Please exclude virtualbox exe's by default to avoid breaking it

ramensoftware / windhawk

The customization marketplace for Windows programs: https://windhawk.net/

https://windhawk.net

GNU General Public License v3.0

1.06k stars 28 forks source link

Please exclude virtualbox exe's by default to avoid breaking it #135

Open soredake opened 7 months ago

soredake commented 7 months ago

I wasted a lot of time trying to understand why multipass stopped working, and not only me, there is five reports about this: https://github.com/ramensoftware/windhawk/issues/25 https://github.com/ramensoftware/windhawk/issues/39 https://github.com/ramensoftware/windhawk/issues/48 https://github.com/ramensoftware/windhawk/issues/87 https://github.com/ramensoftware/windhawk/issues/94

Virtualbox exe's should be excluded by default so people's time will not be wasted on trying to understand why virtualbox is not working anymore.

Processes that i've excluded to make virtualbox work again:

C:\Program Files\Oracle\VirtualBox\*
VirtualBox.exe
VBoxSDS.exe
VBoxSVC.exe
%ProgramFiles%\Oracle\VirtualBox\*

m417z commented 7 months ago

I'm not sure about adding it by default, as I believe that the conflict only happens in some configurations. For example, VirtualBox works fine on my computer with Windhawk. I'll keep your suggestion in mind and will watch for further user feedback.

BTW I believe that it's enough to add this path to the list, which covers the other items you listed:

%ProgramFiles%\Oracle\VirtualBox\*

soredake commented 7 months ago

For example, VirtualBox works fine on my computer with Windhawk.

Do you perhaps have 6.0.X branch of virtualbox installed? I remember that 6.0.48 version worked with windhawk, but 7.0.12 does not.

I'm not sure about adding it by default

Is there a reason to inject windhawk into a virtualbox exe's?

m417z commented 7 months ago

Do you perhaps have 6.0.X branch of virtualbox installed?

I have VirtualBox 7.0.6.

Is there a reason to inject windhawk into a virtualbox exe's?

Windhawk injects code into all processes. Here's an explanation for the reasoning: https://github.com/ramensoftware/windhawk/discussions/21#discussioncomment-3969594

soredake commented 7 months ago

I have VirtualBox 7.0.6.

Can you try fully uninstalling virtualbox, rebooting than installing latest (7.0.12) version of virtualbox with windhawk running and exe's not excluded? Multiple times i tried this virtualbox is installed without a driver when it's not excluded.

m417z commented 7 months ago

Maybe sometime later. In any case, regardless of the outcome, it won't change the status of the issue: VirtualBox has a compatibility issue with Windhawk, which is relevant only in some configurations.

According to issue #25:

My research suggests this failure is due to unsigned code injection being detected in the VM host process, so VirtualBox refuses to start the VM. This system is called "VM hardening" in VirtualBox.

If the above is correct, then there's no other fix other than excluding VirtualBox from the injection altogether.