This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to report a virus-scan false-positive?

  • 2
  • 1 nwere nsogbu anwere nsogbu a
  • 6 views
  • Nzaghachi ikpeazụ nke cor-el

more options

Half a year ago, I've tried to download a specific ".exe" file (from here: http://www.emptyloop.com/unlocker/). It was indicated as a potential threat. Of course, I've found a workaround, and thought that this is some kind of a temporary issue.

Today, the same file is still blocked: firefox says "Blocked: May contain a virus or spyware ...", chrome also says "This file is malicious". I still believe that this is a false-positive. VirusTotal shows 2/55 ( https://www.virustotal.com/en/file/b3284358029388637e642077f99e81e81144d8dab2f2623e263dbb5b625be746/analysis/ ).

I've looked through

And I feel like I understood the basics. The question is - are there any ways to report this false positive, so that it would be fixed? Either firefox-specific, or GoogleSafeBrowsing-wide? Any positive experience, "success-stories"? Currently, I've found the following ideas:

  • Report via Google webmaster tools - probably won't work, since it's not my site.
  • Try to contact those 2 of 55 AntiVirus companies, and ask them to fix those signatures - maybe after that it would get removed automatically?
Half a year ago, I've tried to download a specific ".exe" file (from here: http://www.emptyloop.com/unlocker/). It was indicated as a potential threat. Of course, I've found a workaround, and thought that this is some kind of a temporary issue. Today, the same file is still blocked: firefox says "Blocked: May contain a virus or spyware ...", chrome also says "This file is malicious". I still believe that this is a false-positive. VirusTotal shows 2/55 ( https://www.virustotal.com/en/file/b3284358029388637e642077f99e81e81144d8dab2f2623e263dbb5b625be746/analysis/ ). I've looked through * "False positive on docx from facebook" ( https://support.mozilla.org/en-US/questions/1048742 ), * "How does built-in Phishing and Malware Protection work?" ( https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work ) * "How to prevent Firefox from blocking my software download if Google Safe Browsing simply doesn't respond to false positive reports in Web Master Tools?" ( https://support.mozilla.org/en-US/questions/1054121 ) And I feel like I understood the basics. The question is - are there any ways to report this false positive, so that it would be fixed? Either firefox-specific, or GoogleSafeBrowsing-wide? Any positive experience, "success-stories"? Currently, I've found the following ideas: * Report via Google webmaster tools - probably won't work, since it's not my site. * Try to contact those 2 of 55 AntiVirus companies, and ask them to fix those signatures - maybe after that it would get removed automatically?

All Replies (2)

more options

Google has an option for web site owners:

I have not found another place either.

more options

Blocking a download via this service is not about a problem with a specific file, but generally about the origin (domain) where this file is hosted. If there has ever been malware hosted on the specific URL and Google has detected it then this URL will be black listed and all files will be affected. It is all files safe or no files safe (i.e. all are dangerous).