No way to report false positives for various Microsoft Products (Smartscreen, Defender...). Damages may be sought.

Thanks for your reply

Yet it is not accurate.

Check that file:

<removed link>

The source of this Delphi file is:

program TestCmd;

{$APPTYPE CONSOLE}

{$R *.res}

uses

  System.SysUtils;

begin

  try

    writeln('This is a simple console program made with delphi XE8');

  except

    on E: Exception do

      Writeln(E.ClassName, ': ', E.Message);

  end;

end.

If is ALSO flagged as "uncommonly downloaded" and ALSO prevented from being run by SmartScreen.

So this is NOT a problem of a program behaviour (or not only).

Further more; the page here https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx says "

If I am a website owner, how do I correct a warning on my legitimate site?

A.

You can immediately submit a request for a correction. Windows Defender SmartScreen has a built-in, web-based feedback system in place to help customers and website owners report any potential false warnings as quickly as possible. In Windows Internet Explorer, from a red warning, click More information then Report that this site contains no threats. This will take you to a feedback page where you can indicate you are a site owner or representative. Follow the instructions and provide the information on this site to submit a site for review. 

To report feedback from the Internet Explorer Download Manager, Right-click on the blocked download and choose Report that this file is safe. This will take you to the feedback page. 

Once a dispute is submitted, a team of graders inspects the site in question. All disputes should be submitted through the website reporting process to ensure the quickest resolution."

However, none of the options that are listed here (and on other pages as well, that say the same things) are actually available, neither in IE, neither in Edge. In other words, there is NO WAY to submit a query or a dispute regarding a false positive or to gain some reputation points when your in my position. What is the purpose of my program has nothing to do with my question, I was just asking HOW one can request a review or a dispute. I appreciate your concerns but they are not relevant to my question...

Now, the "report false Malware positive" form seems not to be useful for SmartScreen, so my question remains unanswered!

As for the "Damages may be sought" in the title of my post, would you deny that it may have gotten some attention to said post that would otherwise have been, maybe, overseen?

Anyway, thanks for your replies, but they are not answers...

It may not be called Defender Smart Screen but "Whatever" SmartScreen prevents the downloading of any file that is "not commonly downloaded" and not digitally signed.

We get such warnings and annoyances on Windows 7 x64, x86 and Windows 10 too, when using IExplore or when SmartScreen Defender is enabled.

So nobody knows of a way to drag MS attention to "whitelist" a file or, at least, to review it and to allow it not to be spotted as "not commonly downloaded"? For "home developers" or "VSB" (Very small businesses) that provide free tools that do not make any real earnings, affording an Authenticode certificates that gives a boost in SmartScreen reputation is not viable.

Google has its reporting form in the "Google Search Console". It was fast and easy to ask them to review the site and files, and now, chrome does not complain anymore.

Most major anti viruses have online forms allowing to submit false positives.

Please, if you do not have any constructive answer (that means one that would contain a way or a link to report some false positives or to ask Microsoft for a site/file review), don't waste your time answering this question...

WYSIWYG

PS: Windows Defender SmartScreen [sic] is a feature of Windows 10 Version 1703 which is not subject to the "WannaCry" ransomware vulnerability.

If your lawyers really thought you had a case they sure wouldn't have advised you posting to a peer-to-peer forum where real Microsoft employees rarely, if ever, come here.

I wish you the best, but to be truthful, I figure you are just trolling to get some attention for you supposed product.

Note before I state this that I'm just a volunteer consumer helper in these forums, so nothing I say is official from Microsoft itself and also won't be removed unless I do something against the Community's Code of Conduct.

There isn't a true whitelist as you'd recognize these from the past, since if there were it would require maintenance for probably millions of individual applications if not billions.  Instead Microsoft has been recommending and more recently requiring that software developers acquire and digitally sign their code with a certificate provided by one of the Certificate Authorities sanctioned by Microsoft as an Authenticode certificate program participant.

This not only allows the vendor owning the certificate to be identified, but also the code itself to be verified for its integrity to confirm it hasn't been changed since originally signed, by the developer.

I'll also note that since you don't allow selecting the download button without entering an email address, I'd personally never even consider acquiring your file, since I won't hand my email address to anyone I don't know for any reason.

On top of that, there's really no reason for me to use your patching program, since I can easily get the required file free from Microsoft's own servers directly.  As it would be very easy for you to simply provide a link to any of the appropriate Microsoft pages supporting access to these files, there's absolutely no reason for anyone to provide any personal information whatsoever in order to gain access to these.

So personally I don't believe you have a leg to stand on and in fact, the very idea that you are requiring an email address be provided seems suspect and disingenuous.

In other words, your application is not really needed so I see no reason for Microsoft to even allow it, let alone make any effort to allow it to bypass the appropriate security controls they've put in place to protect their customers from potentially malicious software, which no one has vetted as to its safety and security.

Rob