False positive on compiled report file

[mrapi]

Hi!
today avast detected one compiled report file as Win32.evo-Gen



Very strange, in virustotal list doesn't appear as detected: 
https://www.virustotal.com/en/file/30ce9d5c78a9e6fd16d6c2d2ba91ee084432837446aa4d3548707dc248640898/analysis/1366434116/
also file sent by AV interface.
Thanks

[Staticguy]

It's good that you sent that file via Avast file submission. It will take them a while or so to review the file you submitted and update it's vps.

[mrapi]

seems solved,thanks!

[mrapi]

Hi,after update from today,problem is back for another compiled report file:



https://www.virustotal.com/en/file/b96971db5ae22aa64033fc0a470bacaa714f9c4b23f2caf69af426952f319a20/analysis/1370322858/

I also sent file from Avast interface
Thanks!

[mrapi]

please fix that!

[Michael (alan1998)]

The first report looks to be 7-zip. Basically compresses files to a smaller size. The Second not sure. It's probably not so nice. I'd say you possibly have a virus that infecting all .exe files. If that's the case you might want to scan with MBAM (MalwareBytes Anti-Malware).

[Pondus]

I'd say you possibly have a virus that infecting all .exe files.

malwarebytes does not detect infected files from fileinfectors.....it will only detect the executable

if there is a fileinfector, avast usually goes bananas and should give lots of alarms....

[Michael (alan1998)]

Didn't know that. Ignore me.

[mrapi]

Screenshots are made while I unpack the file because I put it into a zip file not to be detected/deleted
What is strange with this file is that if I scan it there is nothing found,but if I try to copy/move it,then is detected.

Rechecked with virustotal,nothing found : https://www.virustotal.com/en/file/b96971db5ae22aa64033fc0a470bacaa714f9c4b23f2caf69af426952f319a20/analysis/1370584897/

I put also file there :   hXXp://www.mediafire.com/download/5j2chzxxb4vten4/EXTRAS.zip

(change link from   hXXp... to  http... )

The first report looks to be 7-zip. Basically compresses files to a smaller size. The Second not sure. It's probably not so nice. I'd say you possibly have a virus that infecting all .exe files. If that's the case you might want to scan with MBAM (MalwareBytes Anti-Malware).

[jefferson sant]

Screenshots are made while I unpack the file because I put it into a zip file not to be detected/deleted
What is strange with this file is that if I scan it there is nothing found,but if I try to copy/move it,then is detected.

Rechecked with virustotal,nothing found : https://www.virustotal.com/en/file/b96971db5ae22aa64033fc0a470bacaa714f9c4b23f2caf69af426952f319a20/analysis/1370584897/

I put also file there :   hXXp://www.mediafire.com/download/5j2chzxxb4vten4/EXTRAS.zip

(change link from   hXXp... to  http... )

The first report looks to be 7-zip. Basically compresses files to a smaller size. The Second not sure. It's probably not so nice. I'd say you possibly have a virus that infecting all .exe files. If that's the case you might want to scan with MBAM (MalwareBytes Anti-Malware).

please
you can use "http://www.avast.com/contact-form.php" for reporting  FPs.

[true indian]

Evo-gen is only real time detection technology...not on-demand

[jefferson sant]

please fix that!

detection is correct
[/quote]

Evo-gen is only real time detection technology...not on-demand

confirmed
that's true.

[mrapi]

please fix that!

detection is correct

So if detection is correct why today that was fixed?

[mrapi]

From today problem is back,please fix tat is the THIRD TIME !!!
this time on another compiled report : please see this file http://www.mediafire.com/download/6uft9x7tm2asu35/CASHFLOW.zip

on Virustotal nothing reported :https://www.virustotal.com/en/file/0067313ba027e34ac2cde35a341c12cf2d990b6e44a3cf438c1bfecf793cde79/analysis/1372339451/

[mrapi]

again,seems solved
maybe there is something wrong with detection shield