UPHClean false positive?

Since virus pattern update 08/10/13, I have been getting pop-up alerts showing UPHClean.exe as the object with various processes - services.exe, MSConfig, & Explore. The infection listed is Win32: Evo-gen (Susp). A file scan of UPHClean.exe shows no threat. The UPHClean service will not start and access to the file is denied. New virus pattern update had same results.

Since I’ve used UPHClean for years, I assume it’s a false positive. Anyone else have this problem? Is there a way to work around it?

I’m running WinXP SP2.

You can report a False Positive here: http://www.avast.com/contact-form.php

You may add a link o this topic in case they reply.

And i would strongly recommend you to update to Service Pack 3 for Windows XP.
Or better you should upgrade to Windows 7 or newer when possible.

have you tested the file at www.virustotal.com if scanned before click New scan

post link to scan result here…

A scan with Avast shows no threat, so it seems a waste of time to try VirusTotal. It’s apparently not the file itself, but something about the way it interacts with other processes.

waste of time to see if others detect it ::slight_smile: … it only take a minute to do, and will help to confirm if it is clean or infected

OK. I tried VirusTotal. Couldn’t get it to work with FireFox??? Used MSIE and it showed all OK, as expected. Sorry, I don’t know how to post a link. You can check the database I guess.

Just copy the link in the adress bar to your post, it loks LIKE THIS:

https://www.virustotal.com/de/file/8245c3b228da33ff60afc9c94e2daa1b7c080da73c8484c6805ae05c8148f2b7/analysis/

You can check the database I guess.
yes i can if you post the SAH256 number on top of the scan result or MD5 number if you click the more details button.....

or just do as Steven suggested :wink: like this http://www.youtube.com/watch?v=vCYP0mPeDoU

What you like, but the adress from the bar is easier. :smiley:

yepp…so i gave him a how to do it video :wink:

Maybe I’ll remember that if I need it again. Apparently the false positive isn’t bothering anyone else, so I’ve added an exclusion in the file system shield and can move on.

Thanks