On how to submit for checking a possible False Positive file that Microsoft Security Essentials thinks is Ransom ware.

Today, 2017-01-20, on my Win7 x64 PC, Microsoft Security Essentials thinks that Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll is Ransom:Win32\Nemreq.A and says I should clean the PC. I quarantined it, and when downloading new updates from Emsisoft the Microsoft Security Essentials will detect the new file from Emsisoft and declare it also is the same bad thing. I really suspect it is a false positive. How do I submit the file to Microsoft (or elsewhere) for a reliable check?
 

Question Info


Last updated May 15, 2018 Views 275 Applies to:
Answer
Answer

Submit A Virus Sample To Microsoft

<<https://www.microsoft.com/en-us/security/portal/submission/submit.aspx>>

And/or

and submit the file at one or more of the following sites:

http://www.virustotal.com

http://virusscan.jotti.org

Each has a bяowse window in the upper right to do the submission, and will check out your file with 10 or so antivirus vendors with one submission.

A clean reading at these sites is not proof that a file is safe, but I'd say in this case that it is likely to be a good indicator that, in fact, the file is safe, and you are seeing a false positive.

`~`

SuperAntiSpyware (SAS) just released a utility called “SUPERSampleSubmit” to make it easier for users to submit samples for review and analysis.

The link to the utility is :
http://www.superantispyware.com/downloads/SUPERSampleSubmit.exe

Please ONLY submit files you believe are “harmful” and they will be analyzed by our labs on a priority basis.

`~`

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Answer
Answer
Statement from GT500, Authorized Emsisoft Representative (Security Colleague) at the Emsisoft forums.
Quote
Just to give an official response, our management team was aware of the issue on Friday morning. I haven't specifically been told if Microsoft has fixed the issue yet, however from the posts at Microsoft Answers (thank you @quietman7 for the links) it sounds like Microsoft has more than likely fixed it. If you're still having trouble, try updating the database in MSE or Windows Defender manually, and if that doesn't help then please post a screenshot showing the detection, and if possible a log as well. Note that since it is the weekend, you will more than likely receive faster help by e-mailing *** Email address is removed for privacy *** than you will on the forums.
Windows Insider MVP 2017-2019
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015
Unified Network of Instructors and Trusted Eliminators

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.