Discussion of Problems due to Hardened Security

Discussions related to using VirtualBox on Windows hosts.

Re: Discussion of Problems due to Hardened Security

Postby HF » 6. Aug 2015, 16:29

In our case, the reason VirtualBox fails to run past version 4.3.16 is because of BeyondTrust's PowerBroker which our employer requires on all our machines.

Has anyone compiled a version of VB using the public sources to remove the hardening?
HF
 
Posts: 18
Joined: 3. Dec 2014, 01:01

Re: Discussion of Problems due to Hardened Security

Postby another1 » 7. Aug 2015, 19:42

My system:
ASUS Zenbook
4G RAM
128G SSD
Host: Win7 sp1
Guest: Ubuntu 14.04

I have used VB for about 2 years. I had Norton 360 and I think I had inadvertently gotten McAffee also (because some upgrade - Java? - had it as a default that I failed to catch) I initially had a problem with the hardened security when it was initially released (4.3.14 and 4.3.16). But by about 4.3.20 it was working. No problems until 4.3.28. In 4.3.28, my machine was getting hot. I sometimes use a lot of tabs in my firefox browser on the guest. I didn't think much of this 'problem' and didn't know if it related to VB.

Before upgrading to 4.3.30, I: 1) changed from Norton 360 to Norton Security; and 2) upgraded libreoffice on the host (choosing the install option for loading in memory). AFTER upgrading to 4.3.30 I did an update of the software on the Ubuntu guest and in the midst of that update I got a BSOD. I was able to access the guest once more but again got a BSOD. After that, I could boot the machine and login but within a few minutes the system would BSOD.

I could boot into safe mode with networking so I set about trying to discover what was causing the BSODs. It took some time to learn how to do this. Using Windows Event Viewer I got a list of "boot-start drivers failed to load":

ATKWMIACPIIO
BHDrvx64
ccSet_NS
discache
eeCtrl
IDSVia64
spldr
SRTSPX
SymIRON
SymNetS
VBoxDrv
VBoxUSBMon

I uninstalled libreoffice and virtualbox. The BSODs continued. The list of drivers no longer included VBoxDrv and VBoxUSBMon but a new driver appeared at the end of the list: wanarpv6.

I did a "clean boot" using msconfig.exe to disable startup programs and limit services in an attempt to narrow down what service/dll was causing the problem. I STILL got BSDs when I eliminated non-Microsoft services, when I disabled the first half of MS services, then half of the remainder, then another half. But with just a few MS services remaining, the BSODs stopped. I added back some of the services, and then some more (trying to narrow down what service had caused the BSODs) but the BSODs never came back even when all of the services were back on!?!?!?!

I found that Windows update has tried to update my system to Win10 and failed (I never asked for Win10! Windows update was apparently going to upgrade me without my consent!). It also did updates (2, I believe) that prepare my system for Win10. I uninstalled these and took steps to prevent an automatic Win10 upgrade.

I also installed some updates that had not been installed:
KB3048761: Info or messages not updated automatically when several windows are displayed in multiple applications (due to memory leak);
KB3075851: Improvements to Windows Update Client;
KB3064209: Intel CPU microcode update.

Then I reinstalled VB 4.3.26 and deleted the guest instance that had failed during update. I updated a different Ubuntu guest without problem. Everything is working fine. System still gets warm (I really need more memory but it is not upgradeable).

While I never tracked down what the actual cause of the problem was, I hope my experience provides some helpful insight to VB devs or users. My speculation on what may have occurred:
1) Changing from Norton 360 to Norton Security mean a re-install that cause some problem with VB hardening.
2) Windows updates that prepared my system for upgrade caused some problem with VB (as Win10 has problems with VB)
3) VB hardening changes in 4.3.30 caused some kind of conflict.
4) Some combination of the above.
another1
 
Posts: 3
Joined: 20. Jul 2014, 05:24

Re: Discussion of Problems due to Hardened Security

Postby wunjo » 8. Aug 2015, 01:23

Hi you all!

Changing the antivirus from Avast Free to Panda Free solved the hardening problem in my case.
Win 7 pro 64, Vbox 5
wunjo
 
Posts: 8
Joined: 26. Feb 2015, 15:25
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: most linux

Re: Discussion of Problems due to Hardened Security

Postby rondoval » 8. Aug 2015, 11:47

1) Windows 10, 32bit, release
2) attached
3) Windows Defender + stock firewall
Attachments
VBoxStartup.zip
(4.8 KiB) Downloaded 20 times
rondoval
 
Posts: 1
Joined: 8. Aug 2015, 11:43

Re: Discussion of Problems due to Hardened Security

Postby CaptivaKid » 12. Aug 2015, 20:35

1) Windows 10, 64bit, release
2) attached
3) AVG Internet Security 2015
Attachments
VBoxStartup.zip
(2.67 KiB) Downloaded 26 times
CaptivaKid
 
Posts: 4
Joined: 12. Aug 2015, 20:32

Re: Discussion of Problems due to Hardened Security

Postby Einsteiner » 13. Aug 2015, 15:27

False hope. deleted. sorry
Last edited by Einsteiner on 13. Aug 2015, 17:42, edited 1 time in total.
Einsteiner
 
Posts: 1
Joined: 13. Aug 2015, 15:21

Re: Discussion of Problems due to Hardened Security

Postby CaptivaKid » 13. Aug 2015, 16:13

Didn't work.
CaptivaKid
 
Posts: 4
Joined: 12. Aug 2015, 20:32

Re: Discussion of Problems due to Hardened Security

Postby CaptivaKid » 13. Aug 2015, 16:16

It comes up with the following error message:

LoadLibrary failed with error 1790: The network logon failed.
CaptivaKid
 
Posts: 4
Joined: 12. Aug 2015, 20:32

Re: Discussion of Problems due to Hardened Security

Postby mpack » 13. Aug 2015, 16:48

@Einsteiner: not every startup failure is caused by hardening, and I am struggling to think of any reason why the hardening checks would be in any way influenced by the privilege level of the user. Hardening checks DLL certification, the certificate in a DLL is the same regardess of whether the current user has admin rights or not.

Privilege levels are there for a reason, it does not seem like a wise move to arbitrarily override them.
mpack
Site Moderator
 
Posts: 29976
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Discussion of Problems due to Hardened Security

Postby CaptivaKid » 13. Aug 2015, 16:50

What would you recommend, mpack?
CaptivaKid
 
Posts: 4
Joined: 12. Aug 2015, 20:32

Re: Discussion of Problems due to Hardened Security

Postby mpack » 13. Aug 2015, 17:09

I have no information on your problem to give. I can only refer you to what the error message itself recommends trying. That and reinstalling VirtualBox using "Run as adminstrator" after rebooting the host.
mpack
Site Moderator
 
Posts: 29976
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Discussion of Problems due to Hardened Security

Postby james_ss » 14. Aug 2015, 17:06

1) Windows 7, 64bit
2) Attached
3) BullGuard Internet Security v15.1.307.3

Error: Timed out after 60001 ms waiting for child request #1 (CloseEvents) (rc=258)

If 'Security Level' for Antivirus Protection in BullGuard is reduced from 'Optimal' to 'Minimal' then the virtual machines start up without any issues. After the start up error, Windows 7 fails to cleanly shutdown.

Prior to VirtualBox 5.0.0, I had been running 4.3.14. More recent versions started up with 'Optimal' settings in Bullguard but generated warning errors during the start up process so I always ended up reverting to 4.3.14.
Attachments
VBoxStartup.log
(11.15 KiB) Downloaded 21 times
james_ss
 
Posts: 1
Joined: 14. Aug 2015, 16:46

Re: Discussion of Problems due to Hardened Security

Postby redford1974 » 17. Aug 2015, 16:49

Windows 8.1 64bit
VirtualBox 5.0.2
SpyShelter 10/Malwarebytes Anti-Malware/Windows Firewall disabled
Attachments
VBoxStartup.zip
(4.33 KiB) Downloaded 17 times
redford1974
 
Posts: 1
Joined: 17. Aug 2015, 16:42

Re: Discussion of Problems due to Hardened Security

Postby Dee3 » 19. Aug 2015, 22:23

Windows 8.1 64bit
VirtualBox 5.0.2
Windows Firewall only

Code: Select all   Expand viewCollapse view
The virtual machine 'Windows XP' has terminated unexpectedly during startup with exit code -1073741819 (0xc0000005).

Error code : E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}


All VMs do not start on all versions of Virtualbox newer than 4.3.12.
Attachments
VBoxStartup.log
(27.92 KiB) Downloaded 18 times
Dee3
 
Posts: 1
Joined: 19. Aug 2015, 22:13

Re: Discussion of Problems due to Hardened Security

Postby forderud » 22. Aug 2015, 14:08

System:
* VirtualBox 5.0.2 r102096
* Win7 professional SP1 (x64) - fully patched.
* Intel Core i7-4790 CPU with 32GB RAM
* McAfee VirusScan Enterprise & HostIntrusion Prevention (company managed)

VM startup error:
Error In supR3HardNtChildPurify
supHardenedWinVerifyProcess failed with VERR_SUP_VP_REPLACE_VIRTUAL_MEMORY_FAILED: (rc=-5673)
Result Code: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
Attachments
VBoxStartup.log
(11.65 KiB) Downloaded 13 times
forderud
 
Posts: 2
Joined: 15. Jun 2015, 20:44

PreviousNext

Return to VirtualBox on Windows Hosts

Who is online

Users browsing this forum: No registered users and 36 guests