Installers for several legitimate programs are blocked as malware with the same detection (“Cloud.Trojan.Gen@2@1”), even with AV disabled
Can you reproduce the problem & if so how reliably?:
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Run installer EXE for FP program
2: “Malware blocked” alert will come up, referencing a .tmp file created in C:\Users\username\AppData\Local\Temp.…
One or two sentences explaining what actually happened:
A false malware detection blocked installation of the program, even with AV disabled.
One or two sentences explaining what you expected to happen:
That it wouldn’t have a false positive and wouldn’t block installation of legitimate software.
If a software compatibility problem have you tried the advice to make programs work with CIS?:
They don’t apply, as it is a Malware alert and not auto-sandbox. The installers open and are not sandboxed, but then crash soon after as their temp file was erased.
Any software except CIS/OS involved? If so - name, & exact version:
None relevant (I think).
Any other information, eg your guess at the cause, how you tried to fix it etc:
Possibly just the way these programs create temp files as part of their installation. I tried disabling AV, no lock, disabling auto-sandbox, no luck, disabling everything, still no luck. I had to temporarily uninstall CIS to install my program (which I paid good money for).
B. YOUR SETUP
Exact CIS version & configuration:
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
D+ disabled, autosandbox enabled, firewall enabled (safe mode), AV heuristics scanning at low (doesn’t work with it off either).
Have you made any other changes to the default config? (egs here.):
None, fresh install.
Have you updated (without uninstall) from CIS 5 or CIS6?:
if so, have you tried a a a clean reinstall - if not please do?:
Have you imported a config from a previous version of CIS:
if so, have you tried a standard config - if not please do:
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
MS Windows 8.1 x64, UAC enabled, admin account
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=Malwarebytes Anti-Malware Free (so no active scanning, on-demand only). I installed this after I noticed the first FP.
b=None, home-built machine
NOTE: The two program installers I have that I know exhibit this issue are both too big to submit as FPs. One is PacketSender (Google is your fried) and the other is Wolfram Mathematica 10.0.2. I paid good money for the latter, so I was willing to go to great lengths (uninstalling CIS) to get that working.
[attachment deleted by admin]