Hardening Problem
Hardening Problem
Hi
Im unable to start any VMs on my Windows 10 64bit Host. I have logged through the logs and removed any failed DLLs but still not able to get the VMs to load. I have attached 2 logs. I've followed the diagnostics and uninstalled, removed all folders and reg keys, rebooted and reinstalled. Removed AV.
Mike
Im unable to start any VMs on my Windows 10 64bit Host. I have logged through the logs and removed any failed DLLs but still not able to get the VMs to load. I have attached 2 logs. I've followed the diagnostics and uninstalled, removed all folders and reg keys, rebooted and reinstalled. Removed AV.
Mike
- Attachments
-
- vm1 VBoxHardening.zip
- (10.17 KiB) Downloaded 10 times
-
- vm2 VBoxHardening.zip
- (10.17 KiB) Downloaded 6 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Hardening Problem
DisplayFusion?VBoxHardening.log wrote: 2280.d88: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume6\Users\MAshley\AppData\Roaming\DisplayFusion\AppHookWIN6064_ef3e6dac-e160-46c7-a2f6-56e821dad128.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume6\Users\MAshley\AppData\Roaming\DisplayFusion\AppHookWIN6064_ef3e6dac-e160-46c7-a2f6-56e821dad128.dll'.
Re: Hardening Problem
sorry thought i had removed that already. Here is the next log file.
- Attachments
-
- VBoxHardening.zip
- (9.87 KiB) Downloaded 8 times
-
- Site Moderator
- Posts: 27330
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Hardening Problem
Please read really carefully the following FAQ: Diagnosing VirtualBox Hardening Issues for some guidelines/ideas.
See also:
See also:
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Hardening Problem
I've carried out the sfc and dism commands but still getting an error.
- Attachments
-
- VBoxHardening.zip
- (10.08 KiB) Downloaded 8 times
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Hardening Problem
I deleted your last post containing a new log, since it was essentially identical to the previous one. The important element remaining in your new logs is probably:
MS standard apps should be safe otherwise lots of people would have your problem. Consider anything bundled by the PC vendor and anything you installed yourself.
That means that an unidentifed process is still injecting itself into the VirtualBox process space, but the culprit is not one of the common problem apps (not one of the known "adversaries"). Last time I saw this it was a "safe browsing" app installed on the host to filter web pages. In general, look at the list of installed non-MS apps on your host and think about what they do: does this non-Microsoft app need to spy on other apps?VBoxHardening.log wrote: 3710.1938: More than one thread in process
MS standard apps should be safe otherwise lots of people would have your problem. Consider anything bundled by the PC vendor and anything you installed yourself.
Re: Hardening Problem
I think I've found the cause of the issue. Websense, more importantly Forcepoint Triton AP-Endpoint - Direct Connect
The problem is I dont know how to prevent the issue. Websense is required on all machines.
The problem is I dont know how to prevent the issue. Websense is required on all machines.
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Hardening Problem
Well, you'd have to look at how to add an exclusion to WebSense for VirtualBox. If policy prevents you doing that then I'm afraid that'd be a matter between you and the people who set the policy.
I have to say however that, assuming this is a company policy, IMHO it's an odd policy to have. Normally IME this kind of thing is used by parents to protect kids from porn, not by businesses to protect adults from malware (your host AV already does that).
I have to say however that, assuming this is a company policy, IMHO it's an odd policy to have. Normally IME this kind of thing is used by parents to protect kids from porn, not by businesses to protect adults from malware (your host AV already does that).
Re: Hardening Problem
we use it to prevent staff accessing social media, personal storage and email those sorts of things. Ive added virtualbox.exe vboxsvc.exe and virtualbox.dll in to the bypass list but still getting the error.
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Hardening Problem
How did you decide that this application was a likely cause? Did you for example try disabling it entirely and found that VirtualBox then ran?
Re: Hardening Problem
I had to completely uninstall it and remove its reg keys before virtualbox worked. I started with the most common outlined in the FAQs then started on any possibilities I could think of.
Its strange that last week all was working fine, no updates to virtualbox and no updates to websense. Only updates I've done are the usual WSUS ones.
Its strange that last week all was working fine, no updates to virtualbox and no updates to websense. Only updates I've done are the usual WSUS ones.
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Hardening Problem
Well something changed. Software doesn't behave randomly.Mikey13-6 wrote:Its strange that last week all was working fine, no updates to virtualbox and no updates to websense.
-
- Site Moderator
- Posts: 27330
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: Hardening Problem
That means updates to the system. I would really hate it if this is Microsoft's doing, directly or indirectly...Mikey13-6 wrote:Only updates I've done are the usual WSUS ones.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Re: Hardening Problem
I know but cant seem to pin down what that could be. I'm running Windows 10 version 1709. I've been through the update notes but nothing is standing out.mpack wrote: Well something changed. Software doesn't behave randomly.
I have raised a case with Websense but they are not quick to reply.
Re: Hardening Problem
have you got any response from Websense ? did they provided any new client ?
BT
BT