Virtualbox 6.1.8 r137981
Windows 10 Build 18363
When starting a 64bit Ubuntu VM (named Ethereum) via the Virtualbox UI, I am getting hard to decipher hardening errors.
HyperV is disabled and all "guards" are disabled or uninstalled
Full log attached. Any help is appreciated. Thank you.
The virtual machine 'Ethereum' has terminated unexpectedly during startup with exit code 1 (0x1). More details may be available in 'C:\Users\joapp\VirtualBox VMs\Ethereum\Logs\VBoxHardening.log'.
Result Code:
E_FAIL (0x80004005)
Component:
MachineWrap
Interface:
IMachine {85632c68-b5bb-4316-a900-5eb28d3413df}
The details are attached in the log. Extract:
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13140000 'C:\WINDOWS\System32\msacm32.drv'
9c8.256c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9c8.256c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
9c8.256c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll)
9c8.256c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
9c8.256c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
9c8.256c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
9c8.256c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9c8.256c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9c8.256c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedDllNotificationCallback: load 00007ffe0f9f0000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe0f9f0000 'C:\WINDOWS\System32\midimap.dll'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe0f9f0000 'C:\WINDOWS\System32\midimap.dll'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe0f9f0000 'C:\WINDOWS\System32\midimap.dll'
9c8.256c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
9c8.256c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe0f9f0000 'C:\WINDOWS\System32\midimap.dll'
9c8.2e28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
9c8.2e28: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
9c8.2e28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f6c0000 'C:\WINDOWS\System32\MMDevApi.dll'
4384.994: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 5719 ms, the end);
VM startup terminates unexpectedly on Win10
VM startup terminates unexpectedly on Win10
- Attachments
-
- VBoxHardening.zip
- (11.23 KiB) Downloaded 9 times
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows, Linux
Re: VM startup terminates unexpectedly on Win10
To the best of my knowledge, Hyper-V does not cause hardening issues. It does cause some other problems...
See I have a 64bit host, but can't install 64bit guests.
There is a section on your error code 0x1. There isn't anything standing out in the log that I see, aside from all those [lacksWinVerifyTrust]s. One recent poster in a similar situation had extra 'protection' software from the PC's manufacturer running. This software didn't show up in the log but did cause the hardening issue, and removing it fixed the hardening problem. You'll need to use your imagination.
See I have a 64bit host, but can't install 64bit guests.
There is a section on your error code 0x1. There isn't anything standing out in the log that I see, aside from all those [lacksWinVerifyTrust]s. One recent poster in a similar situation had extra 'protection' software from the PC's manufacturer running. This software didn't show up in the log but did cause the hardening issue, and removing it fixed the hardening problem. You'll need to use your imagination.
-
fth0
- Volunteer
- Posts: 5690
- Joined: 14. Feb 2019, 03:06
- Primary OS: Mac OS X other
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Linux, Windows 10, ...
- Location: Germany
Re: VM startup terminates unexpectedly on Win10
Let me help you see it:scottgus1 wrote:There isn't anything standing out in the log that I see
There are a lot of cases like this in the forums, without a general solution, and many were never solved.VBoxHardening.log file wrote:23bc.22b0: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5) 23bc.22b0: Error relaunching VirtualBox VM process: 5 Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment Ethereum --startvm 8e7bdbdf-b4ef-4309-b73e-d0369affe551 --no-startvm-errormsgbox "--sup-hardening-log=C:\Users\joapp\VirtualBox VMs\Ethereum\Logs\VBoxHardening.log"'
For some reason unknown to me, the error message doesn't name the real executable, which could lead to the next step in analyzing the cause (the 3rdchild name is a constant name in VirtualBox for the Respawn #2). I once asked for an enhancement of the error message in an old Bugtracker entry, but got no response.