Today Avast identified the following file as Win32:Evo-gen [Susp]: C:ProgramData\WildTangent\GameInstalls\WTA-13fa2eb9-4662-4fc2-9982-3a4bb5cb810f-extr.exe | >$[34]\GoldenTrails2TheLostLegacy_CE.exe. I also noticed how after it was detected, my scan progress dropped from 73% to 31%. All other scans have found no issue and I’m wondering if this is a false positive related to the most recent definitions update.
Malware or false positive?None ... Win32:Evo-gen [[b]Susp[/b]] = [b]Suspicious[/b]
Upload and test file at www.virustotal.com if tested before, click rescan for a fresh result
Post link to scan result here
I hope this helps.
@ crimsoncricket
The reason you see this scan progress drop is because avast effectively drops into a sort of paranoid mode after a detection. It scans more and in a greater depth/sensitivity/thoroughness.
The initial scan progress was bound on the original scan parameters/settings, now it will take longer because of the detection/s, so progress will differ.
Thanks everyone, I’ll have to look into those links and get back to you in a few days.
I tried uploading WTA-13fa2eb9-4662-4fc2-9982-3a4bb5cb810f-extr.exe and was told it exceeded the 128 mb size limit. What should I do now? Is there any way to just submit the “>$[34]\GoldenTrails2TheLostLegacy_CE.exe” part?
how big is the file? Metascan can take 140mb https://www.metascan-online.com/
Report it to avast, scroll down to submit a ticket https://support.avast.com/
you may give a link to this topic
It’s 272,896 KB and seems to be too big to submit as part of a ticket. What should I be specifically asking for in my ticket since I can’t seem to submit the file?
you can give them the download link for the file, or they will give you instructions on how to upload it on avast ftp server
Thanks, I just submitted my ticket with a link to this thread. I also checked the properties of the file and it hasn’t been modified in years, so I suspect this is a false positive. Looks like I probably won’t get a reply until the 28th or so, so I won’t be able to post any further details until then.