[Resolved] Bitdefender 2017 TS Blocking Malwarebytes Anti-Malware Installation

garioch7
garioch7 Defender of the month ✭✭✭✭✭
edited October 2016 in Protection


I am currently using BDTS2016 and have Malwarebytes Anti-Malware Premium and Malwarebytes Anti-Exploit Premium, running along side, with exceptions configured.  To install the Malwarebytes products, it was necessary to disable the Anti-Virus scanning modules and the Intrusion Detection, but all worked well.


Yesterday, I had a friend purchase a BDTS2017 package and we successfully installed, after carefully and thoroughly removing McAfee, and previously uninstalling his Malwarebytes products.  After BDTS2017 was successfully installed, I attempted to reinstall the Malwarebytes Anti-Malware, but it was repeatedly blocked (Application Blocking) by BDTS2017.  I had turned off the Anti-Virus scanning modules and  I whitelisted the installer file, but that made no difference.


QUESTION: How do I disable Bitdefender Total Security 2017 "application blocking" module temporarily to permit the installation of Malwarebytes products?


Thank you and have a great day.


Regards

-Phil

Former Bleeping Computer Malware Response Instructor

Tagged:

Comments

  • Sorin G.
    Sorin G.


    Hello,


     


    It is not advisable to have more than one security solution on the same machine. If you encounter technical issues you will be advised to remove them.


    By following the steps below you do them at your own risk, as security solutions tend to interfere with one another.


    You can disable the product by going into the Protection tab under Antivirus and disable both the On Access Scanning and Active Threat Control. Afterwards go into Firewall and disable that one as well. As a personal advice, please check the installer and ensure it is a legitimate clean setup file.


    If you are running the installer from a Ransomware protected area you might want to disable that one as well.

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    Sorin:


    Thank you for your prompt reply.


    I had done as you suggested, and did it again today, but the MBAM installation is blocked right away.  Interestingly, the Malwarebytes Anti-Exploit Premium installation went well, with BDTS2017 disabled.


    The two anti-virus modules were disabled, firewall disabled, and ransomware protection never yet enabled.  I whitelisted the Desktop folder (where the MBAM installer file was located), the MBAM folder, and the C:\ ... \AppData\Local\Temp folder.  Each time, MBAM would start to install, then disappear, and BDTS2017 would report an application blocked.  The path of the blocked application was: C:\Users\<Name>\AppData\Local\Temp\is-<five random characters (letters and numbers).tmp\mbam-setup-2.2.1.1043.tmp.


    So the blocked application would look like this: C:\Users\Owner\AppData\Local\Temp\is-R8TK5.tmp\mbam-setup-2.2.1.1043.tmp in the BDTS2017 Blocked Application listing.


    The user is running Windows 7 Home Premium SP1, x64 on an ACER all-in-one computer.  The MBAM installer file was downloaded directly from Malwarebytes.org.


    I even disconnected the TeamViewer connection and had the user try to install MBAM with the same result.


    I can only conclude that BDTS2017 anti-virus scanning cannot be completely disabled at this time, which is a deal-breaker.  Users should be permitted to install what they want on their computers.


    I invite you to replicate this in your Lab.


    Thank you and have a great day.


    Regards,

    -Phil

    Former Bleeping Computer Malware Response Instructor

  • Sorin G.
    Sorin G.


    Hello,


     


    If the file is seen as being infected or blocked please use our submit form.


    www.bitdefender.com/submit

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    Sorin:


    Thank you for your response.  I will have to arrange with my friend, in the next day or two, to remote into his computer and see if any of those blocked files are still there in the folder.  If so, I will submit one.


    What I don't understand is why anything is being blocked when the BDTS2017 Anti-Virus, Firewall, and Ransomware protection modules are disabled?


    BDTS2016 had no such issues with MBAM installation and MBAM program updates, when the BDTS2016 Anti-Virus and Intrusion Protection modules were disabled.  If those modules weren't disabled, then BDTS2016 did block MBAM installs and version updates.


    Have a great day.


    Regards,

    -Phil


    PS: I won't be updating my BDTS2016 to BDTS2017 until this issue is resolved.  I count on MBAM Premium to provide complementary protection for threats that BDTS is not designed to catch.

    Former Bleeping Computer Malware Response Instructor

  • daman1
    daman1
    edited October 2016


    I had no issues with BD2017 along side MBAM, but MB was already on my PC's W7 when I upgraded to 2017.


     


    When an uninstall tool becomes available for 2017 uninstall BD install MBAM then reinstall BD.

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    daman1:


    Thank you for your reply, but the issue really is that it seems one cannot completely disable the BDTS2017 anti-virus module.


    It would indeed be labour-intensive to go through your suggested process every time that there is a version update for Malwarebytes.  And, of course, for now, with no BDTDS2017 uninstaller tool, one is just in limbo.


    Users should be permitted to completely disable any and all BDTS2017 protection modules and install whatever software they want on their computer.  It is THEIR computer, not BD's.


    I hope to upload the one of the MBAM temporary installer files that is "offending" BDTS2017 later today, as requested by SorinG.  I really do want a solution to this issue.


    Have a great day.


    Regards

    -Phil

    Former Bleeping Computer Malware Response Instructor

  • daman1
    daman1


    14 hours ago, garioch7 said:



    daman1:


    Thank you for your reply, but the issue really is that it seems one cannot completely disable the BDTS2017 anti-virus module.


    It would indeed be labour-intensive to go through your suggested process every time that there is a version update for Malwarebytes.  And, of course, for now, with no BDTDS2017 uninstaller tool, one is just in limbo.


    Users should be permitted to completely disable any and all BDTS2017 protection modules and install whatever software they want on their computer.  It is THEIR computer, not BD's.


    I hope to upload the one of the MBAM temporary installer files that is "offending" BDTS2017 later today, as requested by SorinG.  I really do want a solution to this issue.


    Have a great day.


    Regards

    -Phil


    I totally agree, there should be a "off" button.



     

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    SorinG:


    I finally had occasion to remote into my friend's computer today.  The files cannot be located.  There is was no ...\AppData\Local\Temp folder to be found.  I am assuming that BDTS2017 is deleting the files that Active Threat Control deemed malicious, even though the that module and the other anti-virus module, plus Firewall, had been disabled.


    There are no files in Quarantine.


    I did run the BDTS2017 Support Tool today and it was submitted in the name of my friend, Camille St-Amand.  He also got a response from Stanciulescu Radu, BD Technical Support (Ticket #: 2016100918510002), which instructed us to disable virtually every BD module, but again, the MBAM installation was blocked by BDTS2017 Active Threat Control module, despite it being disabled.


    A solution to this issue would be much appreciated.  Thank you and have a great day.


    Regards,

    -Phil

    Former Bleeping Computer Malware Response Instructor

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    Just an update to this post.  Bitdefender Technical Support has been excellent and has confirmed that this is a false detection that they hope has been addressed in the latest Bitdefender 2017 Total Security update.


    I am hoping to remote into my friend's computer later today and see if the issue has been resolved; or, send Bitdefender Technical Support the additional information they have requested if the Malwarebytes Anti-Malware installation is still being blocked by BDTS2017.


    I will keep you posted.  Have a great day.


    Regards,

    -Phil

    Former Bleeping Computer Malware Response Instructor

  • garioch7
    garioch7 Defender of the month ✭✭✭✭✭


    Sorin G.:


    Reference Ticket Numbers: 2016100918510002 and 2016101618480001.  I have already requested that both tickets be closed.


    Technical Support indicated that this was a false positive and requested that I update to the latest version of BDTS2017 and try again.  As requested by Technical Support, I updated my friend's BDTS2017 to the latest version: Build: 21.0.18.898; Engine: 7.67775; Signatures: 8238516.


    I then disabled both Anti-Virus modules and MBAM successfully installed.


    I cannot find a way to mark this topic as resolved.  Please do so.


    I also want to commend Bitdefender Technical Support for their superb service.  The delays were caused at my end because my friend and I had difficulties arranging times to do the remote sessions. The later ticket was handled by Mr. Stanculescu, who replied promptly to all of my submissions and who was very professional and courteous.  I have read complaints in these Forums before about bad Technical Support, but that certainly has not been my experience.


    Thank you and have a great day.


    Regards,

    -Phil

    Former Bleeping Computer Malware Response Instructor

  • Sorin G.
    Sorin G.


    Hello,


     


    Thank you for your feedback.

This discussion has been closed.

All Time Leaders

Categories

Defenders of the month