Cable Forum

Cable Forum (https://www.cableforum.uk/board/index.php)
-   Security & Virus Discussion (https://www.cableforum.uk/board/forumdisplay.php?f=38)
-   -   Anyone running Avast alongside Jetico ? (https://www.cableforum.uk/board/showthread.php?t=52252)

pedantic 07-09-2006 21:13
Anyone running Avast alongside Jetico ?
 
I've just ran a weekly scan of my drive, with avast AV. It picked up Win32:Rbot-CCS in my Jetico Personal Firewall directory. According to Avast bcfgenv.dll was infected, can any Jetico users confirm that they have this file in the Jetico directory ?

I tried to move the file to chest, but was informed that, because it was in memory, a boot scan was required. Which I did. I moved it to the chest from there, however on restart, Jetico is asking for permissions all over again, for everything that needs access. I'm pretty sure the infected file, must be the configuration file for Jetico.

I made an image of my drive before doing anything, so can restore again, if I made any rash errors on my part. Can anyone confirm this file exists on their machine ? Or maybe this has happened to someone else too ?

homealone 07-09-2006 22:20
Re: Anyone running Avast alongside Jetico ?
 
:bump:

I don't run Jetico, sorry :)

SnoopZ 07-09-2006 22:31
Re: Anyone running Avast alongside Jetico ?
 
According to this, that file isn't a pest and it's correct that you have it in your Jetico folder.

Quote:
programfilesdir+\jetico\jetico personal firewall\bcfgenv.dll

pedantic 07-09-2006 23:07
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by homealone (Post 34112311)
:bump:

I don't run Jetico, sorry :)
No probs ! Thanks for the bump anyway ;)

Quote:
Originally Posted by SnoopZ (Post 34112327)
According to this, that file isn't a pest and it's correct that you have it in your Jetico folder.
I googled that before snoopz ! Am not sure what to make of it though. It says it's not a pest, but does that mean it still maybe not infected. :shrug:

I hope it's only a false positive. :erm:

SnoopZ 07-09-2006 23:09
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by pedantic (Post 34112369)
No probs ! Thanks for the bump anyway ;)



I googled that before snoopz ! Am not sure what to make of it though. It says it's not a pest, but does that mean it still maybe not infected. :shrug:

I hope it's only a false positive. :erm:
Email me the file and ill scan it with nod32 if you like. :)

[edit]

Try scanning the file http://www.kaspersky.com/scanforvirus.html

pedantic 07-09-2006 23:12
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by SnoopZ (Post 34112371)
Email me the file and ill scan it with nod32 if you like. :)
pm the addy, thanks. :)

Down the Pub 07-09-2006 23:13
Re: Anyone running Avast alongside Jetico ?
 

i use jetico, and that file is presant and correct in the root folder, and just scanned with nod32 and it's not in any way a naughty file that i can see.....

used to use avast and used to get a few false positives with it, not all bad but more of a pain in the **** at times.

pedantic 07-09-2006 23:14
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by Down the Pub (Post 34112373)

i use jetico, and that file is presant and correct in the root folder, and just scanned with nod32 and it's not in any way a naughty file that i can see.....

used to use avast and used to get a few false positives with it, not all bad but more of a pain in the **** at times.
Thanks for the heads up, I hope this is such a false positive. :erm:

Down the Pub 07-09-2006 23:17
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by pedantic (Post 34112212)
I'm pretty sure the infected file, must be the configuration file for Jetico.
the file description is 'configuration Enviroment Support' so says to me that it should be there.

pedantic 07-09-2006 23:33
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by Down the Pub (Post 34112376)
the file description is 'configuration Enviroment Support' so says to me that it should be there.
I'm sure it's a valid file, but not sure if it's borked or not lol

---------- Post added at 22:33 ---------- Previous post was at 22:23 ----------

Good news ! I hope :erm:

It's looking like a false positive, I submitted the file here which tests it with 27 other Av's, and Avast was the only one that picked it up.

SnoopZ 07-09-2006 23:35
Re: Anyone running Avast alongside Jetico ?
 
Yep sounds like good news. :)

ADd 07-09-2006 23:37
Re: Anyone running Avast alongside Jetico ?
 
I have just tested this for you, it seems that it is a false positive, here is the Jotti online scan results of the dll:

Quote:
File: bcfgenv.dll
Status:
POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 2e62fe89d1928829ef72429d13067e4f
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found Win32:Rbot-CCS
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
I got the same alert after a scan, and from the above results it is definately a false positive. I have emailed avast customer service to alert them to this error. BTW there was a definitions update today, so I think this may have been the problem.

pedantic 07-09-2006 23:40
Re: Anyone running Avast alongside Jetico ?
 
Thanks for all the help ! Looks like a falsey lol :)

---------- Post added at 22:40 ---------- Previous post was at 22:38 ----------

Quote:
Originally Posted by ADd (Post 34112393)
I got the same alert after a scan, and from the above results it is definately a false positive. I have emailed avast customer service to alert them to this error. BTW there was a definitions update today, so I think this may have been the problem.
Thanks for that info, peace of mind at last :tu:

AntiSilence 08-09-2006 00:03
Re: Anyone running Avast alongside Jetico ?
 
I had a similar thing with AvG and a file in the Java runtime folder a while back. I use Avast now though! lol

ADd 08-09-2006 00:16
Re: Anyone running Avast alongside Jetico ?
 
Thing with definitions, sometimes the guys/gals get them wrong - this has been known to happen with Kaspersky, Symantec amoung many others. Sometimes the mistakes are very serious:

http://news.com.com/CA+antivirus+del...ht&tag=nl.e433

For a server, but you can see the problems it can create. My advice would be to quarantine files and not delete until you are sure they are infected. This way if it is a mistake you can replace the file, incidentally quarantined files are completely safe.

If you come across FP, best thing is to report to the program makers, that way they can get the problem fixed, helping them, you and others users - either do this by email or use their forums (if they have one).

pedantic 08-09-2006 00:19
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by ADd (Post 34112416)
Thing with definitions, sometimes the guys/gals get them wrong - this has been known to happen with Kaspersky, Symantec amoung many others. Sometimes the mistakes are very serious:

http://news.com.com/CA+antivirus+del...ht&tag=nl.e433

For a server, but you can see the problems it can create. My advice would be to quarantine files and not delete until you are sure they are infected. This way if it is a mistake you can replace the file, incidentally quarantined files are completely safe.

If you come across FP, best thing is to report to the program makers, that way they can get the problem fixed, helping them, you and others users - either do this by email or use their forums (if they have one).
Good advice :tu: I always quarantine.

ADd 08-09-2006 00:21
Re: Anyone running Avast alongside Jetico ?
 
Yeah learnt from experience unfortunately :(

ADd 08-09-2006 15:02
Re: Anyone running Avast alongside Jetico ?
 
Good news! Today's Avast update rectifies the False Postive :)

pedantic 08-09-2006 15:36
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by ADd (Post 34112761)
Good news! Today's Avast update rectifies the False Postive :)
Thanks for the update ! :tu:

I just noticed the update, and the first thing I did was to start Avast. No alert this time, when scanning memory, on Avast start up. :)

No need for me to contact their CS now, looks like you, and (probably) other users have alerted them about this, and they fixed it. :tu:

ADd 08-09-2006 16:17
Re: Anyone running Avast alongside Jetico ?
 
Yep, pretty quick response too, they would have had to re-test and then release the update, I'm impressed :)

pedantic 08-09-2006 16:20
Re: Anyone running Avast alongside Jetico ?
 
Quote:
Originally Posted by ADd (Post 34112834)
Yep, pretty quick response too, they would have had to re-test and then release the update, I'm impressed :)
Fair play to Avast. :tu:


All times are GMT +1. The time now is 07:19.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum