Page 13 of 33

Re: Discussion of Problems due to Hardened Security

Posted: 16. Nov 2015, 22:37
by rnewman
Hello,
No go with the latest builds...

OS - Win7 Professional 64bit - SP1 (patched)
Trendmicro Office Scan - 11.0.4150 sp1

Virtualbox - 4.3.33-103933
Virtualbox - 5.0.11-104101

Screen shot and startup log attached.

I am happy to assist with debugging. Are there any switches or process that would provide additional diagnostic information?

Thanks,
Richard

Re: Discussion of Problems due to Hardened Security

Posted: 17. Nov 2015, 10:20
by Giangi
I have updated ticket 13292 for a NAT problem with Microsoft Forefront TMG server...

Re: Discussion of Problems due to Hardened Security

Posted: 18. Nov 2015, 22:18
by von
Hello, i hope i am posting this in the right place. Anyways i have stalled on my Windows 7 32bit Virtual box Version 5.0.10 r10406,that is the latest version and every time i try to start a virtual machine, i get the following error

Failed to open a session for the virtual machine VM SERVICE 1.
The virtual machine 'VM SERVICE 1' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\VALERIE\VirtualBox VMs\VM SERVICE 1\Logs\VBoxHardening.log'.
Result Code: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
I am not really techie but i did try to fix it myself by using google and all but nothing worked. I have installed on my system, the AVG anti virus and the basic microsoft security essentials.

I have attached a copy of my logs

Re: Discussion of Problems due to Hardened Security

Posted: 18. Nov 2015, 23:23
by Jack Yan
Hi guys:

Here’s mine. I can’t remember what version I was on before, but I was happily using it on Windows 7. After the Windows 10 upgrade, I couldn’t even open VirtualBox. I upgraded to the latest version and now have an error with the hardening log attached.

1. Windows 10 Home version 1511, OS build 10586.3
2. Zipped log attached
3. McAfee Security Center for anti-virus and firewall

Re: Discussion of Problems due to Hardened Security

Posted: 21. Nov 2015, 22:22
by doveman1
I'm running 4.3.12 with WIn7 guests but need to create a Win10 guest, so tried updating to 5.0.10. However with that, I couldn't boot either the new Win10 or my existing Win7 guests.

I tried all versions from 4.3.34 down to 4.3.24 and had the same problem. Only reinstalling 4.3.12 got my Win7 guest working again.

I've attached the VboxHardening.log from 5.0.10 when trying to boot the Win10 guest.

The host is Win8.1. The Vbox.log refers to DLLs from RadeonPro and MSI Afterburner. I'm running Avast Antivirus and Comodo Firewall (Firewall component only).
VBox.log wrote: 00:00:02.504949 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.505020 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.505092 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.505123 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.541694 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.541741 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.541804 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.541864 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.606708 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.606760 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.606835 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.606865 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.833682 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.833733 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.833806 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.833837 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190

Re: Discussion of Problems due to Hardened Security

Posted: 27. Nov 2015, 17:44
by JonG
OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r10461
VBoxHardening.log attached when trying to boot 64-bit LInux 2.6/3.x/4.x machine created by docker 1.9.1
Antivirus, firewall, etc: Bromium VSentry, McAfee Agent, McAfee VirusScan Enterprise
39b8.3a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\privman64.dll [lacks WinVerifyTrust]
a2c.32e8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 77 ms, the end);
33c8.1fec: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 734 ms, the end);

Re: Discussion of Problems due to Hardened Security

Posted: 1. Dec 2015, 21:39
by a.h.8
HW: Dell Precision M6400 mit Intel(R) Core(TM) 2 Duo CPU P8400 @ 2,26 GHz mit 8G RAM,
OS: Microsoft Windows 7 Professional 2, Service Pack 1, all recent patches
VB: Virtual Box 4.3.32r101610, Extension Pack 4.3.32-103443

I've been using VitualBox for quite a while now, starting at least from version 4.2.6. The version currently in use was 4.3.32. which suddenly stopped working this morning with a hardening problem. The only apparent change was an update of the anti virus software (AVIRA AntiVirus) to:

Produktversion 15.0.15.125 20.11.2015
Suchengine 8.03.34.82 25.11.2015
Virendefinitionsdatei 8.12.33.166 01.12.2015
Control Center 15.00.15.106 01.12.2015
Config Center 15.00.15.106 01.12.2015
Luke Filewalker 15.00.15.122 01.12.2015
Echtzeit-Scanner 15.00.15.106 01.12.2015
Filter 15.00.15.103 01.12.2015
Browser-Schutz 15.00.15.125 01.12.2015
Planer 15.00.15.106 01.12.2015
Updater 15.00.15.108 01.12.2015
Rootkits Schutz 15.00.15.103 01.12.2015
Local Decider 15.00.15.106 01.12.2015

After the required reboot none of the virtual machines could be started. I upgraded to version 4.3.34 and 5.0.10. The error messages changed a little, but the problem persisted. I couldn't find a “supR3HardenedError“ in the log files (one of the logs is attached) but a few “lacks WinVerifyTrust” errors. So I removed KB3004394, KB3045999 and KB308132, which were all installed, but it didn't help either. Only downgrading to 4.3.12 allowed to run virtual machines again.

By the way, is there a chance that this issue is solved in the near future, one way or another, because sticking to an old version can hardly be a permanent solution?

Re: Discussion of Problems due to Hardened Security

Posted: 1. Dec 2015, 22:09
by bwalog6
(pending deletion)

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 01:37
by paia
Same problem here. Also Avira updated today.

HW: i7-4770, VT-D/VT-x enabled, 16 GB RAM,
Host OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r104061
err1.PNG
err1.PNG (11.21 KiB) Viewed 11082 times

Code: Select all

The virtual machine 'win10' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'E:\VirtualBox\win10\Logs\VBoxHardening.log'.
Návratový kód: 
E_FAIL (0x80004005)
Komponenta: 
MachineWrap
Rozhraní: 
IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 01:57
by paia
Avira Antivirus uninstallled and all guests are working again!

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 11:10
by Nessi
paia wrote:Avira Antivirus uninstallled and all guests are working again!
Ran into this problem today. As of 2015-12-01 it was still working. And unfortunately, paia's "solution" solved it for me, too.

Any other solution? It's not really an option... uninstalling AntiVirus software...

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 11:36
by mpack
Nessi wrote:Any other solution? It's not really an option... uninstalling AntiVirus software...
Sure it is. There's plenty of other AV suppliers out there, assuming resident AV is needed at all.

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 12:06
by bwalog6
(pending deletion)

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 12:11
by michaln
bwalog6 wrote:VirtualBox had aborted a saved VM most of the time after restoring it, so there was hardly a point saving VM state, and instead I needed to reboot the guest every time.
If you report that with logs and crash dumps, it will get fixed. If you don't, it probably won't.

Re: Discussion of Problems due to Hardened Security

Posted: 2. Dec 2015, 12:16
by bwalog6
I wasn't complaining about a lack of response on that one. But if it's a touchy subject, I'll just leave you to it.