4.3.20 rejecting crypt32.dll after Windows patchday

Discussions related to using VirtualBox on Windows hosts.

4.3.20 rejecting crypt32.dll after Windows patchday

Postby sunboy » 10. Dec 2014, 15:21

Hello

none on my VMs can't be started anymore after I applied newest MS patch

after that i can read in VMstart.log:

Vbox: 4.3.20r96997
Code: Select all   Expand viewCollapse view
209c.2320: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
209c.2320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
209c.2320: Error (rc=0):

209c.2320: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume2\Windows\System32\crypt32.dll
209c.2320: Error (rc=0):

209c.2320: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190
209c.2320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll'
209c.2320: Fatal error:
209c.2320: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll]

a48.21fc: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 344 ms, the end);
1c20.1240: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 952 ms, the end);


Code: Select all   Expand viewCollapse view
 C:\Windows\system32
30.10.2014  03:04         1.480.192 crypt32.dll
SHA256:    ea3528028bf82a5d025c25633a5ddd6b71aaa0c1333aa9532a2ca711a8fe89e8


i am using Windows 7 pro 64bit and Trendmicro Office scan
sunboy
 
Posts: 9
Joined: 23. Jul 2014, 13:02

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby sunboy » 10. Dec 2014, 16:11

I uninstall KB3004394 (which had installed the new root root certificates with crypt32.dll Version 6.1.7601.18648)

Now Virtual Machines can be started again, but the entire system seems to be very slow/like under heavy load.

See
"December 2014 update for Windows Root Certificate ..."
https://support.microsoft.com/kb/3004394

There seems to be a general problem with kb3004394...?
sunboy
 
Posts: 9
Joined: 23. Jul 2014, 13:02

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby ptmcg » 10. Dec 2014, 21:24

I had updated to 4.3.20 after the KB install, trying to get things working. So after uninstalling the KB, I also un/reinstalled VB 4.3.20 - now VMs are all running again.

Not detecting any sluggishness tho.
ptmcg
 
Posts: 1
Joined: 10. Dec 2014, 21:17

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby bird » 10. Dec 2014, 22:17

Just to repeat current analysis of the problem ( https://www.virtualbox.org/ticket/13677#comment:6 ):

From what I can tell, the KB3004394 update does not install a catalog file on 64-bit windows 7. It does on Windows 8.1 (C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB3004394~31bf3856ad364e35~amd64~~6.3.1.0.cat), so VBox works fine there.

The result of the missing .cat file is that VBox (nor SysInternal's SigCheck.exe for that matter) is not able to verify the authenticity of c:\windows\system32\crypt32.dll and wintrust.dll. If we cannot find any valid signature for the files, we have to assume that they have been tampered with and are forced to abort application loading. These two dlls are important for validating other components, so there is absolutely no way we can ignore this.

Until Microsoft (hopefully) fixes the KB3004394 update on Windows 7, the only solution is to revert/uninstall it.

--bird
Knut St. Osmundsen
Oracle Corporation
bird
Oracle Corporation
 
Posts: 116
Joined: 10. May 2007, 10:27

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby david.90 » 11. Dec 2014, 07:15

Good Evening,

I also encountered this issue after Windows Update ran and installed the KB update.
I am in the midst of un-installing the KB update now.

Thank you all for your input.
david.90
 
Posts: 1
Joined: 11. Dec 2014, 07:12

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby Poema » 11. Dec 2014, 10:12

THANKS,

I've had the same problem and this forum saved my live (work)
Poema
 
Posts: 1
Joined: 11. Dec 2014, 10:09

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby socratis » 11. Dec 2014, 12:16

For your own information, I tried to update an almost up-to-date Windows machine and it seems that Microsoft has pulled KB3004394 from its updates (yesterday there were 11 updates, today 10; guess who's missing ;) ). It appears that there have been major issues with it, not just VirtualBox. For example. see Botched KB 3004394 triggers error messages, but no response from Microsoft.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 19739
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby johnroberts » 11. Dec 2014, 14:50

I can confirm the same issue on Windows 7 Pro/32 bit. The usual Microsoft FUBAR :? .
johnroberts
 
Posts: 2
Joined: 25. Dec 2010, 19:35
Primary OS: openSUSE
VBox Version: PUEL
Guest OSses: WindowsXP, Linux various

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby sunboy » 11. Dec 2014, 16:51

KB3004394 is back again for download.

To fix the problem just rerun Windows Update and reboot.
sunboy
 
Posts: 9
Joined: 23. Jul 2014, 13:02

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby wharrell » 11. Dec 2014, 17:49

This is the exact problem I was experiencing after applying Microsoft patches. I removed KB3004294 and re-installed 4.3.20 just to be safe. It resolved my issue.
wharrell
 
Posts: 1
Joined: 11. Dec 2014, 17:47

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby socratis » 11. Dec 2014, 18:10

sunboy wrote:KB3004394 is back again for download.

No it is not. Microsoft pulled it. Just checked and it's not available in the Windows Update.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 19739
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby GranoblasticMan » 11. Dec 2014, 21:13

I wonder if someone should tell Microsoft about this "new" software QA idea called "regression testing"...
GranoblasticMan
 
Posts: 1
Joined: 11. Dec 2014, 21:12

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Postby michaln » 12. Dec 2014, 13:01

There is now http://support.microsoft.com/kb/3024777 which ought to fix the affected systems.
michaln
Oracle Corporation
 
Posts: 2931
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all


Return to VirtualBox on Windows Hosts

Who is online

Users browsing this forum: No registered users and 229 guests

cron