Hi,
Please take a look at the following VirusTotal report: https://www.virustotal.com/#/file/d6a0a ... /detection
The file being analyzed was created just for testing purposes with Visual Studio (new empty wpf window project, without a single line of the code). After protection with EnigmaProtector (licensed version 6.30, default protection settings) I get the list of 14 (!!!) antiviruses which mark this file as a virus/trojan. Of course all of those are false positive detections. But how can I explain this to the clients who are using my app (real, not this one created for testing) ?
Please, don't suggest me to contact all of those antiviruses developers, because list of "bad" antiviruses is changing occasionally. This situation makes EnigmaProtector totally unsuitable for using.
False positive, one more time
Re: False positive, one more time
Hi, I understand your disappointment and the results are really not good.
But such problem happens not with all files, usually there are only 3-5 false detections on virustotal.
From other side, you understand that this is a false detection that comes from different antivirus vendors, how do you think it would be possible for us to fix this problem by one time, immediately and forever? If there will be something that depends on our program - we could do that, but how can we affect 3rd companies? Maybe you have some thoughts on this and could advise a workaround?
For now, working workarounds are following:
1. Free solution - submit the protected sample to these antiviruses, which will whitelist it quickly. This way also helps to avoid similar problems in future, since each protected file contain your signature that begins to be known by antiviruses when you submit them a sample. If you do not want to do that, send us the protected program at support@enigmaprotector.com and we will notifiy antiviruses ourselves.
2. Use code signing to digitally sign the protected file. This way hels in most cases.
3. As antiviruses say (not our opinion, but their!) - do nothing. When you publish your program on the site, crawlers will take it and whitelist automatically (in case your website is public and enough popular).
But such problem happens not with all files, usually there are only 3-5 false detections on virustotal.
From other side, you understand that this is a false detection that comes from different antivirus vendors, how do you think it would be possible for us to fix this problem by one time, immediately and forever? If there will be something that depends on our program - we could do that, but how can we affect 3rd companies? Maybe you have some thoughts on this and could advise a workaround?
For now, working workarounds are following:
1. Free solution - submit the protected sample to these antiviruses, which will whitelist it quickly. This way also helps to avoid similar problems in future, since each protected file contain your signature that begins to be known by antiviruses when you submit them a sample. If you do not want to do that, send us the protected program at support@enigmaprotector.com and we will notifiy antiviruses ourselves.
2. Use code signing to digitally sign the protected file. This way hels in most cases.
3. As antiviruses say (not our opinion, but their!) - do nothing. When you publish your program on the site, crawlers will take it and whitelist automatically (in case your website is public and enough popular).
Re: False positive, one more time
I can only +1 for getting the certificate (which helps a lot), which you will have to have anyway, if you're planning to publish your app.