Windows 4.3.16 specifically for errors due to security

Discussions related to using VirtualBox on Windows hosts.
ES
Posts: 5
Joined: 2. Aug 2013, 12:28

Re: Windows 4.3.16 specifically for errors due to security

Post by ES »

When attempting to start any of my Virtual Machines in VirtualBox 4.3.16, I get the "Starting VM" dialog with the message "Creating process for virtual machine" then it seems to get stuck there.

Image

I'm using Windows 7 64-bit w/ SP1 and my anti-virus is avast! Free 7.0.1426.

VBoxStartup.log for 1st VM:

Code: Select all

e8c.4b8: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000018 g_uNtVerCombined=0x611db110
e8c.4b8: Calling main()
e8c.4b8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
e8c.4b8: SUPR3HardenedMain: Respawn #1
e8c.4b8: System32:  \Device\HarddiskVolume6\Windows\System32
e8c.4b8: WinSxS:    \Device\HarddiskVolume6\Windows\winsxs
e8c.4b8: ProgDir:   \Device\HarddiskVolume6\Program Files
e8c.4b8: ComDir:    \Device\HarddiskVolume6\Program Files\Common Files
e8c.4b8: ProgDir32: \Device\HarddiskVolume6\Program Files (x86)
e8c.4b8: ComDir32:  \Device\HarddiskVolume6\Program Files (x86)\Common Files
e8c.4b8: '\Device\HarddiskVolume6\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
e8c.4b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume6\Program Files\Oracle VM VirtualBox\VirtualBox.exe)
e8c.4b8: supR3HardNtEnableThreadCreation:
e8c.4b8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ac340 pvNtTerminateThread=00000000778d17e0
e8c.4b8: supR3HardenedWinDoReSpawn(1): New child 1768.958 [kernel32].
e8c.4b8: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffd7000 cbPeb=0x380
e8c.4b8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077880000 uNtDllChildAddr=0000000077880000
e8c.4b8: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=00000000778ac340 uNtTerminateThread=00000000778d17e0
e8c.4b8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ac340 pvNtTerminateThread=00000000778d17e0
e8c.4b8: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
VBoxStartup.log for 2nd VM:

Code: Select all

590.1c28: Log file opened: 4.3.16r95972 g_hStartupLog=0000000000000018 g_uNtVerCombined=0x611db110
590.1c28: Calling main()
590.1c28: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
590.1c28: SUPR3HardenedMain: Respawn #1
590.1c28: System32:  \Device\HarddiskVolume6\Windows\System32
590.1c28: WinSxS:    \Device\HarddiskVolume6\Windows\winsxs
590.1c28: ProgDir:   \Device\HarddiskVolume6\Program Files
590.1c28: ComDir:    \Device\HarddiskVolume6\Program Files\Common Files
590.1c28: ProgDir32: \Device\HarddiskVolume6\Program Files (x86)
590.1c28: ComDir32:  \Device\HarddiskVolume6\Program Files (x86)\Common Files
590.1c28: '\Device\HarddiskVolume6\Program Files\Oracle VM VirtualBox\VirtualBox.exe' has no imports
590.1c28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume6\Program Files\Oracle VM VirtualBox\VirtualBox.exe)
590.1c28: supR3HardNtEnableThreadCreation:
590.1c28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ac340 pvNtTerminateThread=00000000778d17e0
590.1c28: supR3HardenedWinDoReSpawn(1): New child 1bbc.1280 [kernel32].
590.1c28: supR3HardenedWinPurifyChild: PebBaseAddress=000007fffffde000 cbPeb=0x380
590.1c28: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077880000 uNtDllChildAddr=0000000077880000
590.1c28: supR3HardNtPuChTriggerInitialImageEvents: uLdrInitThunk=00000000778ac340 uNtTerminateThread=00000000778d17e0
590.1c28: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00000000778ac340 pvNtTerminateThread=00000000778d17e0
590.1c28: supR3HardNtPuChTriggerInitialImageEvents: mapping view of ntdll.dll[2nd]
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

Hi!

Test build #1: https://www.virtualbox.org/download/tes ... 47-Win.exe

This should address the following issues:
- Deadlock starting VMs that many avast users has reported.
- Exit on c:\windows\system32\comctl32.dll load.
- Log overlow issue.
- Ownership issue with comctl32.dll under WinSxS.
- More details on some VBoxDrvStub open errors.


Messages to individual users:
@cwahlgren, @intrepid_ibex, @danmac, @revere521, @ES: I've got a fix for you, please confirm / disprove. (Unfortunately I'm unable to reproduce it locally with avast!, which is sad as I'd like to notify the vendor of this issue.)

@derscherjm, @khg: Issue loading comctl32.dll. Please check out the test build and confirm / disprove the fix.

@dexter86: Very sorry about that. I though I'd implemented sufficent log throttling already. Please confirm that the test build no longer produces the ever growing log files.

@thor: Some ownership trouble with comctl32.dll (in WinSxS dir), I've relaxed the requirements so that should work. It's possible, though, that the ownership issue was caused by someone modifying the DLL. Please let me know how the new build works for you.

@RockyHorror, @mattsnowboard, @IvanPetrov: The driver isn't loaded, probably installer issue. Reboot may help. Reinstalling VBox may also. Checking the state using 'sc query vboxdrv' and try start it using 'sc start vboxdrv' (if applicable) can also help fix the issue.

@quiettime: The new build will gather some additional information regarding the issue. Would be great if you could try it out and provide the new VBoxStartup.log.

@limeroli: Still trying to reproduce this one...

@rnewman: Which TrendMicro product is that exactly? OfficeScan?

Enjoy,
bird.
Knut St. Osmundsen
Oracle Corporation
ES
Posts: 5
Joined: 2. Aug 2013, 12:28

Re: Windows 4.3.16 specifically for errors due to security

Post by ES »

@bird, strange that it can't be reproduced. I managed to upgrade avast! to 2014.9.0201 before I saw your post re: the new VirtualBox test version and it suffers from the same symptoms as when I had avast! v7.

Will shut down now, install VBox 4.3.17 build 96047 and let you know how it goes :)
numb3rs666
Posts: 22
Joined: 30. Dec 2013, 18:14

Re: Windows 4.3.16 specifically for errors due to security

Post by numb3rs666 »

Host Win 8.1 update 1 x64
Guest Win 8.1 update 1 x64

please see attached log file.

Thanks for all your efforts
Attachments
VBoxStartup_2.log
(69.46 KiB) Downloaded 65 times
VBoxStartup_1.log
(67.3 KiB) Downloaded 55 times
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: Windows 4.3.16 specifically for errors due to security

Post by bird »

numb3rs666 wrote:Host Win 8.1 update 1 x64
Guest Win 8.1 update 1 x64

please see attached log file.

Thanks for all your efforts
Looks like the comctl32.dll issue that the build I just posted should address. Could you give it a try, please?

Kind regards,
bird.
Knut St. Osmundsen
Oracle Corporation
IvanPetrov
Posts: 2
Joined: 11. Sep 2014, 19:46

Re: Windows 4.3.16 specifically for errors due to security

Post by IvanPetrov »

bird wrote:Hi!

Test build #1:VirtualBox-4.3.17-96047-Win.exe

Enjoy,
bird.
Hi!

I have installed 4.3.17

Now my problem NOT reproduced!

Thank you!
dexter86
Posts: 11
Joined: 17. Jul 2014, 11:35

Re: Windows 4.3.16 specifically for errors due to security

Post by dexter86 »

@bird
Thanks, it doesn't grow that much now, after 20 minutes it's just 400KB :)
Anunes
Posts: 71
Joined: 17. Jul 2014, 18:49

Re: Windows 4.3.16 specifically for errors due to security

Post by Anunes »

Host : Win 8.1 64-bit
AV: Avast Free
Firewall ; Windows native

VB 4.3.17 not working, error at start-up failed to create session.
VB 4.3.16 is working withou any issues. I noticed after uninstall and re-install, VB was not detecting Hardware Virtualization. After rebooting 2 times it detect it again
aparra
Posts: 2
Joined: 11. Sep 2014, 15:35

Re: Windows 4.3.16 specifically for errors due to security

Post by aparra »

VirtualBox: 4.3.17 r96047
Equipment: HP EliteBook 840
OS: Windows 7 Enterprise SP1 64bits
AV: Trend Micro OfficeScan 10.6.5193

Guest: Windows 7 SP 1 64bits
Windows 7 SP 1 32 bits
Knoppix 7.2 32 bits

ALL OF THEM WORK PROPERLY, NOT ANY PROBLEM ON VM INITIALIZATION!!!!!
ES
Posts: 5
Joined: 2. Aug 2013, 12:28

Re: Windows 4.3.16 specifically for errors due to security

Post by ES »

@bird

I can confirm that my VMs are working now with v4.3.17 r96047 on Windows 7 64-bit w/ SP1 and avast! anti-virus free v2014.9.0.2021. Thanks! :)
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: Windows 4.3.16 specifically for errors due to security

Post by socratis »

garbage_collected wrote:@socratis, I'm sorry but my issue does seem related. I was receiving an error when trying to start VirtualBox similar to the others. Did you remove my screenshots?
The first of your points had similar "symptoms" like the rest of the people in this thread. But, the rest 90% was about a generic problem with your host computer (quote: I couldn't start my browser). Please start a new thread. And no, I cannot remove your screenshots.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
revere521
Posts: 10
Joined: 23. Aug 2014, 14:56

Re: Windows 4.3.16 specifically for errors due to security

Post by revere521 »

bird wrote:Hi!

Test build #1: https://www.virtualbox.org/download/tes ... 47-Win.exe

This should address the following issues:
- Deadlock starting VMs that many avast users has reported.
- Exit on c:\windows\system32\comctl32.dll load.
- Log overlow issue.
- Ownership issue with comctl32.dll under WinSxS.
- More details on some VBoxDrvStub open errors.


Messages to individual users:
@cwahlgren, @intrepid_ibex, @danmac, @revere521, @ES: I've got a fix for you, please confirm / disprove. (Unfortunately I'm unable to reproduce it locally with avast!, which is sad as I'd like to notify the vendor of this issue.)

@bird - confirmed :) thanks sir!

Updated with test build, all tested VMs appear to work properly!!

I will continue to test and report back in the event something happens.

Thanks again!
quiettime
Posts: 32
Joined: 17. Jan 2013, 06:19

Re: Windows 4.3.16 specifically for errors due to security

Post by quiettime »

bird wrote:@quiettime: The new build will gather some additional information regarding the issue. Would be great if you could try it out and provide the new VBoxStartup.log
I installed VirtualBox-4.3.17-96047-Win.exe. Here is the dbgview message:

Code: Select all

vboxdrv: Error opening '\Sessions\1\Windows\ApiPort': 0xc0000024
vboxdrv: Declined 0000000000001b50 access to VBoxDrvStub: rc=-3739
[6992] Error -3739 in supR3HardenedWinReSpawn!
[6992] NtCreateFile(\Device\VBoxDrvStub) failed: VERR_SUPDRV_APIPORT_OPEN_ERROR
[6992] 
[6992] Error getting \Sessions\1\Windows\ApiPort in the driver from vboxdrv.
[6992] 
[6992] Could be due to security software is redirecting access to it, so please include full details of such software in a bug report. VBoxStartup.log may contain details important to resolving the issue.
I renamed my existing VBoxStartup.log and then attempted to start a VM which created a new 181KB VBoxStartup.log which I have attached to this post. Thanks for your help.
Attachments
VBoxStartup.zip
Win 7 x64, MBAM Pro 1.75 and VirtualBox-4.3.17-96047-Win.exe
(8.2 KiB) Downloaded 69 times
nightwend
Posts: 1
Joined: 12. Sep 2014, 02:40

Re: Windows 4.3.16 specifically for errors due to security

Post by nightwend »

I meet the error in start up issue in 4.3.14 and 4.3.16. I am on win7 32 bit.
I found my issue is related to WinVerifyTrust which is used to verify exe/dll signature. The reason why this problem is occurring is because of the mechanism used by the WinVerifyTrust to verify signed exe/dll. Part of the verification process requires an online look-up to check whether the certificate with which the file is signed has been revoked and is no longer valid. Windows does this by downloading a CRL (Certificate Revocation List). You may meet issue if you have issues in downloading the CRL.
You can disable CRL checking as a workaround by disabling this option in Internet Explorer. Use the following steps to disable the CRL checking in Internet Explorer:

Select Start»Control Panel .
Double-click Internet Options .
Select the Advanced tab.
In the Security section, uncheck the Check for publisher's certificate revocation option.

Developers can set WINTRUST_DATA.dwProvFlags to WTD_REVOCATION_CHECK_NONE or WTD_CACHE_ONLY_URL_RETRIEVAL.
Refer to msdn for WINTRUST_DATA for detail.
Gurvender.Bahia
Posts: 3
Joined: 26. Mar 2014, 11:32

Re: Windows 4.3.16 specifically for errors due to security

Post by Gurvender.Bahia »

Version 4.3.14 didn't work for me
Neither does v4.3.16

Error I'm getting now:
d30.cb0: Fatal error:
d30.cb0: supR3HardenedMainGetTrustedMain: LoadLibrary "D:\Downloads\delete\Portable-VirtualBox_v4.3.6-Starter_v6.4.9-Win_all\Portable-VirtualBox\app32/VirtualBox.dll" failed, rc=1790
e70.c74: supR3HardenedWinDoReSpawn(2): Quitting: ExitCode=0x1 rcNt=0x0
a18.f1c: supR3HardenedWinDoReSpawn(1): Quitting: ExitCode=0x1 rcNt=0x0

Attaching Screen Shot & two Startup Logs in Zipped format

///////////////////
Select Start»Control Panel .
Double-click Internet Options .
Select the Advanced tab.
In the Security section, uncheck the Check for publisher's certificate revocation option.

"This didn't help resolve the issue"
///////////////////
Attachments
errors_vBox_v4.3.16.zip
(258.51 KiB) Downloaded 72 times
Locked