01125fe: 00 != 47 3dbc.4980: 00007ff6435625ff / 0x01125ff: 00 != 58 3dbc.4980: Restored 0xa08 bytes of original file content at 00007ff6435625f8 3dbc.4980: Error (rc=-5607): 3dbc.4980: ntdll.dll: SizeOfImage (0x263000) isn't close enough to the mapping size (0x266000) 3dbc.4980: Error (rc=-5607): 3dbc.4980: supHardenedWinVerifyProcess failed with -5607: ntdll.dll: SizeOfImage (0x263000) isn't close enough to the mapping size (0x266000) 3dbc.4980: Error -5607 in supR3HardNtChildPurify! (enmWhat=5) 3dbc.4980: supHardenedWinVerifyProcess failed with -5607: ntdll.dll: SizeOfImage (0x263000) isn't close enough to the mapping size (0x266000) ID: 51007 · Reply Quote

Toby Broom Volunteer moderator Send message Joined: 27 Sep 08 Posts: 854 Credit: 698,373,287 RAC: 149,926	Message 51009 - Posted: 3 Nov 2024, 8:33:02 UTC Someone said new version of vbox fixed it for them https://forums.virtualbox.org/viewtopic.php?t=112454 or could be build of Windows 24H2? ID: 51009 · Reply Quote

Crystal Pellet Volunteer moderator Volunteer tester Send message Joined: 14 Jan 10 Posts: 1439 Credit: 9,616,154 RAC: 1,894	Message 51010 - Posted: 3 Nov 2024, 9:47:41 UTC - in response to Message 51007. When i try to run tasks, the vm's pop up in virtualbox, but disappear after 5 seconds, they don't start, the stderr log says something about an exit code 0x1 and to go to the vboxhardening.log for more information, Is Windows Hyper-V disabled? ID: 51010 · Reply Quote

Daan Busman Send message Joined: 25 Jul 20 Posts: 15 Credit: 104,487 RAC: 484	Message 51011 - Posted: 3 Nov 2024, 12:07:47 UTC Installing the latest version of VirtualBox (7.1.4) has fixed my problems, even with theory simulation and atlas. When checking for updates in Virtualbox itself, it says 7.0.22 is the most recent, which is not the case. Thanks! ID: 51011 · Reply Quote

Toby Broom Volunteer moderator Send message Joined: 27 Sep 08 Posts: 854 Credit: 698,373,287 RAC: 149,926	Message 51018 - Posted: 4 Nov 2024, 9:22:34 UTC - in response to Message 51011. It how VBox does uopdates, it doesn't offer to the new major version, 7.1.x is major vs 7.0.x ID: 51018 · Reply Quote

LHC@home