Concern over lack of detection

SticksInTheWind
SticksInTheWind
edited August 13 in Security Research Team

If this is not the proper place for this post, please let me know where it belongs on the forums. I am a nooby here.

I have been a long-time fan of this product but recently I am starting to think about shopping around again. I keep my system and Anti-Virus (Total Security) current.

I have found many instances where the product has just let me down because it doesn't seem to detect malware very well anymore.

For example, I have a copy of PDFStreamDumper and copied the install file to a newly installed Windows 10 vm. Windows Defender notified me right away that it was malware. (Since I have Total Security installed on my main machine, it disables Windows Defender). I was in shock so I scanned it with virus total which 20/70 vendors (including BitDefenderTheta) identified it having "trojan.swrot/diple". What is the point of using this product if it is going to make my system less secure? If it wasn't for the vm without Total Security, I would have never known!

This is not the only case I have noticed in the past year. How can we help make this product better?

2024-08-13_10-33-04.jpg

https://www.virustotal.com/gui/file/6228b87eef811886fe6611de51591b2a5d34f6f7bee4ccd4f58a89c9ca6aa166/detection

2024-08-13_10-30-57.jpg
2024-08-13_10-34-38.jpg

Comments

  • Flexx
    Flexx mod
    edited August 14
    https://community.bitdefender.com/en/discussion/100714/concern-over-lack-of-detection

    First of all, as we all know, not every antimalware solution can detect every piece of malware.

    Regarding the Bitdefender Theta engine in VirusTotal, it is entirely machine learning-based and is not integrated into any of Bitdefender's mainline products for any OS. Since Bitdefender Theta is machine learning-based, there is a higher chance of false positives.

    Moving further, the VirusTotal link you shared shows that only a small number of well-known antimalware vendors like Avira, Avast, McAfee, Microsoft, etc., detect it as malicious. On the other hand, a larger number of well-known vendors like Norton/Symantec, Kaspersky, ESET, Trend Micro, Dr.Web, Malwarebytes, etc., do not detect the file as malicious.

    Therefore, the file may or may not be malicious. To confirm, you will need to share the sample with the Bitdefender malware research team.

    If you believe that a website or file is not detected by Bitdefender as malicious or phishing, kindly report it to our malware research team using the forum provided at the link below:

    https://www.bitdefender.com/consumer/support/answer/29358/

    If the website or file is indeed malicious or phishing, detection will be added within a maximum of 72 hours. However, if no detection is available even after 72 hours, please consider the website or file as safe, as determined by our malware researchers, and no detection will be created for them.

    Additionally, you can run Windows Defender as a second-opinion scanner, with Bitdefender as the primary antimalware. Have a look at the link provided below.

    https://learn.microsoft.com/en-us/defender-endpoint/limited-periodic-scanning-microsoft-defender-antivirus?view=o365-worldwide

    https://www.minitool.com/news/enable-disable-periodic-scanning-on-windows-11.html

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

All Time Leaders

Categories

Defenders of the month