BitDefender/F-Secure/GData FP questions

Discussion in 'other anti-virus software' started by FanJ, May 18, 2012.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi,

    A few questions:

    1. Am I right that BitDefender/F-Secure/GData share some engine cq. database?

    2. Am I right that F-Secure and GData use in some way the BitDefender engine cq. database?

    3. Am I right that HitManPro is using GData as one of its scanners?

    4. If 1. and 2. and 3. is true, and if all four of them are giving the same warning (an FP in my humble opinion) on the same file at VirusTotal in the case of BitDefender/F-Secure/GData and in the case of HitManPro when doing a scan, would submitting it to BitDefender the best way to get this solved?

    5. If submitting to BitDefender, what would be the best way to do it?
    Which email-address? This old thread gives some BitDefender addresses.
    Should it be zipped and password protected?
    BitDefender has also a forum where one can post about an FP.
    Is there a representative of BitDefender who frequently post here?

    6. Sorry, it's a long while ago since I used to submit.

    7. In this particular case I'm talking about this and this. But the question is also more in general.
     
  2. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    1. YES, GData uses BD as one of it's engines.

    2. Same answer as number 1

    3. YES, HMP uses GData as one of it's cloud engines. (Which means taht HMP has the BD engine)

    4. Well not really sure about this one, but i guess if BD has an FP all of them could have it.

    5. Not sure about this one

    My.02 cents. :D
     
  3. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    I would think that reporting the fp to bitdefender would be the best idea. I havent ever reported any fp to bitdefender thou. When I used to use f-secure I reported the fps to them since I wasnt 100% sure if the fp was the bitdefender engine. the f-secure submission system tells you which engine detects the file as malicious.

    It seems that the website fp reporting subforum of bitdefender website is frequently visited but it doesnt look like many people have reported fp files in the subforum for ages.

    This seems to be the reccomended method.

    Im gonna stick to sending bitdefender file fps to f-secure. f-securesubmitsample
     
    Last edited: May 19, 2012
  4. Amin

    Amin Registered Member

    Joined:
    May 16, 2012
    Posts:
    437
    Location:
    UK
    the approximate graph looks lik this one :

    HMP ← BD → FS
    ...........
    .......g-data


    if BD flagged a file incorrectly better call it FP all the other engine would give the same
    but.
    if FS or GData or HMP Had FP .. it's not a good idea to send the FP log
    to BD site or whatever.. cuz they may use the other modules for file detection rather than just database..which this has nothing to do with BD.
    about HMP its a little different :D

    with respect.
     
  5. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Thanks Noob, lodore and a m i n ! It is much appreciated and in some way it confirms what I was thinking.

    The BitDefender forum for FPs is still active:
    http://forum.bitdefender.com/index.php
    Scroll in the English part of it to "Malware & Sample Submission", and for FPs then to "False Positive reporting".


    How HitManPro handles FPs, I have not the slightest idea...
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    To report hitman pro FP I would post in the hitman pro thread one of the developers is very active in that topic and issues are fixed fast.
     
  7. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hey lodore,

    The issue is that, according to LoneWolf (https://www.wilderssecurity.com/showpost.php?p=2056908&postcount=4361 ), the FP was NOT quickly fixed.... Erik was online here at the board and didn't reply at all to LoneWolf's posting. Maybe because there are Holiday's in Holland; I'm just guessing o_O. I really don't know what is happening, and why. I don't know how SurfRight is handling things.
     
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,026
    Location:
    Hengelo, The Netherlands
  9. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
  10. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Well, HMP is a very good utility for uploading your files to the scanners. In my experience, bitdefender engine have a very good precision and low fp rate, reporting the FP can automatically fix the FP in the other products
     
  11. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hey toxinon12345,

    Posting at the BitDefender forum (section "Malware & Sample Submission", and then "False Positive reporting") did help, combined for HMP with a posting in the HMP thread here at Wilders (and a PM to Erik).
     
Loading...
Thread Status:
Not open for further replies.