How to circumvent a false positive "infected file"
Today, for some reason, Bitdefender decided that the Windows diagnostic tool LicensingDiag.ps1 is infected:
The file \\OF-Pub-NAS1\Public\Product Downloads\Windows Diagnostic Tools\LicensingDiag.ps1 is infected with Heur.BZC.PZQ.Boxter.989.A320B4FE. Bitdefender blocked this item, your device is safe.
It's possible that this file was recently infected, but it's Date Modified flag is 6/1/2018. As far as I know I've never used this ****** and don't need it now, but I would like to at least look at it but I don't have permission. I assume Bitdefender modified the file permissions in order to "protect" me. Yes? If so, how do I check the validity of this file?
Answers
-
Generate bitdefender BDsysLog: https://www.bitdefender.com/consumer/support/answer/1922/
Generate bitdefender support tool logs: https://www.bitdefender.com/consumer/support/answer/1733/
Generate bitdefender connectivity logs: https://www.bitdefender.com/consumer/support/answer/9689/
Share the logs & your query with bitdefender support team by dropping them an email at bitsy@bitdefender.com
If the generated logs are larger in size, you can upload the logs to google drive or we.tl (7days link validity for free users) or ask the support team to provide you with the online link & password of bitdefender cloud where you can upload the logs and share the upload link with the support team.
The support team will reply back to your query within next 24-48 hours excluding weekends.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0 -
I don't see how that answers my question. But my question has changed.
Yesterday I deleted the suspect file and downloaded a new copy. Bitdefender did not block either action. It also did not prevent me from running the file (a PowerShell ******). But, again, BD blocked Macrium Reflect from taking a backup - a "Files and Folders" backup - of the file. This makes no sense.
I guess my most important question is how to keep Bitdefender from interfering with any action Macrium Reflect performs? I already have "c:\program files\macrium" as an exception in the Antivirus settings, but that obviously is not preventing BD from blocking Reflect activity.
0 -
Check if below steps help:
1) Temporarily disable Bitdefender Protection: https://www.bitdefender.com/consumer/support/answer/28557/
2) Set exclusion in Bitdefender Antivirus: https://www.bitdefender.com/consumer/support/answer/13427/
3) Set exclusion in Bitdefender Advanced Threat Defense: https://www.bitdefender.com/consumer/support/answer/2393/
4) Re-enable real time protection in Bitdefender.
You need to setup exclusion in both antivirus and advanced threat defense. If you have done that and still facing issues, then you need to contact bitdefender support and provide with all the logs that were stated in previous comments.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
1