Integrate Sending Suspected Files Option

coolcool1227
coolcool1227 ✭✭✭
in Feature request

Browse and Submit option for sending suspected files if their detection is not present and also add suspected files to Quarantine manually.

Comments

  • Rampant
    Rampant ✭✭

    A very useful feature.

  • rootkit
    rootkit ✭✭✭
    edited March 2012

    Hello everyone :)


    This is a great idea and I made a feature request for it.


    It will be discussed in the next meeting with our Project Manager.


    Thank you.

  • Ageiris
    Ageiris

    would be great to have this feature in BD TS 2012. I switched from Norton IS 2012 to BitDefender and I am very disappointed that in BD TS 2012 there is no option to manually move files to quarantine


    For example, like Eset has. In the context menu there is an option: "Send file to analysis"

  • coolcool1227
    coolcool1227 ✭✭✭

    I would also like to recommend the option to send the files detected by Heuristics to add their exact detection so that the scan time will be reduced and also reduce False Positives Rate.

  • rootkit
    rootkit ✭✭✭
    edited March 2012

    Hi Omer :)


    With all the respect, but that is a waste of time. Heuristics were designed to anticipate the next move of some malware classes.


    Those samples will always be caught by the product, the only thing you need to do, in case it's happening, is to report False Positives to us.


    Don't worry, there is not need to create a signature for some samples that are caught heuristically by the engine.


    Take care.

  • coolcool1227
    coolcool1227 ✭✭✭
    edited March 2012
    Hi Omer :)


    With all the respect, but that is a waste of time. Heuristics were designed to anticipate the next move of some malware classes.


    Those samples will always be caught by the product, the only thing you need to do, in case it's happening, is to report False Positives to us.


    Don't worry, there is not need to create a signature for some samples that are caught heuristically by the engine.


    Take care.


    Hmmm. I understand.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    I am glad that we resolved this. :D


    I will let you know about the evolution when I have more data on this.


    Take care.

  • jpharr888@sbcglobal.net
    jpharr888@sbcglobal.net
    Hello :)


    I am glad that we resolved this. :D


    I will let you know about the evolution when I have more data on this.


    Take care.


    In BDAV 2009 there was a way to send the malware files to BD Lab for analysis and possible addition to definition database.


    I upgraded to BDAV 2012 and canot find this feature?


    Is it available or not?

  • rootkit
    rootkit ✭✭✭

    Hello :)


    That feature was modified in the new product.


    It goes like this: most of the users were send us files that were already detected by the product(malware, not False Positives).


    In Bitdefender 2012, the suspect files are quarantined by the product are automatically sent to our labs.


    If the file is malware, a definition will be created, if not it will be declare a False Positive and when the update will be released, the product will restore the clean file to the original location.


    If you want to send us samples or report a False Positive, you can do it over here:


    http://forum.bitdefender.com/index.php?showforum=137


    Take care.

  • coolcool1227
    coolcool1227 ✭✭✭

    The said option should also be available for AVC module.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Yes, that is a great idea, it could be integrated in Events neat the unblock button.


    We will see.


    Take care.

  • coolcool1227
    coolcool1227 ✭✭✭

    You can also put that in the AVC Exclusions.

  • rootkit
    rootkit ✭✭✭

    Hello :)


    Yes, but I need to see what decision will take our Project Manager.


    Take care.

All Time Leaders

Categories

Defenders of the month