[SOLVED] MBAE with BitDefender conflict with Chrome

[pbust]

As an update, conflict seems to be mostly under W7x64 and located with the BitDefender config (Antivirus -> Active Virus Control) and with:
C:\Program Files\Bitdefender\Bitdefender 2015\Active Virus Control\Avc3_00248_002\avcuf32.dll

Disabling Active Virus Control seems to resolve the conflict.

We're still looking into this. Please stay tuned.
 

[madman242]

I can confirm this behaviour. Since upgrading my beta version to 1.03.1.1220 yesterday, Chrome will not load any pages, not even settings. If I turn off Bitdefender active virus control, Chrome functions normally.

[pbust]

Thanks for confirming and welcome to the forum madman242.

 

There seems to be some type of conflict in the new DLL hooking from BitDefender. We'll contact them to see if they can resolve it in their end.

 

If any of you have the time, please do report this to BitDefender support/forum so they are aware that it is affecting common users.

[madman242]

If any of you have the time, please do report this to BitDefender support/forum so they are aware that it is affecting common users.

 

Done.

[liffeywater]

I have this problem, and do not use BitDefender.  W7x64.  DDS log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.17207

Run by user at 20:35:25 on 2014-07-23

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.1029 [GMT -4:00]

.

AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\Hpservice.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files\Sandboxie\SandboxieRpcSs.exe

C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files\Sandboxie\32\SbieSvc.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Program Files\Sandboxie\SandboxieCrypto.exe

C:\Windows\explorer.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = C:\Windows\System32\userinit.exe

BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} -

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [EMET 4.1 Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"

mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

StartupFolder: C:\Users\user\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{808A5CE5-A672-4815-AA53-0BB241085B8A} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{808A5CE5-A672-4815-AA53-0BB241085B8A}\2656C6B696E6E2661683 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{808A5CE5-A672-4815-AA53-0BB241085B8A}\C696E6B6379737 : DHCPNameServer = 65.24.7.10 65.24.7.11

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

x64-DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab

x64-DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\jwdlefhn.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: !HIDDEN! 2013-06-11 00:22; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-3-4 78976]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-3-4 38528]

R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-9-17 62136]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-23 283200]

R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-9-17 239320]

R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-9-17 44120]

R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2014-7-22 62392]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-8-30 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-9-12 1337752]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]

R2 hmpalert;HitmanPro.Alert Support Driver;C:\Windows\System32\drivers\hmpalert.sys [2013-11-6 93144]

R2 hmpalertsvc;HitmanPro.Alert Service;C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2013-11-6 1876816]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-8-30 2375168]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-18 87168]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-30 46136]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-18 188544]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-23 122584]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]

R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2013-7-1 22600]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-8-30 337512]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-5-29 185352]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-8-30 47232]

S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/29 22:08:48;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-8 111616]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

.

=============== File Associations ===============

.

FileExt: .pif: piffile="C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %*

FileExt: .scr: scrfile="C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" /S %*

ShellExec: dotPeek.exe: Open="C:\Program Files (x86)\JetBrains\dotPeek\v1.1\Bin\dotPeek32.exe" "%1"

.

=============== Created Last 30 ================

.

2014-07-24 00:10:05 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-07-24 00:09:44 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-07-24 00:09:44 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys

2014-07-24 00:09:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-23 23:21:56 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8278D42F-90A4-4293-9C48-E815097EFD61}\offreg.dll

2014-07-23 20:14:51 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8278D42F-90A4-4293-9C48-E815097EFD61}\mpengine.dll

2014-07-22 20:22:01 -------- d-----w- C:\ProgramData\Malwarebytes Anti-Exploit

2014-07-22 20:21:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Exploit

2014-07-18 03:12:54 -------- d-----w- C:\Users\user\AppData\Roaming\IDT

2014-07-09 02:55:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll

2014-07-09 02:14:13 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll

2014-07-09 02:13:26 -------- d-----w- C:\AdwCleaner

2014-06-26 20:36:59 -------- d-----w- C:\ProgramData\Foolish IT

2014-06-24 23:52:31 -------- d-----w- C:\Users\user\AppData\Roaming\MoreTerra

.

==================== Find3M ====================

.

2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll

2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll

2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll

2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll

2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll

2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll

2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll

2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll

2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll

2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe

2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe

2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys

2014-06-11 19:20:07 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-06-11 19:20:06 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll

2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll

2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll

2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll

2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll

2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll

2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll

2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll

2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll

2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll

2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll

2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll

2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2014-05-12 11:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll

2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

.

============= FINISH: 20:38:27.40 ===============

[pbust]

Hi liffeywater, thanks for posting and welcome to the forum.

 

The problem you have is a bit different (although related) and it's due to the conflict with Hitmanpro.alert which you seem to have installed. This is a Known Issue with MBAE.

[liffeywater]

Thank you! I see it has issues with EMET as well. Is this something likely to be resolved in future releases, or is it probable it will persist due to the similar functionalities?

[madman242]

Thank you! I see it has issues with EMET as well. Is this something likely to be resolved in future releases, or is it probable it will persist due to the similar functionalities?

 

I for one am hoping so. The beta version didn't have this issue.

[pbust]

Yes, we're working on making MBAE compatible with other similar software. No promises yet, just starting to look into it.

[MakkeOnMies]

oh i was not only one with this issue should have come to forums earlier it seems...

• win7 64bit home premium
• bitdefender total security
• mbae free version

do you still need some logs conserning this issue or you got all information you need?

[Msilverhammer]

I followed the request of the MBAE staff, and I uninstalled my BitDefender antivirus program.

 

I then activated the MBAE program, and even when BitDefender was not even installed, Chrome and Opera would not load at all.

 

I then deactivated MBAE, and lo and behold both Chrome and Opera loaded properly.

 

I repeated the process several time, same result.

 

I don't see any evidence that BitDefender is the problem here.

 

It seems obvious, based upon my evaluation, that MBAE is actually the problem.

 

MBAE worked fine, up until July 19th or so.

 

I don't know what occurred to casuse the problem, but let's move away from BitDefender as the cause of this issue.

 

Unless I don't want to use Chrome or Opera, I will have to deactivate MBAE for the foreseeable future.

 

Waiting for the proper solution...Msilverhammer

[pbust]

Thanks for post @MakkeOnMies, no need for logs, we already have the issue identified.

 

@Msilverhammer, did you reboot after uninstalling BitDefender? Some components might still be running right after uninstall and not be completely gone until after a reboot. If you did reboot and the problem persists, can you please attach here a DDS or FRST log? Thanks!

[dave7933]

I had to uninstall MBAE Premium on both of my PCs. Things run normally now. If this is not resolved fairly soon I would like a refund. I am glad Chrome works again after a lot of wasted time but now I have spent $ on a Program I cannot use. Standing by for more updates. Still running MBAM Premium with no issues along with Bitdefender 2015 Total Security.

[dave7933]

I should say I run MBAM but only for scans and website protection. Live protection along with BitDefender gives the PC fits!

[pbust]

Hi Dave, we're working on resolving the conflict but it won't be something very short term. If you can hang on by disabling the Chrome shield within MBAE that would be the better alternative as you'd still be protected from Java and other exploits.

[remazz]

For several days, when I tried to open Chrome, I'd get this message:

Page(s) Unresponsive. The following page(s) have become unresponsive..."Untitled"    Kill pages Wait,

"Kill" and "Wait" had no effect.

I tried a number of fixes from the web, finally had a technician come to my PC (using Windows 7).

After almost an hour, he hadn't cured the problem. He asked if I'd installed any programs recently. Yes, Anti-Exploit Free. He turned off Anti-Exploit. Problem solved, Chrome/Google worked normally. Anti-Exploit was free. Removing the problem it caused cost $100.

[pbust]

Sorry to hear about that.

 

Can you please post a DDS or FRST log to see what is interfering with Anti-Exploit and Chrome? Possibilities might be either EMET or BitDefender.

 

Btw merging this post with the existing thread.

[BUdmanNC]

pbust, don't forget me. I'm not running BitDefender or EMET. I still have the same problem with Chrome as these others in this thread.

[pbust]

Sorry forgot to answer your issue, thanks for reminding me.

In your case according to the logs the conflict seems due to having both HitmanPro and MBAE. The root of the conflict is very similar in both cases (hmp and BitDefender) and we're already looking for a solution.

[BUdmanNC]

Sorry forgot to answer your issue, thanks for reminding me.

In your case according to the logs the conflict seems due to having both HitmanPro and MBAE. The root of the conflict is very similar in both cases (hmp and BitDefender) and we're already looking for a solution.

Okay. I uninstalled the free version of HitMan Pro. It was set to scan at start up. I seldom reboot this desktop. I uninstalled HitMan Pro and tried to open Chrome. Same behavior. I then shut down the desktop and then booted up the desktop. I searched and can not find any traces of HitMan Pro. I tried opening Chrome. Same behavior as before. Chrome never finishes loading and states not responding. If I "Stop Protection" in MBAE I can then open Chrome correctly.

 

I don't think HitMan Pro is my problem either.

[puff_m_d]

Hello BUdmanNC,

 

I use HitmanPro and do not have any issues and am not aware of any issues being reported about using it with MBAE. I think Pedro meant to post "HitmanPro.Alert" which is a different product that the HMP scanner (and ATM there are conflicts with the "Alert" product).

[BUdmanNC]

Hello BUdmanNC,

 

I use HitmanPro and do not have any issues and am not aware of any issues being reported about using it with MBAE. I think Pedro meant to post "HitmanPro.Alert" which is a different product that the HMP scanner (and ATM there are conflicts with the "Alert" product).

Yes, but in my case I've never had Hitman Pro Alert installed. I'm aware of that conflict. Since he stated "In your case according to the logs the conflict seems due to having both HitmanPro and MBAE. The root of the conflict is very similar in both cases (hmp and BitDefender) and we're already looking for a solution. " I decide to uninstall Hitman Pro and see if that also was causing a problem with MBAE since that was news to me. Now we know.

[pbust]

Thanks for the updated info BUdmanNC. Going to take a closer looks at your logs from above.

[pbust]

Can you post (or PM) a listing of installed Google Chrome extensions?

[BUdmanNC]

The new free version seems to have fixed the problem with Chrome.