Get our latest top picks
Subscribe to our Top Picks RSS Feed or enter your email address below to get the feed delivered to you by email:
|
Follow Gizmo |
 |
 |
 |
Register/Login
Top Rated
Gizmo's Freeware is Recruiting
We are looking for people with skills or interest in the following:
- Mobile Platform Reviews
- Rootkit Scanner and Remover
- Streaming Media Recorder
- Email Client
- Archive Manager Interested? Click here
How to Report Malware or False Positives to Multiple Antivirus Vendors
This article contains a list of every respectable Windows anti-malware vendor, with a signature based product, that I am aware of. Thus this list, in addition to showing you how to easily submit malware or false positives to all of them, also serves as a reference for anti-malware products which are confirmed to be legitimate. That said, I make no statement as to whether any particular anti-malware vendor is good at detecting malware. Some of the vendors in this list are very good and others are nearly worthless. This is not the place to discuss this. By submitting malware to all of them you can help protect nearly all internet users, regardless of which product they choose to use for protection.
Also, it would really help if you could rate this article. In addition, for those of you who are knowledgeable about anti-malware vendors, if you do find something wrong, whether it be a missing vendor, incorrect information, missing information, etc..., please read the section about How You Can Help. I really need everyone's help in order to improve and maintain this article.
Index
1. How To Easily Prepare To Submit The Samples
A) Make Sure Email Client Is Set Up Properly
B) Put Samples In Compressed Files
2. Easily Submit Malware To All Vendors
1. How To Easily Prepare To Submit The Samples
To follow the advice in this article you will need to have an email client, such as Thunderbird or Outlook, set up and configured. If you have not already set this up, please do so now. For instructions on how to set up Outlook please see this page and for instructions on how to set up Thunderbird please see this page.
You will also have to be using an email services which has been confirmed to work for this process. The two which I am currently aware of are AOL and Lavabit.
By the way, I have confirmed that Gmail, Yahoo, Hotmail, GMX, FastMail, Shortmail, and BigString do not work.
In terms of the ones which do work, please note that sometimes they will force you to answer a puzzle, to prove that you're human, or even to change your password. This is because it seems like what you're doing constitutes unusual account activity. This is not really a problem. I'm just letting you know ahead of time so you're not surprised.
If you're planning on submitting a suspicious file, or multiple files, for analysis, the easiest way to do this is to install a program called 7-Zip. It can be downloaded from this page. Once it's installed right click on the sample you would like to submit and select "7-Zip". If you are submitting multiple samples then highlight then all and then right click on them. Then choose "7-Zip". Submitting multiple samples at once can save you a lot of time if you have a lot of samples to submit. However, I would suggest that you do not submit more than 5 at a time as some vendors will begin to reject these.
After selecting "7-Zip", in the list that appears, select the option to "Add to archive...". It will open up a window as shown in the picture to the right. Then, in the options for "Archive format" make sure it is set to zip. Then enter in 'infected' as the password. Do not include the quotes. Then select ok.
After this is done, in order to submit it to many of the remaining vendors, once again follow exactly the same steps only this time change the "Archive format" to 7z. Then put in the same password and select OK. Now you should have the samples by themselves, a password protected zip file, and a password protected 7z file.
2. Easily Submit Malware To All Vendors
One of the main purposes of this article is to make it as easy as possible for anyone who comes across malware to submit it to all security vendors in as few steps as possible.
You can submit the password protected zip file by clicking on this link. (Attach zip file after email client opens and then click send)
You can submit the password protected 7z file by clicking on this link. (Attach 7z file after email client opens and then click send)
At this point you've submitted the sample to all vendors below marked with a 
. This does include most of them. Also, if a message failed to be delivered to one or more of the vendors, which does happen sometimes, you can manually submit it to them below if you like. Also, if you wish, you can submit the sample to the rest of the vendors who have submission information. Each of these vendors is marked with a 
. However, this will be much more time consuming as you will have to manually submit the sample to each vendor individually. Note that for online forms, unless instructed otherwise, you should upload the file directly and not in a compressed file.
3. Criteria Used For The List
My only criteria for adding vendors to this list are that they have to have their own website, which must provide contact information. Also, the vendor must have a signature based anti-malware product, not have a bad reputation, and their main site cannot be rated orange or red by Web Of Trust - which is a criterion imposed by techsupportalert and is non-negotiable.
If, in the list, I say that I have confirmed something, that means that I have either been provided that information directly from the vendor or from some other official source with connections to the vendor. I've already run across some occasions where, for example, the website indicates there is not a particular submission option, but their support tells me that there is. Thus, you can rest assured that if I say that something is confirmed to not exist, that information is trustworthy. The only way it can be incorrect is if the vendor now provides a particular submission option which they previously did not.
4. List Of All Vendors
Unless otherwise noted, when submitting a sample via an online form you should upload the file directly and not in a compressed file. Also, unless otherwise noted, submissions by email should be put in a password protected zip file. Just click on the link for the vendor you wish to submit it to and it will automatically fill the necessary details into your default email client. Then all you need to do is attach the zip file and click send. For any cases where the vendors require different steps they are clearly noted.
The symbol denotes vendors who are included in the mailing lists in the previous section. You've already submitted the samples to them.
The symbol denotes vendors who do not have an email address for submission but do have some alternate options for submitting samples.
The symbol 
denotes vendors who use the signatures of other vendors. Thus you don't need to submit samples to them directly.
If a vendor is unmarked this indicates that I currently have no information about how to submit malware to them.
To jump to the relevant section of the list please click on the letter that the vendor you're interested in begins with. The vendors are arranged alphabetically.
A, B, C, D, E, F, G, H, I, K, L, M, N, P, Q, R, S, T, U, V, W, X, Z
Please note that some products are known by multiple names. Thus, if you are having trouble finding a particular vendor, or product, it will likely be very helpful to search for them using ctrl-f.
| Vendor | Submit Malware | Submit False Positives |
|
I have confirmed that there is no email address for submitting malware |
Online False Positive Submission I have confirmed that there is no email address for submitting false positives |
|
|
unofficial Forum |
I have confirmed that there is no email address for submitting malware |
Online False Positive Submission I have confirmed that there is no email address for submitting false positives |
|
|
Registered users can report malware via the options on this page or anyone can Report Malware via Email |
Registered users can report false positives via the options on this page or anyone can Report False Positive via Email |
|
|
I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
or |
I have confirmed that there is no online false positive submission form |
|
|
Submit malware to Emsisoft and Ikarus as Ashampoo uses the same signatures |
Submit false positives to Emsisoft and Ikarus as Ashampoo uses the same signatures |
|
|
Submit malware to BitDefender as Auslogic uses the same signatures |
Submit false positives to BitDefender as Auslogic uses the same signatures |
|
*Avanquest |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
Online Malware Submission (click on "General contact" which is near the bottom. Then from the drop-down subject menu select "Report of undetected malware") or |
Online False Positive Submission (click on "General contact" which is near the bottom. Then from the drop-down subject menu select "Report false virus alert in file") or |
|
|
Submit malware to VirusBuster as Avertive uses the same signatures |
Submit false positives to VirusBuster as Avertive uses the same signatures |
|
|
or |
Online False Positive Submission or |
|
HomePage (Russian) |
Submit malware to Kaspersky as AVZ uses the same signatures |
Submit false positives to Kaspersky as AVZ uses the same signatures |
|
|
or |
Online False Positive Submission or |
|
|
I have found no working email address for submitting malware |
Online False Positive Submission or |
|
|
Registered users can report malware on this page or anyone can Report Malware via Email |
Registered users can report false positives on this page or anyone can Report False Positive via Email |
|
Forum (Vietnamese) |
Online malware submission is available to registered users through this page (translate page from Vietnamese) or anyone can Report Malware via Email |
You can join their forum and post false positive here (forum is in Vietnamese) or |
|
*Blink/eEye |
I have confirmed that there is no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
Blue Atom Antivirus |
I have confirmed that there is no online malware submission form I have confirmed that there is no email address for submitting malware |
I have confirmed that there is no online false positive submission form I have confirmed that there is no email address for submitting false positives |
|
|
I have confirmed that there is no online malware submission form |
I have found no online false positive submission form |
|
HomePage (Indonesian) |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
Submit malware to BitDefender as BullGuard uses the same signatures |
Submit malware to BitDefender as BullGuard uses the same signatures |
|
|
Online Malware Submission (Select 'Freemium Products' and then select "Celframe Free AntiVirus" and submit malware on next page) I have confirmed that there is no email address for submitting malware |
Online False Positive Submission (Select 'Freemium Products' and then select "Celframe Free AntiVirus" and submit false positive on next page) I have confirmed that there is no email address for submitting false positives |
|
|
I have confirmed that there is no online malware submission form Report Malware via Email (attach password protected 7z file) |
I have confirmed that there is no online false positive submission form Report False Positive via Email (attach password protected 7z file) |
|
|
Submit malware to Immunet Protect as ClamAV uses the same signatures |
Submit false positives to Immunet Protect as ClamAV uses the same signatures |
|
|
I have confirmed that there is no online malware submission form |
I have found no online false positive submission form |
|
HomePage (Vietnamese) Forum (Vietnamese) |
or Report Malware via Email (attach password protected 7z file) |
Online False Positive Submission or Report False Positive via Email (attach password protected 7z file) |
|
|
or |
Online False Positive Submission or |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
Submit malware to Symantec as Constant Guard uses the same signatures | Submit false positives to Symantec as Constant Guard uses the same signatures |
|
Crystal Security |
I have confirmed that there is no online malware submission form I have confirmed that there is no email address for submitting malware |
I have confirmed that there is no online false positive submission form I have confirmed that there is no email address for submitting false positives |
|
|
Submit malware to Avira as Cyberoam uses the same signatures |
Submit false positives to Avira as Cyberoam uses the same signatures |
|
|
I have confirmed that there is no online malware submission form |
I have found no online false positive submission form |
|
|
or Report Malware via Email (attach password protected 7z file) |
Online False Positive Submission or Report False Positive via Email (attach password protected 7z file) |
|
|
or |
Online False Positive Submission or |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
or |
You can join their forum and post false positives here or |
|
|
Registered users can log in through this site, request support, and attach the suspicious file or anyone can Report Malware via Email |
Registered users can log in through this site, request support, and attach the false positive or anyone can Report False Positive via Email |
|
|
or |
Online False Positive Submission or |
|
|
Submit malware to Vipre as Faronics uses the same signatures |
I have confirmed that there is no online false positive submission form Report False Positive via Email (attach password protected 7z file) |
|
|
Online Malware Submission (can only upload up to 1 MB) or |
I have confirmed that there is no online false positive submission form |
|
|
Online Malware Submission (near the bottom) or |
Online Malware Submission (near the bottom and make sure to put false positive in the comments) or |
|
|
or |
Online False Positive Submission or |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
or |
Online False Positive Submission or |
|
|
Submit malware to Avast and BitDefender as G Data uses the same signatures |
Report False Positives through this online submission portal |
|
|
or |
You can join their forum and post false positive here or |
| Submit malware to Dr. Web, Emsisoft, G Data, Ikarus, and BitDefender as Hitman Pro uses the same signatures | Submit false positives to Dr. Web, Emsisoft, G Data, Ikarus, or BitDefender as Hitman Pro uses the same signatures | |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
Online Malware Submission (Select "Submit a virus from the drop-down menu) or |
Online False Positive Submission (Select "Submit a false positive" from the drop-down menu) or |
|
|
Submit malware to Commtouch as Iolo uses the same signatures |
Submit false positives to Commtouch as Iolo uses the same signatures |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
or |
Online False Positive Submission or |
|
|
Online Malware Submission (Translate page from Chinese, top option is malware and second is false positives) or You can join their forum and post malware sample here |
Online False Positive Submission (Translate page from Chinese, top option is malware and second is false positives) or You can join their forum and post false positives here |
|
|
I have found no online malware submission form |
I have found no online false positive submission form |
|
|
or |
Online False Positive Submission or |
|
|
Submit malware to Norman as Lumension uses the same signatures |
Submit false positives to Norman as Lumension uses the same signatures |
|
|
You have to join their forum and post malware samples here I have confirmed that there is no email address for submitting malware |
You have to join their forum and post false positives here I have confirmed that there is no email address for submitting false positives |
|
|
Online malware submission is available to registered users through this page for gold support customers or this page for platinum support customers or anyone can Report Malware via Email |
Online false positive submission is available to registered users through this page for gold support customers or this page for platinum support customers or anyone can join their forum and post false positives here or send an email to this email address |
|
|
I have found no online malware submission form |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
or |
Online False Positive Submission or |
|
|
Submit malware to Immunet Protect as Moon Secure uses the same signatures | Submit false positives to Immunet Protect as Moon Secure uses the same signatures |
|
|
Submit malware to Ikarus as MSecure uses the same signatures |
Submit false positives to Ikarus as MSecure uses the same signatures |
|
|
Submit malware to Avira, Emsisoft, Kaspersky, Sophos, and Trend Micro as Multi-AV uses the same signatures | Submit false positives to Avira, Emsisoft, Kaspersky, Sophos, and Trend Micro as Multi-AV uses the same signatures |
|
|
or |
Online False Positive Submission or |
|
*Naver Antivirus HomePage (Korean) |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
or |
I have confirmed that there is no online false positive submission form |
|
|
or |
Report false positives through the program itself or |
|
|
or |
Online False Positive Submission or |
|
|
or |
Online False Positive Submission or |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
Online Malware Submission (You need to translate the page from German) or |
Online False Positive Submission (You need to translate the page from German) or |
|
|
Submit malware to Avira as PC Keeper uses the same signatures |
Submit false positives to Avira as PC Keeper uses the same signatures |
|
|
Submit malware to Symantec as PC Tools uses the same database |
False positives must be submitted through the program itself |
|
|
I have found no online malware submission form Report Malware via Email (attach password protected 7z file) |
I have found no online false positive submission form Report False Positive via Email (attach password protected 7z file) |
|
|
The email address provided on their site doesn't seem to work correctly. |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
HomePage (Portuguese) |
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
HomePage (in Chinese) Forum (in Chinese) |
Online Malware Submission (Option on left is suspicious file and option on right is false positive; provide email below) or |
Online False Positive Submission (Option on left is suspicious file and option on right is false positive; provide email below) or |
|
|
Online Malware Submission (Fill in necessary information and select "Sample File Submission") I have confirmed that there is no email address for submitting malware |
Online False Positive Submission (Fill in necessary information and select "Submit False Positive") I have confirmed that there is no email address for submitting false positives |
|
|
Submit malware to BitDefender as PerfectAntivirus uses the same signatures |
Submit false positives to BitDefender as PerfectAntivirus uses the same signatures |
|
*RemoveIt/incodesolutions |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
I have confirmed that there is no online malware submission form Report Malware via Email (attach password protected 7z file) |
I have confirmed that there is no online false positive submission form Report False Positive via Email (attach password protected 7z file) |
|
|
Online Malware Submission (although the sample has to be in unpassword protected zip file) I have confirmed that there is no email address for submitting malware |
Online False Positive Submission (Go to "Submit a Ticket", select technical, and submit sample on the next page I have confirmed that there is no email address for submitting false positives |
|
|
I have found no working email address for submitting malware |
Online False Positive Submission I have found no working email address for submitting false positives |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
Submit malware to McAfee as Shaw Secure uses the same signatures | Submit false positives to McAfee as Shaw Secure uses the same signatures |
|
|
I have confirmed that there is no online malware submission form |
I have found no online false positive submission form |
|
|
or |
Online False Positive Submission or |
|
|
or |
Online False Positive Submission (Make sure to let them know it's a false positive) or |
|
*SpyCop |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
I have found no online malware submission form |
I have found no online false positive submission form |
|
|
Report malware through tool on this page I have confirmed that there is no email address for submitting malware |
Report false positives through SuperAntiSpyware program interface I have confirmed that there is no email address for submitting false positives |
|
|
or |
Online False Positive Submission I have confirmed that there is no email address for submitting false positives |
|
or |
Online False Positive Submission or |
|
|
HomePage (Spanish) |
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
or |
I have found no online false positive submission form |
|
|
Online Malware Submission (Attach the password protected zip file and tell them the password in the comments section) Report Malware via Email (Note that the password must be virus) |
Online False Positive Submission (Attach the password protected zip file and tell them the password in the comments section) I have confirmed that there is no official email address suitable for submitting false positives |
|
|
I have confirmed that there is no online malware submission form |
I have found no online false positive submission form |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
|
|
Submit malware to AVG, BitDefender, Dr. Web, Vipre, and VirusBlokAda as TrustPort uses the same signatures |
I have confirmed that there is no online false positive submission form |
|
*Turk HomePage (Turkish) |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
I have confirmed that there is no online malware submission form |
I have confirmed that there is no online false positive submission form |
| Submit malware to Immunet Protect as Untangle uses the same signatures | Submit false positives to Immunet Protect as Untangle uses the same signatures | |
|
|
Submit malware to Vipre as UnThreat uses the same signatures |
Submit false positives to Vipre as UnThreat uses the same signatures |
| Submit malware to McAfee as Verizon Internet Security uses the same signatures | Submit malware to McAfee as Verizon Internet Security uses the same signatures | |
|
|
I have confirmed that there is no online malware submission form Report Malware via Email (Does not accept attachments over 1MB in size) |
I have confirmed that there is no online false positive submission form |
|
or |
Online False Positive Submission or |
|
|
|
or |
Online False Positive Submission or |
|
|
Online Malware Submission (Translate page from Russian) or |
I have confirmed that there is no online false positive submission form |
|
|
Online Malware Submission (Translate page from Hungarian, select VirusLab, and submit on next page) or |
Online False Positive Submission (Translate page from Hungarian, select VirusLab, and submit on next page) or |
|
HomePage (Thai) |
Submit malware to Dr. Web as Virus Chaser uses the same signatures |
Submit false positives to Dr. Web as Virus Chaser uses the same signatures |
|
|
Submit malware to VirusBuster as VIRUSfighter uses the same signatures |
Submit false positives to VirusBuster as VIRUSfighter uses the same signatures |
|
*VirusKeeper |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
Online malware submission is available through this page or |
False positive submission is available to through this page or |
|
|
I have confirmed that there is no online malware submission form Report Malware via Email (attach password protected 7z file) |
I have confirmed that there is no online false positive submission form Report False Positive via Email (attach password protected 7z file) |
|
*Xyvos |
I have found no online malware submission form I have found no working email address for submitting malware |
I have found no online false positive submission form I have found no working email address for submitting false positives |
|
|
Submit malware to Emsisoft, G Data, Ikarus, and Dr. Web as Zemana uses the same signatures |
Submit false positives to Emsisoft, G Data, Ikarus, or Dr. Web as Zemana uses the same signatures |
|
|
Submit malware to BitDefender as ZenOK uses the same signatures |
Submit false positives to BitDefender as ZenOK uses the same signatures |
|
HomePage (Ukrainian) |
or |
Online False Positive Submission (Make sure to say that it's a false positive) or |
|
|
Submit malware to Kaspersky as ZoneAlarm uses the same signatures |
Submit false positives to Kaspersky as ZoneAlarm uses the same signatures |
|
Zoner |
I have confirmed that there is no online malware submission form I have confirmed that there is no email address for submitting malware |
I have confirmed that there is no online false positive submission form I have confirmed that there is no email address for submitting false positives |
5. How You Can Help
If you find that there is a vendor which I have left out of the list please leave a comment about this so I can investigate. Also, if you find that any of the information I provide is incorrect please let me know immediately so that I can fix this. This includes circumstances in which I say I have confirmed that an option does not exist (when it now does), information that does not work as promised, vendors that no longer support their product, etc... I will personally look into all information provided before adding it to the article. Starred products are those that I currently realize are in need of information. I could really use your help with those vendors as well.
That said, because of the strict requirements I have imposed for stating that I have confirmed that something does not exist, I will not be able to say that I have confirmed that submission options do not exist just because someone states it in the comments. I hope you understand that I am not insulting anyone but just being very cautious before adding information to the article. However, things like submission links or email addresses I can investigate myself and add. I only need an official response for confirming that something does not currently exist.
I really do need your help to maintain this article as this is way too much information for me to investigate on my own. Keeping this list up to date would require an astronomical amount of work, and I'm already very busy with many other projects. I thank you for whatever time you can contribute to make this best malware submission article on the internet.
Please help by rating this article. Also, if you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.
If you found this article useful then perhaps you'd like to check out some of my others.
How to Clean An Infected Computer
How to Fix a Malware Infected Computer
How to Harden Your Browser Against Malware and Privacy Concerns
How to Install Comodo Firewall
How to Know If Your Computer Is Infected
How to Protect Your Online Privacy
How to Report Dangerous Websites
How to Tell if a File is Malicious
How to Tell If A Website Is Dangerous
This software category is maintained by volunteer editor Chiron. Registered members can contact the editor with any comments or suggestions they might have by clicking here.
- Article type:
- Login or register to post comments
Printer-friendly version
Comments
I have repeatedly tried to use the email address provided for Norman false positive submission (analysis@norman.no) but it always responds "mailbox full" or something...
I have found an online submission form however at:
http://www.norman.com/business/support/support_tools/potential_false_pos...
In reading the Norman site forums, I also found another email listed for false positives (falsepositive@norman.no) and will try that now...
Excellent resource Chiron!
Thank you very much for your efforts and here is my small contribution:
AntiY has provided an email for the submission of false positives on the following webpage: http://www.antiy.net/contacts/. The email is submit@antiy.net and there also seems to be an online submission form.
Keep up the good work!
Thanks again
Hi,
brigade AV sample file form moved here : http://brigade.herobo.com/1_8_Upload-Virus.html
An idea, concerning submitting samples by e-mail:
It could be possible to make a page with e-mail link generator, which would have a list like this:
Checkbox[by default on], Vendor name1(Product name1)
....
Checkbox[by default on], Vendor nameN(Product nameN)
[Generate button]
This would allow to unselect vendors who already detect the threat (using results form online multi-av scanners), and help avoid duplicate submission.
Best Regards!
Thank you. I updated the malware submission link.
As for the idea about creating a more sophisticated method to submit samples by email, I do agree that it would be better if there was a separate page, with more sophisticated options. However, as far as I know, at the moment techsupportalert does not have that capability. However, I'll keep your suggestion in mind, just in case the situation changes.
Until then, it shouldn't be too large an issue for the vendors. I'm certain that almost every one scans incoming submissions to see if they are already detected. Thus, the only 'person' that should be bothered by this is the computer doing the automatic checks.
Thank you.
Thank you for your site, great helpful source !
The link for Norman http://www.norman.com/support/fp/en
brings up an 404
I found these links:
Norman Malware Online-Form:
http://safeground.norman.com/business/support/support_tools/submit_malic...
Norman False-Positive Online-Form:
http://safeground.norman.com/business/support/support_tools/potential_fa...
I'm sorry I did not reply to this sooner. Thank you very much for alerting me to this change of addresses for the forms. I have updated the article.
Thank you very much. I really appreciate your help.
Again thanks Chiron for the vender email list, worked great.
At least I was able to inform the majority of the AV venders.
Of those on the email list most seemed not to have had detection for the file submitted and said they will include it in their next update and some were aware of it. McAfee Labs even sent back an EXTRA.DAT to update their AV software.
I did receive one bounce so far (no, I forgot to log the address before I deleted it...).
In case I forgot to say thanks, thanks for the time you invested to help others "take a bite out of Malware"!
Thank you.
By the way, do note that some vendors will not accept sample submissions which are above a certain size limit. That may have been why it was bounced from one address.
That said, please do let me know if you find that it was bounced because of something else.
Sure will,
As a Scam, Spam and Phishing reporter I am always receiving infected/scripted files as revenge for reporting their email account/site, and numerous attempts are made trying hack my e-mail account (I need to reset my email password every few days from the attempts).
Thanks for the List and your site. Saved me Hours of reporting...
For reporting/reviewing Spam and Scams, I now keep getting infected attachments and got tired of Microsoft Essentials not detecting them and then needing to send them the files to update their signatures. They do update within hours and provide an updated signature download/update.
After see so many antivirus programs I figured I would never reach most or some of them... till... I came here.
Again Thanks for your effort and time in helping others.
Thank you.
By the way, for reporting spam I hope you have already found my article about How to Report Spam. If not, it can be found here:
http://www.techsupportalert.com/content/how-report-spam.htm
As for reporting dangerous sites, if you have not already found my article about How to Report Dangerous Websites, it can be found here:
http://www.techsupportalert.com/content/how-report-dangerous-websites.htm
Please let me know if you have any questions.
Thank You for help. I was spending way too much time submitting samples and did not knew many of Your mentioned products.
BTW, the e-mail address in the .ZIP list malware@EEYE.com has changed or their Mailserver goes NUTS -- says there are no such e-mail.
I am not 100% sure the QuickHeal/CAT receives samples by e-mail. Their prefered method is by the online form.
Thank you very much for pointing these out. I've now updated it with more accurate information.
Please let me know if you run into any other problems and I'd like to once again thank you very much for alerting me to the issues.
Thank You for keeping the site updated.
I would recomend using http://www.quickheal.co.in/submitticket.asp for CAT/QuickHeal as it would save at least two clicks.
Thank you for bringing this to my attention. I have now updated the article with the correct link.
McAfee e-mail for false positive submissions:
mailto:virus_research@mcafee.com?subject=FALSE:%20
(subject must start with the "FALSE" word)
The only problem I have with emailing them false positives is that I have not had good experiences with reporting false positives to McAfee via email.
That said, I have not yet been advised to send false positives to the particular email address you have recommended. Can you please direct me to where you were advised to report false positives in such a way?
Thank you.
I found it here: https://kc.mcafee.com/corporate/index?page=content&id=KB67411
Thank you.
I will add that as an alternate option.
Chiron,
I recently received an add from [removed] I liked their products concept so I looked around their website.
Their product claims to remove viruses and repair virus damage. However, there was no mention on their website OR YOURS of how a user could report malware or false positives.
Since I won't use a virus or malware product that isn't favorably listed on your site, I am anxiously awaiting your review.
Thanks for your service, John
[Web site quoted has a poor WOT (Web Of Trust) rating.
I'm sorry, but any site which has their main site rated red or orange by WOT can not be included in this article.
Please let me know if you have any other questions.
Thanks.
I've updated the article.
Please let me know what you think of the newest version.
for trand micro i found this for virus and false alarm
http://www.trendmicro.co.uk/security-intelligence/current-threat-activity/submit-a-virus/index.html
that work.
thanks for this great list!
Thank you.
I believe there was a reason I removed their email address, but I forget what it was. I've sent an email to their support asking whether it would be okay to include it again. Hopefully it is.
Okay, they have now responded and let me know that the email address on their page is not suitable for submissions such as this. In fact, they do not have an official email address where samples can be submitted.
Thanks for the List, I was looking all over the the "well known" scanners to report to. Glad I found your site.
During the start of my searching, here are some updates for:
Panda Security:
"Please send a password compressed copy of the file to virus@pandasecurity.com".
Trend Micro:
Ref: (http://www.trendmicro.co.uk/security-intelligence/current-threat-activity/submit-a-virus/index.html)
"Dear Submitter, We are sorry to inform you that our submission wizzard is as for now under maintenance and improvement. In the meanwhile you may submit your query to our anti-threats specialists by using the email address below:
Submit a virus here: trendlabs@av-emea.com
Please submit suspicious files to analyze in password protected zip archives (password: virus) attached to the email. Once submitted, you will receive a ticket ID back as acknowledgment within few minutes."
Thank you for your feedback.
I have updated the article. Please let me know if you see anything else which could be improved.
Much thanks for your work! I really appreciate your effort in compiling such an exhaustive list.
Thanks again!
Thank you.
If you find any information, or vendors, you think should be included just let me know and I'll look into it.