Malware in Unity Webplayer Uninstall.exe

Hello,

When I tried to uninstall Unity Webplayer, avast detected a lot Malware and moved them to the save and the uninstall program stopped. I’m not sure what to do, I want to uninstall the program but I’m afraid my pc will get infected with malware. I’m also not sure if I should keep the malware in the safe, but I’m afraid I’ll damage the uninstall program if I delete those. Then I won’t know how to remove the uninstall program and I really want to get rid of a program that has malware. (I’m not that much of a computer expert. :-\ )

Could someone please help me with this?

thanks in advance

What was the malware name given by avast ?

I suspect that it may well be one of reputation and what uninstallers do, but that needs to be confirmed before we can say one way or another.

Do you have another security based program installed (like MalwareBytes AntiMalware Pro) ?

Avast called the malware that was found when I tried to uninstall the webplayer Win32:Malware-gen and it called the uninstall.exe itself FileRepMalware and Win32:Malware-gen. I also used Malware Bytes Anti Malware to scan my PC but it didn’t detect anything.

The Malware-gen is a generic signature seeking to catch multiple malware items with one signature - this can result in possible false positives - but you need to check this for certain.

Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here, post the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to Open the chest and right click on the file and select ‘Extract’ it to a temporary (not original) location first, see below.

Create a folder called Suspect in the [b]C:[/b] drive. Now exclude that folder in the avastUI > Settings > General - scroll down to > Exclusions - File Paths tab, type (or copy and paste) C:\Suspect*
That will stop the File System Shield scanning any file you put in that folder.

####
If only avast detect it is possibly an FP.
Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update. A link to this topic wouldn’t hurt.

@@@@

  • In the meantime (if you accept the risk), add the full path to the file to the exclusions list (see Note below):
    avastUI > Settings > General - scroll down to > Exclusions - File Paths tab

Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the File System Shield and avastUI > Settings > General > Exclusions > File paths tab.

Note: When using the Browse button it only goes down to folder level accept that. Now open the entry in the exclusions and change the * to \file_name.exe where file_name.exe is the file you want to exclude.