Where to report/submit false positives of antivirus software

As a software developer, do you know which feature of your software your users appreciate the most?

We developed SofMeter, the free in-app analytics tool, to answer questions like that.

With SoftMeter you will see how the users are using your software, discover which features are used the most or least, and understand where you should focus your development efforts to maximize your sales.

As a desktop software developer, you might find that one of the many antivirus software flags your perfectly clean software as suspicious.

This can happen for a variety of reasons, including:

  • Your software is not code-signed.
  • Your software is not very popular so the antivirus engines do not have enough knowledge about it.
  • New scan engines that scan the files using artificial intelligence (AI) find resemblance of your software with known computer threats.
  • Your software is a small command-line utility, developed in low-level languages, e.g. C/C++.

Usually, you get an email from a user saying that their AV software caught your program as suspicious and blocked it or discourages the user from running it.

Should this happen,

  1. Scan your computer and the file with as many antivirus engines as you can, including the one mentioned by your user.
  2. If indeed the file is clean, submit your false-positive* sample to the antivirus software that reported it as a virus.

*False positive: a test result which wrongly (falsely) indicates (positive) that a particular condition (virus body) was detected.

Below we started a list of the URLs where you can submit your software for further analysis. After the analysis is complete the antivirus software makers update their engines.

Antivirus software For deskstop software developers: Submit false positive For end-users and developers: Free antivirus scanner
360 Total Security

If you think the file intercepted by 360 Total Security is not a Trojan horse or virus files, please send it to us for analysis

Submit via a form.


Report a suspected false positive.

AhnLab logo

Report a suspected false positive. (Requires login)

Avast antivirus
Avast  logo

Report a suspected false positive.

AVG antivirus
AVG logo

Report a suspected false positive.

Avira antivirus
Avira logo

Submit suspicious files and URLs, false positives.

BitDefender logo

Submit a sample file or URL.

Download a free antivirus edition (for Windows or MacOS) to scan the files locally.
Check Point
Checkpoint logo

Sometimes the Check Point Spyware Scanner inappropriately detects an application as Spyware. If you have come across what seems to be identified as malicious Spyware, but in fact it is not, you can report such detection to the Check Point Security Team. Report a false positive (by email).


Use the following form to report your false positive.
After reviewing your report, the Detection Content Team will review your submission and update the database. Report a false positive.

Eset antivirus

You have a suspicious file, suspicious website, potential false positive or potential miscategorization by Parental Control (or Web control)that you would like to submit to ESET for analysis.

Submit a virus, website or potential false positive sample to the ESET lab.

F-secure antivirus
f-secure logo

Think a file is harmful? Or that a file or website was incorrectly detected or rated? Submit it for analysis.

Submit via form or via FTP.

Malwarebytes antivirus

Is Malwarebytes incorrectly flagging a program or website? Report it in the Malwarebytes forum.

mcafee logo

Submit potential false positives from the product or through Global Threat Intelligence to McAfee Labs. Report it here.

Microsoft defender
Microsoft logo

Report your false-positive to Microsoft.

Microsoft safety scanner.
norton logo

Submit false positive.

Free offline scanner, Norton Power Eraser.

Virus total has also launched a special tool for developers and antivirus vendors, the VirusTotal Monitor. VirusTotal Monitor is a service to mitigate false positives.
You need to create an account on VirusTotal and then request a free period for the VirusTotal Monitor. Pricing for this service is not disclosed.

You can upload your software to VirusTotal to be scanned by 70+ antivirus engines. If one or more of the engines detect your software as a false-positive threat, you can find here the details of each engine and contact them with your false-positive sample. List of virus scan engines.

Report false positive files if you think that a detection made by one of the cloud engines of the Universal AV scanner is not actually a virus or malware. Report False Positive.


Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

plain text with line breaks

  • Allowed HTML tags: <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <p> <br>
  • No HTML tags allowed.
  • Lines and paragraphs break automatically.