Antimalware
Preparing the endpoint for troubleshooting detections
Sometimes, for troubleshooting reasons, you may need to access files that BEST detects as malicious and blocks. For example, you may need to manually delete an infected email attachment, or send a false positive for analysis. In such cases, you need to temporarily disable the Bitdefender On-access antimalware protection on the endpoint where the files are located.
To do this, clone your current policy, disable the protection, and apply the new policy only on the endpoint where the files are located, as follows:
Log in to GravityZone Control Center.
Go to the Policies page from the left side menu.
Select the policy you are currently using on the endpoint.
Click Clone Policy.
Give the policy a descriptive name.
In the Antimalware > On-access section, disable the On-access Scanning by deselecting the check box.
Click Save.
Go to the Network page from the left side menu.
Select the endpoint where the file is located.
Click Assign Policy.
Select the previously created policy.
Click Finish.
Now, you can proceed with troubleshooting. For more information, refer to the article that best fits your scenario: Cleaning malware from an email archive when using Bitdefender Endpoint Security Tools, Resolving legitimate applications detected as threats by Bitdefender.
After the troubleshooting process is complete, apply the original policy to the endpoint.