Guides

False Positive Contacts

⚠️

Note on False Positives

VirusTotal only aggregates data from a variety of vendors. We produce no verdicts of our own and as such, we can’t modify these results. We are not intended to be an authoritative reputation engine, but rather provide intelligence and context to users so that they can make the best decision. 1/60 and even 5/60 doesn’t automatically mean “Bad”, and 0/60 doesn't always mean good. Each decision on whether something is malicious ultimately the responsibility of users or the security vendors who use the data to improve their services.

Below are the steps to take if you want to fix a false positive report.

  • If the false positive is for a File or a URL try re-scanning first.
  • If the false positive persists please reach out to the vendor that is producing it providing a link to the VirusTotal report. List of vendor contacts can be found at the table below.
  • If you do reach out to us, we will tell you to reach out to the vendors, as we will not be able to modify any results of scans.
  • We cache some URL results. If vendors have confirmed removal but a URL is still detecting, please reach out to us along with evidence that the vendor has removed your URL from the blacklist, as we may be able to speed up propagation.

⚠️

Note on reporting False Positives

Before reporting a False Positive, please make sure that the engine team you are engaging is responsible for the type of indicator you want to report here!

  • Files - Antivirus products
  • Network indicators - Website/domain scanning engines & datasets

Below is a list of vendor contacts that may help:

EngineContact
360kefu@360.cn
Abusixsupport@abusix.com, https://lookup.abusix.com/
Acronisvirustotal-falsepositive@acronis.com
ADMINUSLabsinfo@adminuslabs.net, samples@adminus.net, falsepositive@adminuslabs.net
AegisLabsupport@aegislab.com
Ahnlabe-support@ahnlab.com, samples@ahnlab.com
AILabs (Monitorapp)aicc@monitorapp.com
Alibabavirustotal@list.alibaba-inc.com
AliCloudantivirus@alibabacloud.com
AlienVaultotx-support@alienvault.com
AlphaMountainsupport@alphamountain.ai
AlphaSOCvirustotal@alphasoc.com
Alyac (Estsoft)esrc@estsecurity.com
Antivir (Avira)https://www.avira.com/en/analysis/submit-url
Antiyavlsdk_support@antiy.cn
Arcabitvt.fp@arcabit.pl
ArcSight Threat Intelligencevirustotalsupport@opentext.com
AutoShuninfo@autoshun.org
AvastDL-Virus@gendigital.com
AVGhttp://www.avg.com/submit-sample http://www.avg.com/us-en/whitelist
Baidubav@baidu.com, gaoyingchun@baidu.com
BitDefendervirus_submission@bitdefender.com
BforeAihttps://bfore.ai/support
Bkavfpreport@bkav.com, bkav@bkav.com
Certegohttps://www.certego.net/en/contatti/
Chong Lua Daoinfo@chongluadao.vn
CINS Army (Sentinel IPS)http://cinsscore.com/#contact
ClamAVhttp://www.clamav.net/reports/fp
Clean-MXabuse@clean-mx.de
Cluster25threatintel@cluster25.io
CMCPSIRT@cmccybersecurity.com
CRDFhttps://threatcenter.crdf.fr/false_positive.html
Criminal IP (AI Spera)support@aispera.com
CrowdStrikeVTscanner@crowdstrike.com
CSIS Security Group.abuse-reporting@csis.com
CyanSecurityvirustotal@cyansecurity.com
Cybereasonvt-feedback@cybereason.com
Cyblecyblevt_patnership@cyble.com
Cylancecylancefilesubmit@blackberry.com
Cynetsoc@cynet.com
CyRadarvirustotal@cyradar.com
Deep Instinctvt-fps-requests@deepinstinct.com
DNS8dns8@layer8.pt
DrWebvms@drweb.com
eGambit (Tehtris)https://tehtris.com/egambit_fp.php virus@tehtris.com
ElasticElastic False Positive Submission Form , https://discuss.elastic.co/t/submitting-false-positives/232322
Emsisoftsubmit@emsisoft.com or fp@emsisoft.com (false positives) https://www.emsisoft.com/en/support/contact/
Ermessupport-vt@ermes.company
ESEThttps://support.eset.com/kb141/?page=content&id=SOLN141
FireEyevirustotal@fireeye.com
F-Protviruslab@f-prot.com
F-Secure/WithSecurespyware-samples@f-secure.com, vsamples@f-secure.com
Forcepoint ThreatSeekerreviewmysite@forcepoint.com
Fortinethttps://www.fortiguard.com/faq/classificationdispute http://www.fortinet.com/support/contact_support.html
GDatahttps://www.gdata.de/help/en/general/GeneralInformation/submitFileAppURL/
Google (File Scanner)google-at-virustotal@google.com
Google Safe Browsing (URL/Netloc Scanner)https://safebrowsing.google.com/safebrowsing/report_error/?hl=en
GreenSnowhttps://greensnow.co/contact
Gridinsoftvirus@gridinsoft.com
Hacksoftvirus@hacksoft.com.pe
Hauriviruslab@hauri.co.kr
Heimdalreport-vt@heimdalsecurity.com
Hunt.io Intelligencek.lo@hunt.io
Huorongseclab@huorong.cn
Hoplite Industriesvt-info@hopliteindustries.com
Ikarusfp@ikarus.at
IPsumhttps://github.com/stamparm/ipsum
Jiangminsupport@jiangmin.com, shaojia@jiangmin.com
K7reportfp@labs.k7computing.com, k7viruslab@labs.k7computing.com
Kasperskynewvirus@kaspersky.com
Kingsoftti@mingting.cn
Lionichttps://www.lionic.com/reportfp/ support@lionic.com
Lumuvt@lumu.io
Malbeaconvtreport@malbeacon.com
Malwarebyteshttps://forums.malwarebytes.com/forum/122-false-positives/
Malwares.com (Saint Security)kog@stsc.com
MalwareURLteam@malwareurl.com
CTX (SaintSecurity)root@malwares.com
MaxSecuretech@maxpcsecure.com
McAfeehttps://www.mcafee.com/support/s/article/000001921?language=en_US, virus_research@mcafee.com
SkyhighGatewayAnti-Malware-SupportEscalations@SkyhighSecurity.com
Microsofthttps://www.microsoft.com/en-us/wdsi/filesubmission
Microworldsamples@escanav.com
NANOhttp://www.nanoav.ru/index.php?option=com_content&view=article&id=15&Itemid=83&lang=en false@nanoav.ru
Netcrafthttps://report.netcraft.com/report/mistake
Inca (previous nProtect)virus_info@inca.co.kr
Palo Altohttps://live.paloaltonetworks.com/t5/virustotal/bd-p/VirusTotal_Discussions vt-pan-false-positive@paloaltonetworks.com
Pandafalsepositives@pandasecurity.com, virussamples@pandasecurity.com
Phishing Databasehttps://github.com/Phishing-Database/Phishing.Database#reporting-issues
PhishLabsinfo@phishlabs.com
Prebyteshttps://www.support.prebytes.com/helpcenter/removals/
Qihoo360support@360safe.com
QuickHealviruslab@quickheal.com
Qutterasupport@quttera.com
Risingfp@rising.com.cn
SafeToOpenvirustotal@safetoopen.com
Sansec eComscansupport@sansec.io
Sangforvirustotal@sangfor.com.cn
Scumware.orghttps://www.scumware.org/removals.php
SecureAgehttps://www.secureaplus.com/features/antivirus/report-false-positive/
Seclookupinfo@seclookup.com
Segasecsupport@segasec.com
Sentinel Onereport@sentinelone.com
SkyHighgatewayantimalwarefpsubmission@skyhighsecurity.com
SOCRadarvt@socradar.io
Sophoshttps://support.sophos.com/ samples@sophos.com
Spamhaushttps://www.spamhaus.org/dbl/removal/form/
Sucurisoc@sucuri.net
Symantechttps://symsubmit.symantec.com/submit/false_positive https://knowledge.broadcom.com/external/article/173729/how-to-submit-false-positives-on-content.html
TencentTAVfp@tencent.com
TheHackervirus@hacksoft.com.pe , falsopositivo@hacksoft.com.pe
Trapminefp@trapmine.com
Trellixdatasubmission@trellix.com
TrendMicrohttps://www.trendmicro.com/en_us/about/legal/detection-reevaluation.html, virus@trendmicro.com, virus_doctor@trendmicro.com
Trustwavehttps://support.trustwave.com/virustotal-detection-review/
Trustlookbd@trustlook.com
Underworldpost@helsecert.no
URLQuerycontact@urlquery.net
Varistsupport@varist.com , virus@avsubmit.com
VBA32feedback@anti-virus.by
Viettel Threat Intelligencecyberthreat@viettel.com.vn
Vipreproductsupport@vipre.com
VirITvirustotal@viritpro.com
VirusDiepartners@virusdie.com
Webroothttps://www.webroot.com/us/en/business/support/vendor-dispute-contact-us
WithSecure/F-Securespyware-samples@f-secure.com, vsamples@f-secure.com
Xcitium Verdict Cloud (Comodo)support@xcitium.com
Yomiyomi-false-positives@yoroi.company
Yandexyandex-antivir@support.yandex.ru
Yandex Safebrowsingsbapi@support.yandex.ru
Zillyasupport@zillya.com
ZoneAlarmzonealarm_VT_reports@checkpoint.com
Zonerfalse@zonerantivirus.com

Updated 16 days ago