getting false positive from eset antivirus

Post here messages if you have any problems with working of Enigma Protector
Post Reply
aargh
Posts: 35
Joined: Wed Jan 05, 2011 1:51 pm

getting false positive from eset antivirus

Post by aargh »

Hi

Eset AV detect my program as Win32/Packed.Enigma.AN trojan and delete it.
How to solve this problem ? My commercial clients are little nervous ;-(
Using EP 6.20
edit: EP 6.30 has same symptoms
program without enigma protection does not fire antiviruses.

thank you J.

Same program, using virustotal mass scanner. (virustotal.png)
Attachments
virustotal scan
virustotal scan
virustotal.png (40.34 KiB) Viewed 22488 times
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: getting false positive from eset antivirus

Post by Enigma »

Hi, this is just a false detection, please report them a file and ask to fix this problem.
As said in this post, the file should be sent to them via email: https://support.eset.com/kb141/#SubmitFile
They have to solve the problem quickly.

I also recommend you to submit the file to Symantec to also whitelist it, for symantec please use this form: https://submit.symantec.com/false_positive/

I hope that after first successful submission they won't detect anything anymore in future versions.
aargh
Posts: 35
Joined: Wed Jan 05, 2011 1:51 pm

Re: getting false positive from eset antivirus

Post by aargh »

Hi
Eset support said: Enigma protector is trojan that encrypts the hard drive. Use another program to pack your executable.
WTF This is really BIG problem for me, and my clients. Please help me. Via email if you wish.

Jiri
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: getting false positive from eset antivirus

Post by Enigma »

Hi Jiri, please re-send us this email, we will proceed with legality actions due to such eset behavior and opinion.
katyz
Posts: 1
Joined: Thu Mar 25, 2021 2:13 pm

Re: getting false positive from eset antivirus

Post by katyz »

2021 same problem "A Variant Of Win32/Packed.EnigmaProtecto"
strange that I have tested other protectors and it does not happen
maybe you may need to change something in the system so they don't discover "enigma protector"?
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: getting false positive from eset antivirus

Post by Enigma »

katyz wrote: Fri Mar 26, 2021 3:31 pm 2021 same problem "A Variant Of Win32/Packed.EnigmaProtecto"
strange that I have tested other protectors and it does not happen
maybe you may need to change something in the system so they don't discover "enigma protector"?
No, we can't do anything with that. Most correct way to fix it and avoid this false detection to be happened - submit protected file to antivirus developers, they fix this problem in their software.
pauly89
Posts: 13
Joined: Fri Feb 23, 2018 6:16 pm

Re: getting false positive from eset antivirus

Post by pauly89 »

Not only Eset antivirus is finding Enigma protected exe and dll as virus, other AV like McAfee and Webroot to name a few,
are also finding that these Enigma protected assemblies are virus.

Perhaps, Enigma should write to these AV vendors to inform them not to alert or detect these
Enigma Protected assemblies as malware?

Can Enigma please do this ?
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: getting false positive from eset antivirus

Post by Enigma »

HI Paul, we often contact different antiviruses about such problems, they reply that problem happen with particular files only, and that you have to submit them falsely detected sample in order to fix that.
We do not have solid solution against false positives, except the code signing. If it is possible, digitally sign your protected file with code signing certificate, this usually helps to avoid false positive detections.
Post Reply