Virus false positive when using Instant Protection PLUS 3 wrapper

The wrapping engine included in the Instant Protection PLUS 3 wizard has sophisticated encryption and other features to make it difficult for a hacker to figure out how the protection works. This anti-hacking technology sometimes trips up anti-virus tools as a false positive virus.

Here are online virus scanner sites that can quickly scan an uploaded file with multiple anti-virus products:

• https://www.virustotal.com/
• https://metadefender.opswat.com/

Some Anti-Virus (AV) engines use the same scanning engine, so the same false positive may be seen on multiple vendors. Sometimes it is common for lesser-known antivirus tools to report a problem yet never generate any problems with real customers. 

Digitally Signing and False Positive Submission

It is possible to digitally sign your executable when using the Instant Protection PLUS 3 wizard. You need to disable the Check its integrity option, and then digitally sign your wrapped file. 

Antivirus vendors will treat digitally signed executables with less suspicion. Typically, you need to contact the specific anti-virus vendor and use their normal support channel to report the false positive and send the digitally signed protected file. They will typically release a new virus definition update to all of their clients that removes the false positive and hopefully white-list your digital signature. 

A code signing certificate can be obtained from:

• GlobalSign: https://www.globalsign.com/code-signing/
• GoDaddy: https://www.godaddy.com/web-security/code-signing-certificate
• Thawte: https://www.thawte.com/code-signing/

DLL Interface

If you want to avoid the chance of a false positive due to the wrapper, you can use the Instant Protection PLUS 3 DLL interface instead of the wrapper. It provides the exact same licensing functionality but does not include the extra code protection of the wrapper.