Hello,
The latest 141106-1 update is picking up a false positive in the file “VBufBackend_gecko_ia2.dll”, which is part of NVDA, a screen reader for Windows. It is detected as “Win32:Evo-gen [Susp]”.
On systems which have NVDA installed, this file will be located at “C:\Program Files (x86)\NVDA\lib\VBufBackend_gecko_ia2.dll”.
The false positive was not present in 141106-0, and blocking it will prevent NVDA from interacting correctly with Firefox, which can severely impact on blind people.
Checksums of the file detected as a false positive:
MD5: 35386eb6b438ee10a4e6ce57171a719f
SHA1: 6d473da64728e2ad3358a4678bb6bc3663e59884
SHA256: f4ca66c040ba4090f279ce7417568c0551ce74d8caede60c7db85dd334cbfe32
The file can be found by installing the nvda_2014.3.exe file available here: http://sourceforge.net/projects/nvda/files/releases/2014.3/nvda_2014.3.exe . Note that NVDA runs a temporary copy of itself when the installer is executed, so Avast! will detect the file in a temporary folder when the installer is run. On a normal installation, this would instead be in the Program Files (x86) folder shown above.
Thank you!