A full scan three days ago came up clean. Today Avast! reported a virus in:

IBMTOOLS\APPS\RRPC\RRPCGUI\U.EXE (and also in a System Restore file).

I put it in a safe folder and uploaded to Virustotal. At first Virustotal said the file had already been analyzed back in June and was clean. I clicked on re-analyze. There were only 3 detections: Avast!, GData, and McAfee-GW-Edition. The page is .

I right-clicked it in the Chest to send a copy to Alwil, but I’m pretty sure this is clean.

If only GData and avast detect it - GData uses avast as one of its two scanners so counts as 1 detection, the other is a heuristic detection (also prone to misdetection) and almost certainly an FP.

• In the meantime, add it to the exclusions lists:
  Standard Shield, Customize, Advanced, Add and
  Program Settings, Exclusions (right click the avast ’ a ’ icon)
  Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.

However, if it isn’t a file that you need to use you could leave it in the chest and periodically scan the file from inside Chest, after VPS updates, when it is no longer detected you can restore the file to their original location.

Unless this file is called by something else, it should be okay in the Chest. I’m using an IBM branded ThinkCentre (from before Lenovo took over the line) and I don’t think I’ve ever used any of the IBM support services – I think they were mostly geared to businesses, anyway.

I’ll check it periodically.

Thanks!

You’re welcome.