search

ramensoftware / windhawk

The customization marketplace for Windows programs: https://windhawk.net/
https://windhawk.net
GNU General Public License v3.0
2.16k stars 70 forks source link

Please exclude virtualbox exe's by default to avoid breaking it #135

Open soredake opened 1 year ago

soredake commented 1 year ago

I wasted a lot of time trying to understand why multipass stopped working, and not only me, there is five reports about this: https://github.com/ramensoftware/windhawk/issues/25 https://github.com/ramensoftware/windhawk/issues/39 https://github.com/ramensoftware/windhawk/issues/48 https://github.com/ramensoftware/windhawk/issues/87 https://github.com/ramensoftware/windhawk/issues/94

Virtualbox exe's should be excluded by default so people's time will not be wasted on trying to understand why virtualbox is not working anymore.

Processes that i've excluded to make virtualbox work again:

C:\Program Files\Oracle\VirtualBox\*
VirtualBox.exe
VBoxSDS.exe
VBoxSVC.exe
%ProgramFiles%\Oracle\VirtualBox\*
m417z commented 12 months ago

I'm not sure about adding it by default, as I believe that the conflict only happens in some configurations. For example, VirtualBox works fine on my computer with Windhawk. I'll keep your suggestion in mind and will watch for further user feedback.

BTW I believe that it's enough to add this path to the list.

Edit: For future visitors, it's enough to add the VirtualBox installation path to the exclusion list in Windhawk's settings. The installation path is ususally:

%ProgramFiles%\Oracle\VirtualBox\*

https://github.com/user-attachments/assets/4595ba36-a0f2-4101-9c6f-d0009fb30680

soredake commented 12 months ago

For example, VirtualBox works fine on my computer with Windhawk.

Do you perhaps have 6.0.X branch of virtualbox installed? I remember that 6.0.48 version worked with windhawk, but 7.0.12 does not.

I'm not sure about adding it by default

Is there a reason to inject windhawk into a virtualbox exe's?

m417z commented 12 months ago

Do you perhaps have 6.0.X branch of virtualbox installed?

I have VirtualBox 7.0.6.

Is there a reason to inject windhawk into a virtualbox exe's?

Windhawk injects code into all processes. Here's an explanation for the reasoning: https://github.com/ramensoftware/windhawk/discussions/21#discussioncomment-3969594

soredake commented 12 months ago

I have VirtualBox 7.0.6.

Can you try fully uninstalling virtualbox, rebooting than installing latest (7.0.12) version of virtualbox with windhawk running and exe's not excluded? Multiple times i tried this virtualbox is installed without a driver when it's not excluded.

m417z commented 12 months ago

Maybe sometime later. In any case, regardless of the outcome, it won't change the status of the issue: VirtualBox has a compatibility issue with Windhawk, which is relevant only in some configurations.

According to issue #25:

My research suggests this failure is due to unsigned code injection being detected in the VM host process, so VirtualBox refuses to start the VM. This system is called "VM hardening" in VirtualBox.

If the above is correct, then there's no other fix other than excluding VirtualBox from the injection altogether.