VirusTotal false positive contacts collection

Wall of Shame

These vendors don't provide a free and registration-less way to submit false positives via HTTP or e-mail.

• Alibaba ([email protected] rejected my mail as spam)
• Baidu ([email protected] bounces with user not found #1)
• Cynet ([email protected] is unresponsive)
• Kingsoft ([email protected] bounces with user not found #3)
• Malwarebytes (login only)
• SUPERAntiSpyware (via program interface)
• TotalDefense (can submit via landline call WTF??)
• Yandex ([email protected] rejects mails #4)

How to send e-mails

Most vendors ask you to zip up the sample with the password "infected". Use ZipCrypto and be sure to write down the password in the email too. A subject line like False positive - <program name> is preferred, as several vendors have automatic email rules for this.

Conditions / priority / contributing

Only submission methods that require no active license, registration, download of a tool is listed. Anything not fulfilling this goes to the Wall of Shame. For ones that do have one of these, online forms are preferred over emails. If the email is linked on their website, the link is preferred since it contains format information.

Table

Product	How to submit
Acronis	https://kb.acronis.com/content/62189
Ad-Aware	https://www.adaware.com/report-false-positives
AhnLab-V3	[email protected]
ALYac	[email protected]
Antiy-AVL	https://www.antiy.net/contacts/
SecureAge APEX	https://uav.secureage.com/falsepositive/
Arcabit	[email protected]
Avast	https://www.avast.com/false-positive-file-form.php
AVG	https://www.avg.com/en-us/false-positive-file-form
Avira	https://www.avira.com/en/analysis/submit
BitDefender	https://www.bitdefender.com/consumer/support/answer/40673/
Bkav	[email protected], [email protected], [email protected]
CAT-QuickHeal	https://www.quickheal.com/submitticket/
Certego	[email protected]
ClamAV	https://www.clamav.net/reports/fp or https://www.immunet.com/false_positive
CMC	[email protected], [email protected]
Comodo	https://www.comodo.com/home/internet-security/submit.php [email protected]
CrowdStrike Falcon	[email protected]
Cybereason	[email protected]
Cylance	https://web.archive.org/web/20190929165253/https://home-support.cylance.com/hc/en-us/articles/360026236014-FAQ-VirusTotal-Inquiry
Cyren	https://www.cyren.com/support/reporting-av-misclassifications
DeepInstinct	[email protected]
DrWeb	https://vms.drweb.com/sendvirus/
eGambit	https://tehtris.com/en/false-positive-negative-requests/
Elastic	https://discuss.elastic.co/t/submitting-false-positives/232322
Emsisoft	[email protected]
eScan	[email protected]
ESET-NOD32	https://support.eset.com/en/kb141-submit-a-virus-website-or-potential-false-positive-sample-to-the-eset-lab#SubmitFile
F-Secure	https://www.f-secure.com/en/business/support-and-downloads/submit-a-sample
FireEye	[email protected]
Fortinet	[email protected]
GData	https://su.gdatasoftware.com/us/sample-submission/
Gridinsoft	https://anti-malware.gridinsoft.com/false-detect/
Ikarus	[email protected]
Jiangmin	[email protected]
K7AntiVirus / K7GW	[email protected]
Kaspersky	https://opentip.kaspersky.com/
Lionic	https://www.lionic.com/reportfp/
MAX (SaintSecurity)	[email protected]
MaxSecure	[email protected] (with program)
McAfee	[email protected]
McAfee-GW-Edition	[email protected]
Microsoft	[email protected] (or login only)
NANO-Antivirus	https://www.nanoav.pro/index.php?option=com_content&view=article&id=15&Itemid=83&lang=en
Palo Alto	[email protected]
Panda	https://www.pandasecurity.com/usa/homeusers/support/contact.htm?ts=1
Qihoo-360	https://www.360totalsecurity.com/en/suspicion/false-positive/
Rising	http://mailcenter.rising.com.cn/filecheck_en/
Sangfor Engine Zero	[email protected]
SentinelOne	[email protected]
Sophos	[email protected]
Symantec	https://symsubmit.symantec.com/
Tachyon	[email protected] (include detection name)
Tencent	[email protected]
Trapmine	[email protected]
Trustlook	[email protected]
TrendMicro	https://www.trendmicro.com/en_us/about/legal/detection-reevaluation.html
VBA32	[email protected]
VirIT	https://www.tgsoft.it/clienti/inviaFile.asp
VIPRE	https://www.vipre.com/support/submit-false-positive/
ViRobot	[email protected]
WebRoot	https://www.webroot.com/us/en/business/support/vendor-dispute-contact-us
Zillya	[email protected]
ZoneAlarm	https://opentip.kaspersky.com/
Zoner	[email protected]

Sources

I'd like to thank these sites for providing valuable information:

• https://github.com/slolife/antivirus-false-positive-reports
• https://www.starmessagesoftware.com/blog/report-submit-false-positive-antivirus-software
• https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm
• https://pastebin.com/cj746RvK
• https://straighttips.blogspot.com/2019/12/virustotal-report-false-positives.html
• https://github.com/alternat0r/List-of-Antivirus-Labs-Email-for-Malware-Submission
• https://ifreework.com/blog/soobshhit-o-lozhnom-srabatyvanii-antivirusa-na-vash-sajt/
• https://pastebin.com/7p9M49s2
• https://support.virustotal.com/hc/en-us/articles/115002146809-Contributors
• https://github.com/yaronelh/False-Positive-Center
• https://bitcoinissafe.com/antivirus-contact-list