Jump to content

ESET IS 11.2.63 HIPS is blocking execution of Chrome 69


Recommended Posts

Chrome 68 worked fine but now once chrome updated to 69 I started to get 0x000005 execution error.  I have gone through everything in my system in terms of security disabling and enabling and the only thing that works i.e. allows Chrome to execute is Disabling Eset HIPS.

The HIPS has to be fully disabled.   I have tried partial disable of Script Blocking (reboot), Self Defense (reboot) etc etc I have even created a custom rule allowing the chrome EXE full access to Applications, Registry etc and nothing works.

I hate running without HIPS and especially the self defense module of ESET.  Running without those is disabling about 50% of ESET defenses especially against crypto and script based attacks.  

 

 

Link to comment
Share on other sites

36 minutes ago, GrammatonClerick said:

Chrome 68 worked fine but now once chrome updated to 69 I started to get 0x000005 execution error. 

This can be caused by a number of sources: https://productforums.google.com/forum/#!topic/chrome/2Ja3SxflDxw .

Edited by itman
Link to comment
Share on other sites

True it could be however this is the only consistent event across 4 of my systems...everyone of my systems that have ESET IS and Chrome 69 can't open Chrome.  1 that has Bitdefender works fine and 1 that has KAV works fine.  So the only common thing across them is ESET and I have uninstalled and re-installed Chrome 69 few times now....the only solution that helps is disabling ESET HIPS. 

Link to comment
Share on other sites

Just as another point of reference, I'm running Chrome Version 69.0.3497.100 (Official Build 64-bit) with ESET IS and HIPS enabled in automatic mode without any issues.

Link to comment
Share on other sites

0x000005 is usually a memory violation. Open Win's reliability history via Control Panel and view details as to Chome's crash. Hopefully, it will show the source process causing the activity.

Edited by itman
Link to comment
Share on other sites

NO other custom rules until I started to have the issues and it's only then that I created a custom rule.   Otherwise my custom rules are empty.

Memory violation you say?  Hmm it might be Hitman Pro Alert....not working nice with Chrome 69 and ESET IS HIPS....strange...I disabled hitman pro alert all aspects of it (besides uninstalling) and it still gives me the error but who knows.  Let me see. 

 

Faulting application name: chrome.exe, version: 69.0.3497.100, time stamp: 0x5b9cbd4f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00530020
Faulting process id: 0x27e4
Faulting application start time: 0x01d45591d808ded8
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: dcbcf618-c5f5-4168-9848-3dc46742ecc0
Faulting package full name: 
Faulting package-relative application ID: 

Link to comment
Share on other sites

  • Administrators

Attachments are not accessible to other users, only to moderators and ESET staff. If the generated archive is not too big, you can send it via a personal message. Otherwise upload it to a file sharing service, such as Dropbox, OneDrive, etc. and provide me with a download link.

Link to comment
Share on other sites

54 minutes ago, GrammatonClerick said:

Hmm it might be Hitman Pro Alert....not working nice with Chrome 69

That is my suspicion.

Google is by default blocking/blaming AV vendors for any issue with current Chrome releases. HMP-A will hook the browser just like Eset does. However, HMP-A is a lot more "sophisticated" in how it does its browser injection. As previously posted, an individual is using Chrome 69 w/o issue.

Disabling HMP-A does not prevent its kernel driver from loading at boot time as far as I am aware of. Look for the service associated with this driver and disable it if you can. I suspect you will be prevented from doing so.

Link to comment
Share on other sites

I have the same problem after the Chrome updated from 68 to 69. But i am running Chrome through Sandboxie (version 5.26). Note, when i run Chrome unsandboxed it does not crash with the 0x000005 execution error, instead it runs as it should without issue.

I have no other antivirus or exploit software running on my WIN 10/64 machine.

Tried to reinstalled Chrome, Sandboxie, and then ESET and  these changes didn't fix. Then completely removed ESET along with all traces, installed and switched to interactive mode, and permanently approved everything i was asked to approve -  it still didn't work ie it crashes with the above error.

Tried Chrome beta 70 version and it did not work.

Switched off HIPS and am able to load Chrome  through Sandboxie as it should.

I don't want to run without HIPS enabled so I have rolled back Chrome to Version 68.0.3440.84 (Official Build) (64-bit) and all is working as it should.  If anyone has to rollback make sure you disable Chrome auto update. Rollback versions can be found using a google search, google does not provide rollback versions.

I have no other problems running programs through Sandboxie with HIPS enabled. Example Internet Explorer and Opera both work.

I have wasted hours of time, and need to get on with my life, so  I will now wait until someone has fixed this issue before updating Chrome to Version 69 or greater.

Thank you OP for your post.

Link to comment
Share on other sites

On ‎9‎/‎29‎/‎2018 at 3:23 PM, JerryG said:

I have the same problem after the Chrome updated from 68 to 69. But i am running Chrome through Sandboxie (version 5.26). Note, when i run Chrome unsandboxed it does not crash with the 0x000005 execution error, instead it runs as it should without issue.

Check this out: https://www.sandboxie.com/KnownConflicts . It is fairly obvious, the issue is related to Sandboxie.

I would post your issue on the Sandboxie forum or directly contact the developer about the issue.

Link to comment
Share on other sites

  • Most Valued Members
On 9/29/2018 at 10:23 PM, JerryG said:

have the same problem after the Chrome updated from 68 to 69. But i am running Chrome through Sandboxie (version 5.26). Note, when i run Chrome unsandboxed it does not crash with the 0x000005 execution error, instead it runs as it should without issue.

New Chrome is already running in Sandbox by itself , Chrome is isolating itself from the system as far as I know , it might be that the reason of it crashing.

Link to comment
Share on other sites

17 hours ago, itman said:

Check this out: https://www.sandboxie.com/KnownConflicts . It is fairly obvious, the issue is related to Sandboxie.

I would post your issue on the Sandboxie forum or directly contact the developer about the issue.

Its not so obvious to me,  and there is nothing in that link that helps. Here's what i know. Without HIPS enabled everything on my system works as it should. With HIPS enabled everything works up to Google ver 68. HIPS is preventing me from running as i should be running.

Update google to 69 and it wont run in the sandbox with HIPS enabled, need to turn HIPS off for it to work. So for me it's related to HIPS, Google & Sandboxie. But without HIPS everything works, so what is HIPS doing.

Thank you.

Link to comment
Share on other sites

17 hours ago, Rami said:

New Chrome is already running in Sandbox by itself , Chrome is isolating itself from the system as far as I know , it might be that the reason of it crashing.

maybe, but it does run sandboxed without HIPS enabled so i am not sure what to do with HIPS . 

Edited by JerryG
Link to comment
Share on other sites

  • Most Valued Members
1 hour ago, JerryG said:

maybe, but it does run sandboxed without HIPS enabled so i am not sure what to do with HIPS . 

Switch to Firefox for a moment and run it as Sandboxed , does the HIPS make trouble with it?

After the recent Chrome update , people are experiencing troubles with it.

Link to comment
Share on other sites

 

11 hours ago, Rami said:

Switch to Firefox for a moment and run it as Sandboxed , does the HIPS make trouble with it?

After the recent Chrome update , people are experiencing troubles with it.

Firefox is now installed and runs ok. No problems with this. Thank you

Edited by JerryG
Link to comment
Share on other sites

  • Most Valued Members
58 minutes ago, JerryG said:

 

Firefox is now installed and runs ok. No problems with this. Thank you

As far as I know the troubles you had because Chrome is isolating itself and you isolated Chrome in another Sandbox , so what happened that you have isolated Chrome , Chrome is isolating itself because that's what Google did in their recent update , HIPS is trying to do something with Chrome , and it's failing or it's not working at some point , Chrome is crashing.

You can use uBlock and HttpsEverywhere as add-ons with Firefox , they are recommended.

Edited by Rami
Link to comment
Share on other sites

12 hours ago, Rami said:

As far as I know the troubles you had because Chrome is isolating itself and you isolated Chrome in another Sandbox , so what happened that you have isolated Chrome , Chrome is isolating itself because that's what Google did in their recent update , HIPS is trying to do something with Chrome , and it's failing or it's not working at some point , Chrome is crashing.

You can use uBlock and HttpsEverywhere as add-ons with Firefox , they are recommended.

Thank you. Google has sandboxed Chrome for some years now, its not a new thing. I was running it in the last version Sandboxed.

I am still keen to use Chrome as i have been using it for a long time and comfortable with it.

Link to comment
Share on other sites

  • Most Valued Members
1 minute ago, JerryG said:

Thank you. Google has sandboxed Chrome for some years now, its not a new thing. I was running it in the last version Sandboxed.

I am still keen to use Chrome as i have been using it for a long time and comfortable with it.

But recently Chrome has decided that it won't allow anything to inject/scan their browser even AVs

Link to comment
Share on other sites

9 hours ago, Rami said:

But recently Chrome has decided that it won't allow anything to inject/scan their browser even AVs

Ohh now i understand. Thank you for your replies Rami

Link to comment
Share on other sites

  • Most Valued Members
17 hours ago, JerryG said:

Ohh now i understand. Thank you for your replies Rami

You are welcome , glad that I was helpful. ?

Edited by Rami
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...