Comodo antivirus came up with an infection on explorer.exe
It’s said it’s infected with Heur.Gen.Lama@117020836
I tried to let Comodo solve this but it wasn’t able to do that.
Any ideas on how to remove this thread or what it does?
Cracked Windows OS have the potential to contain malware and if the antivirus can’t quarantine it then I don’t know. Tell me do you have a cracked windows OS?
Can you tell me more about the os, like how did you got it.
Even if you can delete this infection be aware that you may not see start menu anymore
I have the same problem with the exact same error code Heur.Gen.Lama[at]117020836. I have legitimate version of windows 7, it came with the PC. So basically suddenly comodo started reporting that it hasnt whitelisted actions done by windows and reports explorer.exe as infected. I haven’t visited any suspicious sites or downloaded anything when this happened. Any help?
If your windows copy came with the laptop then click on ignore. I recommend you to download malwarebytes, update it and fist a quick scann and then a full system scan. (the link below is the download link)
And it’s gone…
Really weird, I didn’t do a thing but tell Comodo to remove the thread and it gave me the report that it wasn’t, now if I scan the same file or the folder it’s in it doesn’t come up with any malware…
Maybe Comodo removed it after all?
Found it,
It should be in the exclusionstab in scanner settings and it’s not…
Is there a way to be sure that the file is clean?
I’ve sent the file to Comodo for analysis
I will put this topic in the malware research so that they can check it and give you advice. explore.exe is apart of the OS and if you delete it then will have problem unless you know how to do things through dos (cmd)
File is being detected due to heuristic rules. This means that respective sample is not in our white list, therefore was modified/altered. Please submit the detected file as false-positive at Comodo Antivirus Database | Submit Files for Malware Analysis and we’ll verify it.
After I submitted the file it was gone for some reason, I’ve scanned my computer and it didn’t come up with any problem anymore…
So the file is gone (it has never been in use I believe, it was not the explorer.exe in the windows folder, I have no clue on what it did or why the whole sysWOW folder excists).
Does Commodo do this if you send a file?
It keeps getting weirder and weirder…
Maybe a fresh install of windows is a good idea at this point