"Access violation ... in module ATCUF32.DLL ..." installing Free Commander XE

DSperber

Something recently changed in BitDefender Total Security 2020 has obviously caused this abend.

It first occurred yesterday, installing the latest version 808 of Free Commander XE.  It had not occurred installing the previous version 807, so I gave the previous version 807 a retry just to be sure.  And surprisingly it actually DID occur with that prior version as well!  So now I'm confused.

Anyway, the situation is this.  I run the new version install of Free Commander XE from its installer file EXE, navigating to that installer file while running the currently installed version of Free Commander XE (which is a program functionally similar to Win7 Windows Explorer or Win10 File Explorer).  Normally I leave the FCXE program still open as I progress through the install script screens.  About four screens in on the install script, I am advised that "FCXE is currently open. Do you want me to automatically close it and then proceed with the install?" to which I always then reply OK, and the install continues to proceed and then complete normally (after first closing the currently active instance of FCXE as promised).

With this new abend in BitDefender, I never am presented with that prompt advising "FCXE is currently open".  So clearly it's this event which is is directly related to the abend.

I am guessing that at this instant BitDefender is trying to formulate the details to present me with about an application attempting an update of a protected folder (or something like that), which normally throws up a screen offering to allow me to activation  a newly created application program exception. Typically what happens here is that the application being installed has detected the intercept and thrown up its own "retry/abort/cancel" screen, which after OK'ing to the newly created BitDefender exception I then reply "retry" on with the installer. And things then go normally, and never show up again (i.e. the next time I do an install of the same program with a newly released version).

In this case I don't ever recall going through that when installing Free Commander XE.  I mean I never previously had to create some kind of application exception in order to move through the install. The FCXE installer simply always detected that it was open and immediately produced its own "FCXE is open, do you..." prompt screen without any interruption by BitDefender. I am guessing something recently changed in BitDefender is trying to "protect" me in the usual way from an application program making unauthorized changes (perhaps to what is now considered a "protected folder"), but is somehow actually incompatible with how the FCXE installer is trying to do its own detection of the program currently being open.

Whatever the cause, the abend is in a BitDefender file, and is only occurring ALL THE TIME when I attempt to run ANY VERSION OF THE FREE COMMANDER XE INSTALLER and let the install script continue while the currently installed version of FCXE is itself at the moment currently open and active.  So somehow we need to get to the bottom of it.

FCXE is a "donor sponsored" application, but I can provide you with an installer file for your engineers to work with.  I can also describe exactly the handful of steps you need to follow in order to replicate this abend.  You can PM me and I will provide my email address so that we can take this offline.

[Deleted User]

Hello /index.php?/profile/216340-dsperber/&do=hovercard" data-mentionid="216340" href="<___base_url___>/index.php?/profile/216340-dsperber/" rel="">@DSperber,

Kindly provide us with a sample of the .exe file at [email protected]

Also, please attempt to run the installer with Advanced Threat Defense turned off, you can do so by following the steps below:

• Open Bitdefender, click Protection in the left side of the interface.

• Click Settings, below Advanced Threat Defense, then disable Exploit Detection.

• Test if the application can be installed with Exploit Detection turned off.

• Should the issue persist, return to the Protection screen, disable Advanced Threat Defense and test if the situation persists.

Please include the results of your troubleshooting in your mail to us. Also, remember to turn on Advanced Threat Defense and Exploit Detection once the process is over.

As soon as you will email us, you will receive a support ticket number. Kindly reply to this thread with the support ticket number that you'll receive via email.

 

DSperber

Done.  Check your email.

Note that when I disabled just "Exploit Detection", the abend still occurred.

But when I then also disabled "Advanced Threat Defense", the abend disappeared.  And FCXE installer proceeded as it always has, detecting that FCXE is currently open and offering me to OK the automatic "close" of FCXE so that the new install could proceed.  See attached screenshot of the "correct" window which should occur (and always has occurred, until the recent BitDefender change).

DSperber

Sent that email about 3 hours ago, but still have not received confirmation with the ticket number you requested I post here on this thread.

DSperber

It's a new day.

Still no response to my problem report email sent yesterday to [email protected] as you requested, with everything you asked for.  Installer file, screenshots, results of my testing, etc., complete package just as you requested.

No response as of now.

So I still have no ticket number to post on this thread.

I'm documenting a problem, caused by a recent change in BitDefender... experimentally proven to be something tied to enabling/disabling "Advanced Threat Defense" funcitonality but not specifically "Exploit Detection" sub-function. Something else has been changed recently, and it is the culprit.  Facts.

[Deleted User]

Hello /index.php?/profile/216340-dsperber/&do=hovercard" data-mentionid="216340" href="<___base_url___>/index.php?/profile/216340-dsperber/" id="ips_uid_6525_5" rel="">@DSperber,

I was able to locate your case. It seems like the mail containing the support ticket number was redirected to your spam or junk email folders.

We will reach you back with a reply in the shortest time possible.

DSperber

I don't believe there was anything sent by BitDefender which was accidentally redirected to spam/junk email folders.

I have had tickets submitted in the past, and properly received email back from bdsupport at tickets.biitdefender.com, both automated replies as well as from technicians.

I have still not received any email from BitDefender support in reply to my email sent to bitsy, which included EVERYTHING YOU REQUESTED.  Nor have I received anything new since yesterday when you replied here that you were in fact able to locate my case, and would "reach back to me and reply in the shortest time possible".

So while you may know the ticket number for this case, I still do not.

Most importantly, I anxiously await a FIX in the product by your engineers so that it once again works as it used to and does not abend when I install an updated version of Free Commander XE while the current version of Free Commander XE is currently open.  It never used to abend in ATCUF32.DLL but now it does.  Obviously a bug in BitDefender that must be fixed.

DSperber

Finally got my email from support this morning.  Based on the ticket number it does appear this case was opened three days ago, when my email got sent. Can't say why I never received an automated reply the same day.

Anyway, for tracking the case the ticket number assigned to this issue is:  2019121620110002

thank you.

 

DSperber

It has been quite some time that this ticket has been open, and I haven't received any further status update from BitDefender support.

I spent quite a bit of time providing EVERYTHING YOU ASKED FOR, including installer file for Free Commander XE, screenshots, instructions, details as to how to recreate the symptom, etc.  I would at least hope to have received some kind of progress report from Support that "yes, we have been able to duplicate your issue in our lab using the materials you provided to us, and will continue chasing this down until we determine the underlying cause and fix it".

Remember, the abend error is in a BitDefender component, so you'd think that would be easy enough a place to start from and work backwards.

Also, this is a relatively recent symptom, only appearing in the past month or so.  Now it's been a while since a Free Commander XE new version has been released, so to be fair it might have been due to a BitDefender change which occurred further back than just a month or so.  But the important thing here is that the symptom NEVER APPEARED UNTIL JUST RECENTLY, so it HAS TO BE DUE TO A BITDEFENDER CHANGE RELEASED SAY IN THE PAST THREE MONTHS. This could be helpful in diagnosis.

I would like to have an update, here on this thread if not via email from Support per my open ticket.  Have you done anywork on this?  Can you duplicate it in the lab? Are you chasing it down?  It's an abend in YOUR program, seems like you'd want to at least look at the dump (which I could create for you, if you want to use my own machine as an extension of your support lab because it's easier or because you were unable to reproduce the failure yourself).

 

Please advise

Thanks.

[Deleted User]

Hello /index.php?/profile/216340-dsperber/&do=hovercard" data-mentionid="216340" href="<___base_url___>/index.php?/profile/216340-dsperber/" rel="">@DSperber,

As previously mentioned, the detection you're encountering could not be reproduced internally by ourselves even by following the provided instructions. We have updated your ticket and are looking for a reply. As soon as we receive the required information we will be able to further advise you on how to solve this error.

DSperber

Very surprising that your team was unable to reproduce the problem yourselves. I receive the error  on every machine I do this on, i.e. where:

(1) Free Commander XE (my go-to Windows Explorer substitute) is already installed

(2) I use Free Commander XE to navigate to the folder/file location where I've saved the latest downloaded installer EXE for the latest version of Free Commander XE

(3) I double-click on the installer EXE (as it appears in the display of folder/files presented by the currently installed version of Free Commander XE) to launch it, same as you would do with ordinary Windows Explorer to navigate to any folder/file somewhere and then launch the EXE by double-clicking on it. This is effectively launching the installer again, to essentially re-install the very same Free Commander XE program version which is already installed (although it actually can be a genuinely newer version, doesn't really matter), while the currently installed version of Free Commander XE is already open and running in a window.

(4) do not close the already running instance of the Free Commander XE program window as the newer/same version installer XE is initiated and starts to run.  There will be several dialog steps to which you push the NEXT button to proceed, and about five steps in you will experience the abend.  This is caused by leaving the Free Commander XE program instance open that you used to explore/navigate/launch the installer, and at the final critical moment when the actual "copy files" is ready to begin the installer notices that the program itself is already active (thus locking some files which need to be replaced by the new install).  At this point there is now supposed to be a special popup dialog window asking for permission/OK to force-close the currently active program window instance, so that the new install can proceed.  And it is here where the popup message dialog USED TO OCCUR, but no longer does... instead producing this abend in ATCUF32.DLL.

(5) There is no way to complete the new install if the currently installed Free Commander XE is left open when the critical dialog is reached, since the abend in ATCUF32.DLL occurs.  Only by manually closing the program at some point prior to the point of reaching that critical dialog step so that the program is NOT discovered to be open and so that there is no longer a conflict of locked files so that the new install can simply proceed normally, this is now the only way to get the new install to complete properly.

 

Note that this is not such a terrible issue that I can't manually close the program window at some point earlier than that critical dialog step which will produce the abend if I don't close the program window.  But I simply report in this thread that the special break-out dialog from running the new installer to ask my permission to force-close the currently active program instance... IT USED TO WORK.  But no longer.

However it fails the same way on every one of my own machines.  Don't know why it shouldn't also fail on yours, but maybe there's more to the story.

I did receive your email this morning, asking me to reproduce the error again on my own machine and provide four outputs to you.  I will work on it and provide.

Thanks.

DSperber

I have now generated the items you requested, except for the "crash dump" because there was none produced.  So there are three files I need to send to you.

I've also generated an MP4 video recording (i.e. screen capture) of the handful of steps I've described which can recreate the failure every time.  It's about one minute long, showing first leaving the Free Commander XE window open when running the installer (and which triggers the access violation in ATCUF32.DLL), and then second closing the Free Commander XE window before the installer gets to the critical dialog step (and which now lets the installer just run to normal completion without an abend).

However these four files are larger than can be sent via email. I've sent you an email requesting a URL for an FTP upload site I can instead post them to for this ticket, so that you can retrieve them from there.  You can either reply to my email, or you can PM me here, providing that URL for file upload.

Thanks.

[Deleted User]

Hello /index.php?/profile/216340-dsperber/&do=hovercard" data-mentionid="216340" href="<___base_url___>/index.php?/profile/216340-dsperber/" rel="">@DSperber,

We have further analyzed the provided information and currently this situation has been forwarded to the Development team. We are currently working on a fix,

DSperber

You didn't notify me about any fix for this, but it sure looks like it's been fixed!!!

I happened to be working on a machine today where I needed to upgrade Free Commander XE, and lo and behold when I got to that point where the installer is supposed to automatically detect if the program window is open and offer to automatically close it, and which for a while now has been abending in ATCUF32.DLL.  Remarkably, there was no abend this morning, but instead the detection worked perfectly again!  This machine has BitDefender on it (build 24.0.14.85, engine 7.83489).

I then tried it on two other machines as well, including the very one which had been used to generate the diagnostic output I sent to you.  Remarkably, both of these two other machines also no longer abended in ATCUF32.DLL, but instead both once again worked properly.  And these two other machines are also 24.0.14.85, 7.83489.

So, I'm going to speculate your developers have seemingly fixed the problem and pushed it out in a very recent update (possibly even this morning). I wasn't notified by email about this and asked to give it a try, or even to provide me with a beta version to test. So I guess they were pretty certain they'd found the problem and fixed it, to just go ahead and push it out.

Case closed. Problem solved.

Thank you.

 

[Deleted User]

Hello,

This kind of fixes are usually delivered via automatic updates, hence why we could not inform you exactly when the update would occurr.

Glad to hear the situation is solved!

 

Thread locked.