malware alert [Resolved]

[Guest]

[cjdbrm468]

I have Comodo pro running on my computer and got the following alert yesterday can you help please.. the alert is ..C:\ProgramFiles\CommonFiles\Motive\InstallHelper.exe,  also marked as unkown Malware(Dirty)(ID..
I pressed remove but it said it could not so it has isolated it.. what can I do Please..any help much appreciated
Cliff

[dw2108]

If you sent the file to quarantine, then only a few registry keys and junk files are left; however, if this is recurrent malware, it can regenerate itself on a reboot. But you need first to make sure that this is not a false positive by submitting it to Avira, Avast, Norton, etc., for evaluation.

If you want to restore it and to remove it, try downloading a-squared free and Ccleaner from majorgeeks.com or snapfiles.com/freeware and run some scans. Winpatrol from www.winpatrol.com and SpyBot are very good in displaying ActiveX and BHO malware installed on your PC, each having options to remove the malware.

First, do some googling to make sure that you are not seeing a false positive and scan with a-squared.

Hope this helps.

Dave

P.S. I've found that WinCleaner AS Free from www.wincleaneras.com and AnVir Task Manager Free work well with CAVS and BOClean, and you may want to try these out when you get this problem cleared up.

[Ragwing]

Greetings!

Upload it to VirusTotal, to verify that it's not a false positive.

Cheers,
Ragwing

[cjdbrm468]

Thanks to all for replies.. I am an OAP and have,t a clue how to do what you suggest, so I used a Unistall program  called your uninstall and it said it had removed it,  if it has not then am I safe leaving it in quarantine or should I take the computer to a specialist to remove it.... thanks
cliff

[panic]

If it's in quarantine, then it is rendered inaccessible and is therefore safe. It can't get out and anything that wants to call it can't reach it.

I would upload it to virustotal. This is relatively easy to do. Firstly, restore the file from quarantine and note the folder that it is restored to. Then, in your browser, go to http://www.virustotal.com. Click the browse button and go to the folder that the file was restoered to and select the file. Click the "Send file" button and it will be uploaded and analysed at virus total, where you can view theresult.

Hope this helps,
Ewen :-)

[cjdbrm468]

Thanks everyone
I have solved the problem, I used a program called YOUR UNINSTALLER  and it worked  I re checked a scan with Comodo and it was there before I used the unistall I scanned again and it had gone, the uninstall showed it cleared things from the registry, so thanks once again
Regards
Cliff

[Ragwing]

No problem. I'll close this topic now. PM an online moderator with a link to this topic if you should need it opened again.

Cheers,
Ragwing

[Tags:]