VBox 6.1.34 Error
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
VBox 6.1.34 Error
Look, I hate bothering you guys, but I really need help here.
Yeah, I'm the guy that bothered you endlessly with 'Clone' - and I'm sorry - but I really see no way forward now
System blows up immediately upon start, and I'm attaching the 'Hardening' log in the hope it helps.
Thank you.
Yeah, I'm the guy that bothered you endlessly with 'Clone' - and I'm sorry - but I really see no way forward now
System blows up immediately upon start, and I'm attaching the 'Hardening' log in the hope it helps.
Thank you.
- Attachments
-
- VBoxHardening.log
- (23.84 KiB) Downloaded 13 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: VBox 6.1.34 Error
Maybe try it without the third party antivirus? (ZoneAlarm).
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
Doesn't help
Error Msg attached
Error Msg attached
- Attachments
-
- ErrVB6.1.34.png (19.59 KiB) Viewed 2808 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: VBox 6.1.34 Error
An updated hardening log showing no ZoneAlarm would be more useful.
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
Hardening log without zone alarm
- Attachments
-
- VBoxHardening.log
- (23.91 KiB) Downloaded 9 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: VBox 6.1.34 Error
Nope, that log still shows ZoneAlarm and other (Kaspersky) stuff installed. I'm amazed that you consider Russian AV to be a safer bet than Windows Defender.
184c.16e8: \SystemRoot\System32\drivers\vsdatant.sys:
184c.16e8: CreationTime: 2018-05-16T01:35:16.000000000Z
184c.16e8: LastWriteTime: 2018-05-16T01:35:16.000000000Z
184c.16e8: ChangeTime: 2021-05-14T17:27:42.889635800Z
184c.16e8: FileAttributes: 0x20
184c.16e8: Size: 0x709b8
184c.16e8: NT Headers: 0xd8
184c.16e8: Timestamp: 0x58c4b72a
184c.16e8: Machine: 0x8664 - amd64
184c.16e8: Timestamp: 0x58c4b72a
184c.16e8: Image Version: 6.1
184c.16e8: SizeOfImage: 0x96000 (614400)
184c.16e8: Resource Dir: 0x94000 LB 0x3e0
184c.16e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
184c.16e8: [Raw version resource data: 0x94060 LB 0x37c, codepage 0x0 (reserved 0x0)]
184c.16e8: ProductName: ZoneAlarm
184c.16e8: ProductVersion: 15.1.29.17237
184c.16e8: FileVersion: 15.1.29.17237
184c.16e8: FileDescription: ZoneAlarm
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
1. Many thanks for not abandoning me
2. Restarted without ZA at 'Startup' - no joy (see attached)
3. Full disclosure: For reasons unknown, for the past ~ 10 years I've been running 2 copies of ZA when running VB. problem?
4. Kaspersky? You sure? Never installed it. Gotta run Sysinternals
2. Restarted without ZA at 'Startup' - no joy (see attached)
3. Full disclosure: For reasons unknown, for the past ~ 10 years I've been running 2 copies of ZA when running VB. problem?
4. Kaspersky? You sure? Never installed it. Gotta run Sysinternals
- Attachments
-
- VBoxHardening.log
- (23.91 KiB) Downloaded 10 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: VBox 6.1.34 Error
Very sure. You have a bunch of files from a "Coretech Delivery" product, including a number of files with names like "klxxx.sys". Guess what "kl" stands for? I'm quite sure it means "Kaspersky Labs", but a Google search for "Coretech Delivery" should convince you.RetiredGuy wrote: 4. Kaspersky? You sure? Never installed it.
There is no need to keep repeating this conversation. You can easily search the hardening log yourself, looking for the line containing "supR3HardenedWinFindAdversaries". On your most recent log this was found on line 79. On a clean system the number to the right of this will be 0 ("0x0" when expressed as a hex number). On your system the number it is not 0. You have Kaspersky and ZoneAlarm both still installed - I don't consider either one to be needed by Windows 10.
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
So much for your theory:
1d88.21c8: supR3HardenedWinFindAdversaries: 0x0
By the by, this product may be free, and I probably should keep my mouth shut, but after almost 2 days of chasing down .sys files and services, I think it's disgraceful that VB
can't play nice with some a/v software (shade of the 1980's!)
It's apparent that this "improvement" was introduced only now - lose it, while I look for vsdata.sys and vsdataxxx.sys (ZA replacement of native Windows files?) that I had to remove in an attempt to accommodate VB...
Log attached!
1d88.21c8: supR3HardenedWinFindAdversaries: 0x0
By the by, this product may be free, and I probably should keep my mouth shut, but after almost 2 days of chasing down .sys files and services, I think it's disgraceful that VB
can't play nice with some a/v software (shade of the 1980's!)
It's apparent that this "improvement" was introduced only now - lose it, while I look for vsdata.sys and vsdataxxx.sys (ZA replacement of native Windows files?) that I had to remove in an attempt to accommodate VB...
Log attached!
- Attachments
-
- VBoxHardening.log
- (21.86 KiB) Downloaded 6 times
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: VBox 6.1.34 Error
Please try this:
Uninstall Virtualbox and reboot.
Go to "C:\Windows\System32\drivers", look for any files called 'Vbox*.sys' (there could be up to 5) and delete them.
Reboot again.
Reinstall Virtualbox using right-click-Run-As-Administrator.
**************************
You'll notice that 0x1040 != 0x0. The last posted logs before suggestions are trumps. Let's keep all our hominy grits flowing in the same direction, shall we?
The latest log now has the 0x0 and no mention of klflt.sys, which means you got everything cleared out. Good.
(Funny, just now I'm listening to Oasis' "Don't Look Back in Anger"... Coincidence, eh?)
Some of what 3rd-party AV does is exactly the same thing that malware does. So Virtualbox has to be careful what gets to invade its space, which sometimes means 3rd-party AV has to be told to buzz off. It can be told so, using the AV's exceptions settings.
One of the things the forum gurus have discovered is that removing all 3rd-party AV is a valid and useful troubleshooting step. And sometimes re-installation of the AV later can breed coexistence. Sometimes....
Uninstall Virtualbox and reboot.
Go to "C:\Windows\System32\drivers", look for any files called 'Vbox*.sys' (there could be up to 5) and delete them.
Reboot again.
Reinstall Virtualbox using right-click-Run-As-Administrator.
**************************
The last log before which this suggestion by Mpack was posted (viewtopic.php?f=6&t=106019&p=517856#p517793) contained this line:RetiredGuy wrote:So much for your theory:
and contained mention of "klflt.sys" just below, which googles to be a Kaspersky Labs file. QED.162c.1638: supR3HardenedWinFindAdversaries: 0x1040
You'll notice that 0x1040 != 0x0. The last posted logs before suggestions are trumps. Let's keep all our hominy grits flowing in the same direction, shall we?
The latest log now has the 0x0 and no mention of klflt.sys, which means you got everything cleared out. Good.
Folks can do a lot with their computers nowadays, and sometimes the different things fight each other. Incompatibility happens. Additionally, lots of junk is left over as folks do things with their computers, and problems are left behind by incomplete installs, files the OS keeps hold on that can't get deleted, etc.RetiredGuy wrote:I think it's disgraceful that VB can't play nice with some a/v software
(Funny, just now I'm listening to Oasis' "Don't Look Back in Anger"... Coincidence, eh?)
Some of what 3rd-party AV does is exactly the same thing that malware does. So Virtualbox has to be careful what gets to invade its space, which sometimes means 3rd-party AV has to be told to buzz off. It can be told so, using the AV's exceptions settings.
One of the things the forum gurus have discovered is that removing all 3rd-party AV is a valid and useful troubleshooting step. And sometimes re-installation of the AV later can breed coexistence. Sometimes....
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
Late, so I can't initiate such a convoluted task (2 reboots???), so let's see what Sunday brings.
And thank you!
And thank you!
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
You are never gonna believe me, but there's no VB to uninstall (!)
And lest you think I'm just messing with you, I just bought Revo Uninstaller online - didn't help (not finding it)
Now what?
Thank you for all your hand-holding and patience!
And lest you think I'm just messing with you, I just bought Revo Uninstaller online - didn't help (not finding it)
Now what?
Thank you for all your hand-holding and patience!
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: VBox 6.1.34 Error
Only thing I can suggest if you have been able to get rid of Virtualbox, is to pick up at
Go to "C:\Windows\System32\drivers"...
and keep on going.
Go to "C:\Windows\System32\drivers"...
and keep on going.
-
- Posts: 41
- Joined: 19. Nov 2015, 18:15
Re: VBox 6.1.34 Error
You're gonna HATE me; MY bad.
I a m in midst of successful re-install...zonealam too. I mistakenly looked for 'V'irtualbox instead of 'O'racle virtualbox.
I am sooooooooooooooooooo sorry...
My apilogies and all seems in order now!
I a m in midst of successful re-install...zonealam too. I mistakenly looked for 'V'irtualbox instead of 'O'racle virtualbox.
I am sooooooooooooooooooo sorry...
My apilogies and all seems in order now!
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: VBox 6.1.34 Error
That popped into my head a couple nights ago, too, "he's probably looking under Virtualbox instead of Oracle..." and I forgot to suggest it.
Glad you're up and running!
Glad you're up and running!