Use Bridge Connection Type

[salvo0097]

Hi, I read your install guide but you don't install VirtualBox Networking Component so you use NAT network.

I need to setup a Bridge network to use a specific host network card to connect to Internet. Can I do that and how ?

[hfiref0x]

You can. Just install missing component. However when using TDL to load tsugumi.sys it is better to stop all vbox network drivers as they may prevent current VBoxDrv from unloading and TDL will fail to work.

[salvo0097]

Do you mean installing in the installation setup ? How can I stop vbox network drivers in Windows ?

[hfiref0x]

Yes in vbox components. Using "net" or "sc" commands from elevated command prompt. First check if they are loaded/active (sc query "name") - then stop and start after patch installation.

VBoxUSBMon VBoxNetAdp VBoxNetLwf

Some of them cannot be stopped without stopping dependent services, e.g. VBoxNetLwf may depend on VBoxNetAdp, so VBoxNetAdp must be stopped first.

[salvo0097]

I always get this error. See the VBoxHardeningLog attached sc.exe query vboxdrv shows running.

VBoxHardening.log

[hfiref0x]

This is before or after you installed more components?

[salvo0097]

I reinstalled virtual box (After delete It) adding network option. Run all commands and then It shows this error.

hidevm_ahci vm0 net stop VBoxUSBMon net stop VBoxNetAdp net stop VBoxNetLwf tdl tsugumi.sys net start VBoxUSBMon net start VBoxNetAdp net start VBoxNetLwf loader

And then start vm and I get this error

[hfiref0x]

try net start vboxdrv from elevated command prompt

[salvo0097]

Tried but the service Is running Also tried net stop/start vboxdrv

[hfiref0x]

Does VBoxDrv entry present in registry? HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services Also if you can, please show logs from TDL & loader.

If VBoxDrv is loaded but VBox cannot open it, and you cannot stop VBoxDrv reboot is only option. However there can be wrong vboxdrv.sys in system32\drivers left from TDL, so VBox installation need repair.

Have a look here too -> https://github.com/hfiref0x/VBoxHardenedLoader/issues/48

[salvo0097]

i just reloaded my system. Registry key is ok here tld and loader

I just reinstalled virtualbox

[hfiref0x]

It looks ok. Does it still not work? What is the size of system32\drivers\vboxdrv.sys?

[salvo0097]

It Is 67kb

[hfiref0x]

That's the root of the problem.

When TDL detects VirtualBox because it need to load it own "vboxdrv.sys" (A) it attempts to unload currently loaded vboxdrv.sys (B) and replace it with (A) with size of 67 kb. But before doing that it makes backup copy of current vboxdrv.sys (B) in the system32\drivers.

Normally after successful run TDL unloads it VBoxDrv.sys (A) and restores original (B) and then loader.exe restarts it. Something went wrong here and it backed up not original driver (B) but it own (A). What could possible go wrong here. Since you are using Windows 10 it always keep reference to loaded driver file, so it can't be deleted when loaded. It is Windows 10 behavior only. One of these vboxdrv drivers seems stuck at unloading (could be caused by network drivers you installed) and original driver wasn't restored from backup leaving (A) in system32\drivers. And when TDL started again it backed up that driver as "original". Of course 6.x VirtualBox cannot work with VBoxDrv from 1.6 version.

You need to completely remove VirtualBox and manually delete this VBoxDrv.sys and VBoxDrv.backup files from system32\drivers. Then install VBox with required components and try run TDL tsugumi.sys again.

Also note from #48 that sometimes VBox network drivers cannot be unloaded without disabling VirtualBox Host-Only network.

In short - this is why I didn't advised to use VBox networking except NAT in guide as it causes a lot of potential problems with VBox drivers.

[salvo0097]

Thank you very much. I solved my problem. I deleted virtual box, delete VBoxdrv.sys from drivers directory. Rebooted and reinstalled Virtual Box. Disabled network adapter from Windows, stopped all services (VboxUsbmon, VBoxNetAdp, VBoxNetLwf) with net stop command and then stop VBoxDrv. All commands with elevated privileges. After that I run tdl command and then the loader. Enabled Windows vm network adapter. Opened virtualbox and Virtual machine at the first attempt.