Discussion of Problems due to Hardened Security

Discussions related to using VirtualBox on Windows hosts.
Locked
rnewman
Posts: 37
Joined: 11. Sep 2014, 19:58

Re: Discussion of Problems due to Hardened Security

Post by rnewman »

Hello,
No go with the latest builds...

OS - Win7 Professional 64bit - SP1 (patched)
Trendmicro Office Scan - 11.0.4150 sp1

Virtualbox - 4.3.33-103933
Virtualbox - 5.0.11-104101

Screen shot and startup log attached.

I am happy to assist with debugging. Are there any switches or process that would provide additional diagnostic information?

Thanks,
Richard
Attachments
VirtualBox-4.3.33-103933.zip
(202.2 KiB) Downloaded 46 times
VirtualBox-5.0.11-104101.zip
(237.67 KiB) Downloaded 73 times
Giangi
Posts: 43
Joined: 13. Aug 2013, 09:15
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: XP, Seven, Win10

Re: Discussion of Problems due to Hardened Security

Post by Giangi »

I have updated ticket 13292 for a NAT problem with Microsoft Forefront TMG server...
von
Posts: 3
Joined: 18. Nov 2015, 22:08

Re: Discussion of Problems due to Hardened Security

Post by von »

Hello, i hope i am posting this in the right place. Anyways i have stalled on my Windows 7 32bit Virtual box Version 5.0.10 r10406,that is the latest version and every time i try to start a virtual machine, i get the following error

Failed to open a session for the virtual machine VM SERVICE 1.
The virtual machine 'VM SERVICE 1' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\VALERIE\VirtualBox VMs\VM SERVICE 1\Logs\VBoxHardening.log'.
Result Code: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
I am not really techie but i did try to fix it myself by using google and all but nothing worked. I have installed on my system, the AVG anti virus and the basic microsoft security essentials.

I have attached a copy of my logs
Attachments
VBoxHardening.rar
That's my log, i hope you guys can make sense of it. Thanks
(16.67 KiB) Downloaded 35 times
Jack Yan
Posts: 10
Joined: 18. Nov 2015, 23:16

Re: Discussion of Problems due to Hardened Security

Post by Jack Yan »

Hi guys:

Here’s mine. I can’t remember what version I was on before, but I was happily using it on Windows 7. After the Windows 10 upgrade, I couldn’t even open VirtualBox. I upgraded to the latest version and now have an error with the hardening log attached.

1. Windows 10 Home version 1511, OS build 10586.3
2. Zipped log attached
3. McAfee Security Center for anti-virus and firewall
Attachments
VBoxHardening.zip
(3.35 KiB) Downloaded 45 times
doveman1
Posts: 45
Joined: 13. Feb 2012, 08:23

Re: Discussion of Problems due to Hardened Security

Post by doveman1 »

I'm running 4.3.12 with WIn7 guests but need to create a Win10 guest, so tried updating to 5.0.10. However with that, I couldn't boot either the new Win10 or my existing Win7 guests.

I tried all versions from 4.3.34 down to 4.3.24 and had the same problem. Only reinstalling 4.3.12 got my Win7 guest working again.

I've attached the VboxHardening.log from 5.0.10 when trying to boot the Win10 guest.

The host is Win8.1. The Vbox.log refers to DLLs from RadeonPro and MSI Afterburner. I'm running Avast Antivirus and Comodo Firewall (Firewall component only).
VBox.log wrote: 00:00:02.504949 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.505020 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.505092 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.505123 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.541694 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.541741 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.541804 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.541864 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.606708 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.606760 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.606835 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.606865 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.833682 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.833733 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.833806 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.833837 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
Attachments
VBoxHardening.zip
(30.23 KiB) Downloaded 32 times
JonG
Posts: 1
Joined: 27. Nov 2015, 17:36

Re: Discussion of Problems due to Hardened Security

Post by JonG »

OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r10461
VBoxHardening.log attached when trying to boot 64-bit LInux 2.6/3.x/4.x machine created by docker 1.9.1
Antivirus, firewall, etc: Bromium VSentry, McAfee Agent, McAfee VirusScan Enterprise
39b8.3a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\privman64.dll [lacks WinVerifyTrust]
a2c.32e8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 77 ms, the end);
33c8.1fec: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 734 ms, the end);
Attachments
VBoxHardening.log
(84.46 KiB) Downloaded 39 times
a.h.8
Posts: 3
Joined: 1. Dec 2015, 20:54

Re: Discussion of Problems due to Hardened Security

Post by a.h.8 »

HW: Dell Precision M6400 mit Intel(R) Core(TM) 2 Duo CPU P8400 @ 2,26 GHz mit 8G RAM,
OS: Microsoft Windows 7 Professional 2, Service Pack 1, all recent patches
VB: Virtual Box 4.3.32r101610, Extension Pack 4.3.32-103443

I've been using VitualBox for quite a while now, starting at least from version 4.2.6. The version currently in use was 4.3.32. which suddenly stopped working this morning with a hardening problem. The only apparent change was an update of the anti virus software (AVIRA AntiVirus) to:

Produktversion 15.0.15.125 20.11.2015
Suchengine 8.03.34.82 25.11.2015
Virendefinitionsdatei 8.12.33.166 01.12.2015
Control Center 15.00.15.106 01.12.2015
Config Center 15.00.15.106 01.12.2015
Luke Filewalker 15.00.15.122 01.12.2015
Echtzeit-Scanner 15.00.15.106 01.12.2015
Filter 15.00.15.103 01.12.2015
Browser-Schutz 15.00.15.125 01.12.2015
Planer 15.00.15.106 01.12.2015
Updater 15.00.15.108 01.12.2015
Rootkits Schutz 15.00.15.103 01.12.2015
Local Decider 15.00.15.106 01.12.2015

After the required reboot none of the virtual machines could be started. I upgraded to version 4.3.34 and 5.0.10. The error messages changed a little, but the problem persisted. I couldn't find a “supR3HardenedError“ in the log files (one of the logs is attached) but a few “lacks WinVerifyTrust” errors. So I removed KB3004394, KB3045999 and KB308132, which were all installed, but it didn't help either. Only downgrading to 4.3.12 allowed to run virtual machines again.

By the way, is there a chance that this issue is solved in the near future, one way or another, because sticking to an old version can hardly be a permanent solution?
Attachments
VBoxHardening.log.zip
(18.48 KiB) Downloaded 31 times
bwalog6
Posts: 5
Joined: 1. Dec 2015, 20:51

Re: Discussion of Problems due to Hardened Security

Post by bwalog6 »

(pending deletion)
Last edited by bwalog6 on 2. Dec 2015, 12:18, edited 1 time in total.
paia
Posts: 5
Joined: 2. Dec 2015, 01:10
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10, Ubuntu

Re: Discussion of Problems due to Hardened Security

Post by paia »

Same problem here. Also Avira updated today.

HW: i7-4770, VT-D/VT-x enabled, 16 GB RAM,
Host OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r104061
err1.PNG
err1.PNG (11.21 KiB) Viewed 11078 times

Code: Select all

The virtual machine 'win10' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'E:\VirtualBox\win10\Logs\VBoxHardening.log'.
Návratový kód: 
E_FAIL (0x80004005)
Komponenta: 
MachineWrap
Rozhraní: 
IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
Attachments
Logs.zip
(31.81 KiB) Downloaded 41 times
paia
Posts: 5
Joined: 2. Dec 2015, 01:10
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10, Ubuntu

Re: Discussion of Problems due to Hardened Security

Post by paia »

Avira Antivirus uninstallled and all guests are working again!
Nessi
Posts: 3
Joined: 2. Dec 2015, 11:08

Re: Discussion of Problems due to Hardened Security

Post by Nessi »

paia wrote:Avira Antivirus uninstallled and all guests are working again!
Ran into this problem today. As of 2015-12-01 it was still working. And unfortunately, paia's "solution" solved it for me, too.

Any other solution? It's not really an option... uninstalling AntiVirus software...
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Discussion of Problems due to Hardened Security

Post by mpack »

Nessi wrote:Any other solution? It's not really an option... uninstalling AntiVirus software...
Sure it is. There's plenty of other AV suppliers out there, assuming resident AV is needed at all.
bwalog6
Posts: 5
Joined: 1. Dec 2015, 20:51

Re: Discussion of Problems due to Hardened Security

Post by bwalog6 »

(pending deletion)
Last edited by bwalog6 on 2. Dec 2015, 12:18, edited 2 times in total.
michaln
Oracle Corporation
Posts: 2973
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all
Contact:

Re: Discussion of Problems due to Hardened Security

Post by michaln »

bwalog6 wrote:VirtualBox had aborted a saved VM most of the time after restoring it, so there was hardly a point saving VM state, and instead I needed to reboot the guest every time.
If you report that with logs and crash dumps, it will get fixed. If you don't, it probably won't.
bwalog6
Posts: 5
Joined: 1. Dec 2015, 20:51

Re: Discussion of Problems due to Hardened Security

Post by bwalog6 »

I wasn't complaining about a lack of response on that one. But if it's a touchy subject, I'll just leave you to it.
Locked