Concern over lack of detection

SticksInTheWind · 2024-08-13T17:38:24+00:00

There was an error rendering this rich post.

If this is not the proper place for this post, please let me know where it belongs on the forums. I am a nooby here.

I have been a long-time fan of this product but recently I am starting to think about shopping around again. I keep my system and Anti-Virus (Total Security) current.

I have found many instances where the product has just let me down because it doesn't seem to detect malware very well anymore.

For example, I have a copy of PDFStreamDumper and copied the install file to a newly installed Windows 10 vm. Windows Defender notified me right away that it was malware. (Since I have Total Security installed on my main machine, it disables Windows Defender). I was in shock so I scanned it with virus total which 20/70 vendors (including BitDefenderTheta) identified it having "trojan.swrot/diple". What is the point of using this product if it is going to make my system less secure? If it wasn't for the vm without Total Security, I would have never known!

This is not the only case I have noticed in the past year. How can we help make this product better?

https://www.virustotal.com/gui/file/6228b87eef811886fe6611de51591b2a5d34f6f7bee4ccd4f58a89c9ca6aa166/detection

Find more posts tagged with

Comments

Flexx

https://community.bitdefender.com/en/discussion/100714/concern-over-lack-of-detection

First of all, as we all know, not every antimalware solution can detect every piece of malware.

Regarding the Bitdefender Theta engine in VirusTotal, it is entirely machine learning-based and is not integrated into any of Bitdefender's mainline products for any OS. Since Bitdefender Theta is machine learning-based, there is a higher chance of false positives.

Moving further, the VirusTotal link you shared shows that only a small number of well-known antimalware vendors like Avira, Avast, McAfee, Microsoft, etc., detect it as malicious. On the other hand, a larger number of well-known vendors like Norton/Symantec, Kaspersky, ESET, Trend Micro, Dr.Web, Malwarebytes, etc., do not detect the file as malicious.

Therefore, the file may or may not be malicious. To confirm, you will need to share the sample with the Bitdefender malware research team.

If you believe that a website or file is not detected by Bitdefender as malicious or phishing, kindly report it to our malware research team using the forum provided at the link below:

https://www.bitdefender.com/consumer/support/answer/29358/

If the website or file is indeed malicious or phishing, detection will be added within a maximum of 72 hours. However, if no detection is available even after 72 hours, please consider the website or file as safe, as determined by our malware researchers, and no detection will be created for them.

Additionally, you can run Windows Defender as a second-opinion scanner, with Bitdefender as the primary antimalware. Have a look at the link provided below.

https://learn.microsoft.com/en-us/defender-endpoint/limited-periodic-scanning-microsoft-defender-antivirus?view=o365-worldwide

https://www.minitool.com/news/enable-disable-periodic-scanning-on-windows-11.html

Regards