Discussion of Problems due to Hardened Security

Discussions related to using VirtualBox on Windows hosts.

Re: Discussion of Problems due to Hardened Security

Postby rnewman » 16. Nov 2015, 22:37

Hello,
No go with the latest builds...

OS - Win7 Professional 64bit - SP1 (patched)
Trendmicro Office Scan - 11.0.4150 sp1

Virtualbox - 4.3.33-103933
Virtualbox - 5.0.11-104101

Screen shot and startup log attached.

I am happy to assist with debugging. Are there any switches or process that would provide additional diagnostic information?

Thanks,
Richard
Attachments
VirtualBox-4.3.33-103933.zip
(202.2 KiB) Downloaded 26 times
VirtualBox-5.0.11-104101.zip
(237.67 KiB) Downloaded 50 times
rnewman
 
Posts: 37
Joined: 11. Sep 2014, 19:58

Re: Discussion of Problems due to Hardened Security

Postby Giangi » 17. Nov 2015, 10:20

I have updated ticket 13292 for a NAT problem with Microsoft Forefront TMG server...
Giangi
 
Posts: 43
Joined: 13. Aug 2013, 09:15
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: XP, Seven, Win10

Re: Discussion of Problems due to Hardened Security

Postby von » 18. Nov 2015, 22:18

Hello, i hope i am posting this in the right place. Anyways i have stalled on my Windows 7 32bit Virtual box Version 5.0.10 r10406,that is the latest version and every time i try to start a virtual machine, i get the following error

Failed to open a session for the virtual machine VM SERVICE 1.
The virtual machine 'VM SERVICE 1' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\VALERIE\VirtualBox VMs\VM SERVICE 1\Logs\VBoxHardening.log'.
Result Code: E_FAIL (0x80004005)
Component: MachineWrap
Interface: IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
I am not really techie but i did try to fix it myself by using google and all but nothing worked. I have installed on my system, the AVG anti virus and the basic microsoft security essentials.

I have attached a copy of my logs
Attachments
VBoxHardening.rar
That's my log, i hope you guys can make sense of it. Thanks
(16.67 KiB) Downloaded 15 times
von
 
Posts: 3
Joined: 18. Nov 2015, 22:08

Re: Discussion of Problems due to Hardened Security

Postby Jack Yan » 18. Nov 2015, 23:23

Hi guys:

Here’s mine. I can’t remember what version I was on before, but I was happily using it on Windows 7. After the Windows 10 upgrade, I couldn’t even open VirtualBox. I upgraded to the latest version and now have an error with the hardening log attached.

1. Windows 10 Home version 1511, OS build 10586.3
2. Zipped log attached
3. McAfee Security Center for anti-virus and firewall
Attachments
VBoxHardening.zip
(3.35 KiB) Downloaded 23 times
Jack Yan
 
Posts: 10
Joined: 18. Nov 2015, 23:16

Re: Discussion of Problems due to Hardened Security

Postby doveman1 » 21. Nov 2015, 22:22

I'm running 4.3.12 with WIn7 guests but need to create a Win10 guest, so tried updating to 5.0.10. However with that, I couldn't boot either the new Win10 or my existing Win7 guests.

I tried all versions from 4.3.34 down to 4.3.24 and had the same problem. Only reinstalling 4.3.12 got my Win7 guest working again.

I've attached the VboxHardening.log from 5.0.10 when trying to boot the Win10 guest.

The host is Win8.1. The Vbox.log refers to DLLs from RadeonPro and MSI Afterburner. I'm running Avast Antivirus and Comodo Firewall (Firewall component only).

VBox.log wrote:00:00:02.504949 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.505020 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.505092 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=32 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.505123 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.541694 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.541741 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.541804 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=64 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.541864 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.606708 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.606760 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.606835 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=128 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.606865 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
00:00:02.833682 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_UNSUPPORTED_ARCH fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RadeonPro\AppProfiles64.dll
00:00:02.833733 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RadeonPro\AppProfiles64.dll' (C:\Program Files (x86)\RadeonPro\AppProfiles64.dll): rcNt=0xc0000190
00:00:02.833806 supR3HardenedErrorV: supR3HardenedScreenImage/LdrLoadDll: cached rc=VERR_LDRVI_NOT_SIGNED fImage=1 fProtect=0x0 fAccess=0x0 cHits=256 \Device\HarddiskVolume1\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
00:00:02.833837 supR3HardenedErrorV: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll' (C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll): rcNt=0xc0000190
Attachments
VBoxHardening.zip
(30.23 KiB) Downloaded 14 times
doveman1
 
Posts: 45
Joined: 13. Feb 2012, 08:23

Re: Discussion of Problems due to Hardened Security

Postby JonG » 27. Nov 2015, 17:44

OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r10461
VBoxHardening.log attached when trying to boot 64-bit LInux 2.6/3.x/4.x machine created by docker 1.9.1
Antivirus, firewall, etc: Bromium VSentry, McAfee Agent, McAfee VirusScan Enterprise

39b8.3a1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\privman64.dll [lacks WinVerifyTrust]
a2c.32e8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 77 ms, the end);
33c8.1fec: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 734 ms, the end);
Attachments
VBoxHardening.log
(84.46 KiB) Downloaded 17 times
JonG
 
Posts: 1
Joined: 27. Nov 2015, 17:36

Re: Discussion of Problems due to Hardened Security

Postby a.h.8 » 1. Dec 2015, 21:39

HW: Dell Precision M6400 mit Intel(R) Core(TM) 2 Duo CPU P8400 @ 2,26 GHz mit 8G RAM,
OS: Microsoft Windows 7 Professional 2, Service Pack 1, all recent patches
VB: Virtual Box 4.3.32r101610, Extension Pack 4.3.32-103443

I've been using VitualBox for quite a while now, starting at least from version 4.2.6. The version currently in use was 4.3.32. which suddenly stopped working this morning with a hardening problem. The only apparent change was an update of the anti virus software (AVIRA AntiVirus) to:

Produktversion 15.0.15.125 20.11.2015
Suchengine 8.03.34.82 25.11.2015
Virendefinitionsdatei 8.12.33.166 01.12.2015
Control Center 15.00.15.106 01.12.2015
Config Center 15.00.15.106 01.12.2015
Luke Filewalker 15.00.15.122 01.12.2015
Echtzeit-Scanner 15.00.15.106 01.12.2015
Filter 15.00.15.103 01.12.2015
Browser-Schutz 15.00.15.125 01.12.2015
Planer 15.00.15.106 01.12.2015
Updater 15.00.15.108 01.12.2015
Rootkits Schutz 15.00.15.103 01.12.2015
Local Decider 15.00.15.106 01.12.2015

After the required reboot none of the virtual machines could be started. I upgraded to version 4.3.34 and 5.0.10. The error messages changed a little, but the problem persisted. I couldn't find a “supR3HardenedError“ in the log files (one of the logs is attached) but a few “lacks WinVerifyTrust” errors. So I removed KB3004394, KB3045999 and KB308132, which were all installed, but it didn't help either. Only downgrading to 4.3.12 allowed to run virtual machines again.

By the way, is there a chance that this issue is solved in the near future, one way or another, because sticking to an old version can hardly be a permanent solution?
Attachments
VBoxHardening.log.zip
(18.48 KiB) Downloaded 15 times
a.h.8
 
Posts: 3
Joined: 1. Dec 2015, 20:54

Re: Discussion of Problems due to Hardened Security

Postby bwalog6 » 1. Dec 2015, 22:09

(pending deletion)
Last edited by bwalog6 on 2. Dec 2015, 12:18, edited 1 time in total.
bwalog6
 
Posts: 5
Joined: 1. Dec 2015, 20:51

Re: Discussion of Problems due to Hardened Security

Postby paia » 2. Dec 2015, 01:37

Same problem here. Also Avira updated today.

HW: i7-4770, VT-D/VT-x enabled, 16 GB RAM,
Host OS: Windows 7 Enterprise, SP1, 64-bit
Virtual Box: 5.0.10 r104061

err1.PNG
err1.PNG (11.21 KiB) Viewed 5429 times


Code: Select all   Expand viewCollapse view
The virtual machine 'win10' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'E:\VirtualBox\win10\Logs\VBoxHardening.log'.
Návratový kód:
E_FAIL (0x80004005)
Komponenta:
MachineWrap
Rozhraní:
IMachine {f30138d4-e5ea-4b3a-8858-a059de4c93fd}
Attachments
Logs.zip
(31.81 KiB) Downloaded 20 times
paia
 
Posts: 5
Joined: 2. Dec 2015, 01:10
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows 10, Centos 7, Ubuntu 14, Kali Linux

Re: Discussion of Problems due to Hardened Security

Postby paia » 2. Dec 2015, 01:57

Avira Antivirus uninstallled and all guests are working again!
paia
 
Posts: 5
Joined: 2. Dec 2015, 01:10
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Windows 10, Centos 7, Ubuntu 14, Kali Linux

Re: Discussion of Problems due to Hardened Security

Postby Nessi » 2. Dec 2015, 11:10

paia wrote:Avira Antivirus uninstallled and all guests are working again!

Ran into this problem today. As of 2015-12-01 it was still working. And unfortunately, paia's "solution" solved it for me, too.

Any other solution? It's not really an option... uninstalling AntiVirus software...
Nessi
 
Posts: 3
Joined: 2. Dec 2015, 11:08

Re: Discussion of Problems due to Hardened Security

Postby mpack » 2. Dec 2015, 11:36

Nessi wrote:Any other solution? It's not really an option... uninstalling AntiVirus software...

Sure it is. There's plenty of other AV suppliers out there, assuming resident AV is needed at all.
mpack
Site Moderator
 
Posts: 30061
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Discussion of Problems due to Hardened Security

Postby bwalog6 » 2. Dec 2015, 12:06

(pending deletion)
Last edited by bwalog6 on 2. Dec 2015, 12:18, edited 2 times in total.
bwalog6
 
Posts: 5
Joined: 1. Dec 2015, 20:51

Re: Discussion of Problems due to Hardened Security

Postby michaln » 2. Dec 2015, 12:11

bwalog6 wrote:VirtualBox had aborted a saved VM most of the time after restoring it, so there was hardly a point saving VM state, and instead I needed to reboot the guest every time.

If you report that with logs and crash dumps, it will get fixed. If you don't, it probably won't.
michaln
Oracle Corporation
 
Posts: 2962
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all

Re: Discussion of Problems due to Hardened Security

Postby bwalog6 » 2. Dec 2015, 12:16

I wasn't complaining about a lack of response on that one. But if it's a touchy subject, I'll just leave you to it.
bwalog6
 
Posts: 5
Joined: 1. Dec 2015, 20:51

PreviousNext

Return to VirtualBox on Windows Hosts

Who is online

Users browsing this forum: No registered users and 30 guests