FileChangeAlarm.exe
MD5:42CE722241D2917E57DB0FB393B644FE
SHA-1:8B60527149AA3E064B87875244471F8E95DC83EC
SHA-256:8FCBF8B4BAC03A9C33E08D047EBF4E9407521A7A230CB729C9EC3CA331C25A28

Virus Total says no virus (including Avast ???)

WinXP SP3
Avast 7.0.1466 virus definition up to date (12 october 2013) (and system reboot done)
Avast find a virus in FileChangeAlarm.exe : win32:evo-gen(susp)
file system shield : PUP enabled, heuristic medium, active on read/write/execute
behavior shield enabled : monitor all 3 types, action set to ‘ask’

Remark :
Placing a false positive in the exclusion list does not really work
since you still get an alert when the System Restore create a backup in “C:\System Volume Information”
For example : A0141457.exe is infected (A0141457.exe being the backup of FileChangeAlarm.exe)
I would need to exclude C:\System Volume Information* from the file system shield monitoring…

I have the FileChangeAlarm.exe zipped in an encrypted zip file (with a password)
but your board does not allow the uploading of .zip files

Hello
Send File put in format RAR

to report it as “False positive” to virus@avast.com or through quarantine

Submitting files from the Virus Chest to AVAST Virus Lab

http://www.avast.com/faq.php?article=AVKB21#idt_07

will fix the detection if it is false positive

Thanks.

I needed to send a false positive through mail, or via the internet browser.

I don’t have a RAR compression utility so I compressed as ZIP
with a password (specified in the zip file name and inside the mail),
and sent it to virus@avast.com.

(Also, I just remembered the http://www.avast.com/contact-form.php web page to report false positive)

I just don’t know if I’m right to put a password on the ZIP file.

is optional,not required
Wait for the launch of a next update.

Thank you.

seems to have been fixed in this update VPS 131014-1.
if not please let me know.