Skip to main content

Submitting sample files and websites for analysis

In this article you will learn how to submit sample files and websites for analysis, using the online submission form.

You may notice false positives or false negatives while using Bitdefender Endpoint Security Tools. A false positive occurs when a Bitdefender module detects a legitimate file or a website as infected, whereas a false negative occurs when a Bitdefender module fails to detect an infection.

To rule out any potential false positive or false negative, use the online submission form to send a sample file or a website for analysis:

  1. Take screenshots with the detection of the file or website.

  2. Go to the Sample or URL Submit form.

  3. Complete the submission form with:

    • Your Bitdefender product

    • The category type (False Positive or False Negative)

    • Your contact details

    • The sample type (File or URL)

    • The sample file (uploaded via Choose File) or URL


      If you cannot upload the file because BEST blocks it, you need to temporarily disable the Bitdefender On-Access antimalware protection on the endpoint. For details, refer to Preparing the endpoint for troubleshooting detections.


      If your file is bigger than 25 MB, add it to a .zip file. If the archive is still bigger than 25 MB, please contact the Bitdefender Enterprise Support.

    • The detection name

    • The previously taken screenshots (upload via the Choose Files field from the Screenshots section)


      Screenshots should have one of the following formats: jpg, gif, jpeg, png.

  4. Click Submit.


    Samples provided through the online submission form are automatically encrypted to prevent corruption or mishandling.

Your sample submission will reach Bitdefender Labs, who will analyze it and revert with a verdict.


If you had issues uploading the sample file and had to apply a clone of the policy, don't forget to apply the original policy back on the endpoint.