Jump to content

[SOLVED] Multiple Exploit Blocks (potential BitDefender bug)

MDDI

By MDDI
in Anti-Exploit Beta

 Share

Recommended Posts

  • Staff
pbust

pbust

Posted
  • Staff
Posted

Thanks for the logs MDDI. This is an interesting case.

 

First of all I have to say you keep your computer pretty lean and clean. Congrats. Wish more people kept theirs this way.

 

Secondly, have you installed or upgraded any of your software lately? It's weird you had MBAE installed for quite some time but it only recently started alerting like this. My guess is that it's either some persistent exploit or a recent upgrade of some third-party software (BitDefender, Panda, ...) which is causing a conflict with MBAE.

 

I'll send you instructions via PM for further troubleshooting.

Link to post
Share on other sites
MDDI

MDDI

Posted
  • Author
Posted

Pedro,

 

Thanks for the reply. I did not use the FRST "Fix" tool. Panda was removed a year ago after it crashed my system. Any of the Panda registry is left over even after using their removal tool. The same goes for Avast; I got tired of the pop-ups.  

 

No new software has been installed, BitDefender has most likely updated. Like I said this started 01/26/16 after I started the machine in the morning, nothing was installed/upgraded, BitDefender most likely updated.

 

Cheers,

Mark

Link to post
Share on other sites
Closter

Closter

Posted
Posted

Hi. I just started receiving the same problem MDDI has. Except mine started today, 1/28/16.
It looks like you narrowed it down to BitDefender's fault. Which is also the antivirus I am also using.
I don't know what it's worth, but I am also using Firefox as my browser, and I believe it updated last night before I shut my PC down and before I started to receive these blocked exploit attempts.
I was wondering if you've found a solution, or if I should just disable the Anti-Heapspray settings on anti exploit until it or Bitdefender update?
Considering I've never seen a blocked exploit attempt any other time. Thanks.

Link to post
Share on other sites
  • Staff
pbust

pbust

Posted
  • Staff
Posted

So it seems the culprit is "avcuf32.dll" from BitDefender. They probably pushed a buggy update and it is causing API hooking conflicts. Likely they'll have problems with other third-party applications that perform API hooking.

 

Can you please uninstall or completely disable BitDefender and reboot to see if the problem persists?

Link to post
Share on other sites
MDDI

MDDI

Posted
  • Author
Posted

Pedro,

 

When I started my machine this AM I noticed BitDefender had updated. I browsed a bit active and still received multiple MBAE blocks.

 

I then completely disabled BitDefender and continued browsing, the MBAE blocks continued.

 

When the MBAE blocks occur I also receive the following message "A problem with this webpage caused IE to close & re-open the tab."

 

I attached the files again, the first few are with BitDefender enabled, the last are with BitDefender disabled.

 

Thanks for all the help,

 

Mark

 

 

Malwarebytes Anti-Exploit.zip

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.