Windows Defender false positive trojan reported in protected app?

Post here messages if you have any problems with working of Enigma Protector
Post Reply
bigkahuna
Posts: 6
Joined: Tue Jul 25, 2017 2:00 pm

Windows Defender false positive trojan reported in protected app?

Post by bigkahuna »

I've been using Enigma Protector for over a year to pack and protect applications I've created in Unity 3D. My operating system is Windows 10. Starting last week Windows Defender started flagging one of the E.P. protected applications (.exe and .lnk) as having "Trojan:Wind32/Fuery.Clcl". I allowed Windows Defender to guarantine and then delete the suspected files. Then did a full scan of the computer, all the source files and resulting built application with both Windows Defender and Malwarebytes. No issues were found. Then I packed and protected the application with E.P. and ran the scans again. Malwarebytes didn't find any issues but Windows Defender flagged the .exe as having the same trojan. At this point I'm guessing this is a false positive because Windows Defender didn't like something that E.P. is doing to create the new .exe.

Has anyone else run into this issue? Are there particular settings in E.P. that I should avoid to prevent this from happening?
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: Windows Defender false positive trojan reported in protected app?

Post by Enigma »

Hi, this behavior is just a false positive detection of Windows Defender, it finds a virus in protected file by mistake.
To fix the problem, simply send the protected file to Windows Defender developers using this form: https://www.microsoft.com/en-us/wdsi/filesubmission
Specify there that the file is falsely known as a virus and that it is protected with licensed version of Enigma Protector.

In a long term, I suggest to digitally sign the protected file with code signing certificate, like this https://ksoftware.net/code-signing-certificates/
Post Reply