Author Topic: win32 evo-gen  (Read 11386 times)

Offline richard4717

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
win32 evo-gen
« on: February 15, 2013, 09:34:05 AM »
I keep getting win32 evo-gen reported on when I download and run this file:

MeadeLX200GPS(5.0.0)Setup.exe which is a driver for a meade telescope from the ASCOM site:http://www.ascom-standards.org/Downloads/ScopeDrivers.htm

I don't believe this to actually be infected.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21731
  • Gender: Male
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #1 on: February 15, 2013, 09:37:31 AM »
upload suspisious file(s) to www.virustotal.com and test with 40+ malware scanners
post link to scan result here for us to see
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline richard4717

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #2 on: February 15, 2013, 09:43:45 AM »
None found.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21731
  • Gender: Male
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #3 on: February 15, 2013, 09:45:06 AM »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline richard4717

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #4 on: February 15, 2013, 09:47:24 AM »
None found.

0/46 detection ratio on virustotal.com

None found I assume that means.

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21731
  • Gender: Male
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #5 on: February 15, 2013, 09:49:43 AM »
OK

you can report False Positive here  http://www.avast.com/contact-form.php   change subject to suite your case
you may want to add a link to this topic in case they reply
« Last Edit: February 15, 2013, 09:53:37 AM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline spywar

  • Malware Hunter
  • Poster
  • *
  • Posts: 411
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #6 on: February 15, 2013, 04:38:49 PM »
Just downloaded "MeadeLX200GPS(5.0.0)Setup" detected as Evo-Gen [Susp] once executed.
Submitted to lab.

Offline spywar

  • Malware Hunter
  • Poster
  • *
  • Posts: 411
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #7 on: February 15, 2013, 07:03:32 PM »
Hello,
thank you for sending sample. False positive will be fixed in next VPS update.
Sorry for any inconvenience.

Best regards,
Milos Hrdy
Virus analyst
 ;)

Offline carpenihil

  • Newbie
  • *
  • Posts: 2
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #8 on: March 09, 2013, 07:25:25 PM »
I seem to have the same problem with a false alarm regarding an executable game file namely PES 5 ( a soccer game which I have been playing for 5 years) and today avast blocked this when I attempted to enter the game, you have more details in the pic below. I mention that I attempted both solutions proposed in the popup but with no effect. I also performed a test on virustotal.com and there were no detections.

https://www.virustotal.com/en/file/12d992482e8938d181cc5007de950fa2c9f748124fbde105ff70a396b6fe2d62/analysis/

Please tell me what can I do now, I am addict to this game. ;((

http://postimage.org/image/5zniu17dt/
« Last Edit: March 09, 2013, 07:27:15 PM by carpenihil »

Offline Gamer1234

  • Newbie
  • *
  • Posts: 1
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #9 on: March 19, 2013, 07:13:10 PM »
Hi I am having this issue as well. The program in question is called ADPCM Player v1.44h by FastElbJa and I have used this program for many years. It is used to manage and convert audio and music from video games. Now today I went to use it and Avast flagged it as a win32:evo-gen suspicious file and moved it to the chest.

Here is a scan from virustotal for ADPCM Player: https://www.virustotal.com/en/file/ac605500220d5e58a3ab5843990e168fe8d88e21486c6873550504de1d323aa9/analysis/1363720771/

It only has 1 out of 45

Why is this great program suddenly a virus? Please help. I sent this file to the Avast virus lab as a false positive. I have also done what the person above me did but to no avail. I did change some settings in Avast but it still said it was infected.

Here's a picture of what comes up when I run it:
http://postimage.org/image/3rz9a2v5j/
Sorry about the quality but the error wasn't showing up in my screen capture program so I had to use my camera.

I'm running XP with Avast Free edition version 8.0.1485 with Virus definitions 130319-0 , release date 3/19/2013 4:51:52

Thanks.

« Last Edit: March 19, 2013, 07:38:46 PM by Gamer1234 »

Offline Milos

  • avast! team
  • Advanced Poster
  • *
  • Posts: 1081
  • Gender: Male
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #10 on: March 20, 2013, 07:07:01 AM »
It should be fixed in next stream update.

Milos

Offline carpenihil

  • Newbie
  • *
  • Posts: 2
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #11 on: March 20, 2013, 05:13:24 PM »
Meanwhile my problem was solved (I don't know how) but now I can open that game without any troubles.

Offline Leure007

  • Newbie
  • *
  • Posts: 1
    • Personal Message (Offline)
Re: win32 evo-gen
« Reply #12 on: May 01, 2013, 09:16:07 AM »
I also got today the same message for a program I have been using for several years (hquote.exe which is a download program of stock quotes from finance.yahoo). I did the scan and got the following result:
https://www.virustotal.com/en/file/23b2867ffef283f81ad8c21f0c93ec53213e492948984befe547c8eb499bfd35/analysis/

Out of 41 scans, only CAT-QuickHeal is reporting "   (Suspicious) - DNAScan    20090825 "

Avast is automatically putting the program file in quarantaine even though I excluded the file from the list of files to be scanned.

Can you please help?

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now