4.3.20 rejecting crypt32.dll after Windows patchday

Discussions related to using VirtualBox on Windows hosts.
Locked
sunboy
Posts: 9
Joined: 23. Jul 2014, 13:02

4.3.20 rejecting crypt32.dll after Windows patchday

Post by sunboy »

Hello

none on my VMs can't be started anymore after I applied newest MS patch

after that i can read in VMstart.log:

Vbox: 4.3.20r96997

Code: Select all

209c.2320: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
209c.2320: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
209c.2320: Error (rc=0):

209c.2320: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=5 \Device\HarddiskVolume2\Windows\System32\crypt32.dll
209c.2320: Error (rc=0):

209c.2320: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Windows\system32\crypt32.dll' (C:\Windows\system32\crypt32.dll): rcNt=0xc0000190
209c.2320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Windows\system32\crypt32.dll'
209c.2320: Fatal error:
209c.2320: Error loading 'crypt32.dll': 1790 [C:\Windows\system32\crypt32.dll]

a48.21fc: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 344 ms, the end);
1c20.1240: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 952 ms, the end);

Code: Select all

 C:\Windows\system32
30.10.2014  03:04         1.480.192 crypt32.dll 
SHA256: 	ea3528028bf82a5d025c25633a5ddd6b71aaa0c1333aa9532a2ca711a8fe89e8
i am using Windows 7 pro 64bit and Trendmicro Office scan
sunboy
Posts: 9
Joined: 23. Jul 2014, 13:02

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by sunboy »

I uninstall KB3004394 (which had installed the new root root certificates with crypt32.dll Version 6.1.7601.18648)

Now Virtual Machines can be started again, but the entire system seems to be very slow/like under heavy load.

See
"December 2014 update for Windows Root Certificate ..."
https://support.microsoft.com/kb/3004394

There seems to be a general problem with kb3004394...?
ptmcg
Posts: 1
Joined: 10. Dec 2014, 21:17

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by ptmcg »

I had updated to 4.3.20 after the KB install, trying to get things working. So after uninstalling the KB, I also un/reinstalled VB 4.3.20 - now VMs are all running again.

Not detecting any sluggishness tho.
bird
Oracle Corporation
Posts: 127
Joined: 10. May 2007, 10:27

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by bird »

Just to repeat current analysis of the problem ( https://www.virtualbox.org/ticket/13677#comment:6 ):

From what I can tell, the KB3004394 update does not install a catalog file on 64-bit windows 7. It does on Windows 8.1 (C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1_for_KB3004394~31bf3856ad364e35~amd64~~6.3.1.0.cat), so VBox works fine there.

The result of the missing .cat file is that VBox (nor SysInternal's SigCheck.exe for that matter) is not able to verify the authenticity of c:\windows\system32\crypt32.dll and wintrust.dll. If we cannot find any valid signature for the files, we have to assume that they have been tampered with and are forced to abort application loading. These two dlls are important for validating other components, so there is absolutely no way we can ignore this.

Until Microsoft (hopefully) fixes the KB3004394 update on Windows 7, the only solution is to revert/uninstall it.

--bird
Knut St. Osmundsen
Oracle Corporation
david.90
Posts: 1
Joined: 11. Dec 2014, 07:12

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by david.90 »

Good Evening,

I also encountered this issue after Windows Update ran and installed the KB update.
I am in the midst of un-installing the KB update now.

Thank you all for your input.
Poema
Posts: 1
Joined: 11. Dec 2014, 10:09

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by Poema »

THANKS,

I've had the same problem and this forum saved my live (work)
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by socratis »

For your own information, I tried to update an almost up-to-date Windows machine and it seems that Microsoft has pulled KB3004394 from its updates (yesterday there were 11 updates, today 10; guess who's missing ;) ). It appears that there have been major issues with it, not just VirtualBox. For example. see Botched KB 3004394 triggers error messages, but no response from Microsoft.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
johnroberts
Posts: 2
Joined: 25. Dec 2010, 19:35
Primary OS: openSUSE
VBox Version: PUEL
Guest OSses: WindowsXP, Linux various

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by johnroberts »

I can confirm the same issue on Windows 7 Pro/32 bit. The usual Microsoft FUBAR :? .
sunboy
Posts: 9
Joined: 23. Jul 2014, 13:02

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by sunboy »

KB3004394 is back again for download.

To fix the problem just rerun Windows Update and reboot.
wharrell
Posts: 1
Joined: 11. Dec 2014, 17:47

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by wharrell »

This is the exact problem I was experiencing after applying Microsoft patches. I removed KB3004294 and re-installed 4.3.20 just to be safe. It resolved my issue.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by socratis »

sunboy wrote:KB3004394 is back again for download.
No it is not. Microsoft pulled it. Just checked and it's not available in the Windows Update.
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
GranoblasticMan
Posts: 1
Joined: 11. Dec 2014, 21:12

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by GranoblasticMan »

I wonder if someone should tell Microsoft about this "new" software QA idea called "regression testing"...
michaln
Oracle Corporation
Posts: 2973
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all
Contact:

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by michaln »

There is now http://support.microsoft.com/kb/3024777 which ought to fix the affected systems.
Wiccio
Posts: 1
Joined: 24. May 2019, 17:27
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: MS Windows 7
Location: Italy

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by Wiccio »

sunboy wrote:I uninstall KB3004394 (which had installed the new root root certificates with crypt32.dll Version 6.1.7601.18648)

Now Virtual Machines can be started again, but the entire system seems to be very slow/like under heavy load.
How did you uninstall the update if the VM doesn't start? Perhaps you mean that you have uninstalled it from the local PC that hosts the VM? In that case, I don't have this KB3004394 on my PC.

Finally, fortunately, I solved by launching an sfc / scannow in the local PC that hosts the VM, which found problems on the VirtualBox's dlls and which I therefore repaired using the code dism /Online /Cleanup-Image /RestoreHealth.
socratis
Site Moderator
Posts: 27330
Joined: 22. Oct 2010, 11:03
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5
Location: Greece

Re: 4.3.20 rejecting crypt32.dll after Windows patchday

Post by socratis »

Wiccio wrote:How did you uninstall the update if the VM doesn't start?
I highly doubt that you're going to receive an answer from a 2014 thread, that's why I'm going to lock this thread and send it with its other zombie buddies back to oblivion. 4.3.20 is way too old to have a diagnosis after so many years...
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Locked