False Positive (AMPSS)

When I try to install Softaculous AMPPS ( http://files.ampps.com/Ampps-2.6-setup.exe ), COMODO keeps detecting CloudScanner.Trojan.Gen@2@1 for temp files generated by the installer. The application can’t be installed.

Please upload the detected file…

It’s not that easy because COMODO keeps blocking/deleting the files also when I disable the AV.

I successfully “extracted” it by terminating/killing the COMODO process, but the on-demand scanner doesn’t detect anything, it seems like it’s detected by the real-time cloudscanner only.

This is the temp file: http://camas.comodo.com/cgi-bin/submit?file=5e8343930fc88b971c2cc8445e8202bdac97ec8235eafcac0ccb757fd2fa78c4

Hi ekerazha,

Thank you for reporting this, we’ll check it.

Regards,
Karthik R

Hi ekerazha,

The sample you have mentioned
Ampps-2.6-setup.exe (SHA:acec849ac69f749c421bc4b7f888ac557217d1a3(inside SHA:77c5fb1cbff0be571089c50d4d4017aa3d1341c1))
as false-positive’s is not detected by Comodo Internet Security version <8.0.0.4337> with database version 20297.

Please make sure the Antivirus database is updated and check again. If detection is still present, please submit the file on Comodo forums at
https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detecte-b154.0/

Regards,
Karthik R
Comodo AntiVirus Lab

I think it was clear, COMODO doesn’t detect the Ampps-2.6-setup.exe file, it does detect temporary files generated by the Ampps-2.6-setup.exe installer file.

If you want I can attach a video of the detection.

This is a Cloud Scanner detection.

This is the false positive detected by the real-time Cloud Scanner: http://camas.comodo.com/cgi-bin/submit?file=5e8343930fc88b971c2cc8445e8202bdac97ec8235eafcac0ccb757fd2fa78c4

The on-demand AV scan doesn’t detect it, just the real-time Cloud Scanner detects it.