system
1
I’ve had a number of false positives show up today in the very same files I’ve had on my system for a long time. Specifically:
Win32:Evo-gen [Susp]
Anyone know what sensitivity I can turn down to get past these?
As this is the false positive detection I’ve seen the most (maybe even exclusively) in all the recent history I can remember easily, maybe it would be nice if this particular heuristic (?) would be specifically configurable?
-Noel
I have the same problem. Got several hits yesterday. In fact, Win32:Evo-gen [Susp] is the reason that any files at all are in my Virus Chest–some moved there yesterday, some moved there as far back as April 2013. When I extract any of them and re-scan them with Avast, they are reported as clean.
Also annoying: is the link on the virus warning popup the only way to report a false positive in Avast? I don’t know if a file has a real virus or is false positive until I can examine it, compare it with an original, a backup, or a copy on another computer. That takes a time–by then the popup is gone.
Pondus
3
When I extract any of them and re-scan them with Avast, they are reported as clean.
Because ( Win32:Evo-gen [Susp] = suspicious ) is a on access only detection
You can send files to avast lab from chest… http://www.avast.com/faq.php?article=AVKB21#
system
4
So how can we turn down the sensitivity?
My main goal in life is not necessarily to help Avast refine their database after they’ve made their detection too aggressive.
-Noel
system
5
Is there a sensitivity setting for Evo Gen only ? I don’t think :o
system
7
I hate to have to keep stating the obvious, but…
Why is there no setting for this particular detection, which is the only false positive (actually the only detection) I ever see?
-Noel
system
8
We don’t know.
You could ask a wish for having an option (turned off by default) that allows users to turn off Evo Gen identifications.
system
9
Avast! Consider it so wished!
-Noel