Anyone running Avast alongside Jetico ?

[pedantic]

I've just ran a weekly scan of my drive, with avast AV. It picked up Win32:Rbot-CCS in my Jetico Personal Firewall directory. According to Avast bcfgenv.dll was infected, can any Jetico users confirm that they have this file in the Jetico directory ?

I tried to move the file to chest, but was informed that, because it was in memory, a boot scan was required. Which I did. I moved it to the chest from there, however on restart, Jetico is asking for permissions all over again, for everything that needs access. I'm pretty sure the infected file, must be the configuration file for Jetico.

I made an image of my drive before doing anything, so can restore again, if I made any rash errors on my part. Can anyone confirm this file exists on their machine ? Or maybe this has happened to someone else too ?

I don't run Jetico, sorry

[SnoopZ]

According to this, that file isn't a pest and it's correct that you have it in your Jetico folder.

Quote:

programfilesdir+\jetico\jetico personal firewall\bcfgenv.dll

[pedantic]

Quote:

Originally Posted by homealone

I don't run Jetico, sorry

No probs ! Thanks for the bump anyway

Quote:

Originally Posted by SnoopZ

According to this, that file isn't a pest and it's correct that you have it in your Jetico folder.

I googled that before snoopz ! Am not sure what to make of it though. It says it's not a pest, but does that mean it still maybe not infected.

I hope it's only a false positive.

[SnoopZ]

Quote:

Originally Posted by pedantic

No probs ! Thanks for the bump anyway



I googled that before snoopz ! Am not sure what to make of it though. It says it's not a pest, but does that mean it still maybe not infected.

I hope it's only a false positive.

Email me the file and ill scan it with nod32 if you like.

[edit]

Try scanning the file http://www.kaspersky.com/scanforvirus.html

[pedantic]

Quote:

Originally Posted by SnoopZ

Email me the file and ill scan it with nod32 if you like.

pm the addy, thanks.

[Down the Pub]

i use jetico, and that file is presant and correct in the root folder, and just scanned with nod32 and it's not in any way a naughty file that i can see.....

used to use avast and used to get a few false positives with it, not all bad but more of a pain in the **** at times.

[pedantic]

Quote:

Originally Posted by Down the Pub

i use jetico, and that file is presant and correct in the root folder, and just scanned with nod32 and it's not in any way a naughty file that i can see.....

used to use avast and used to get a few false positives with it, not all bad but more of a pain in the **** at times.

Thanks for the heads up, I hope this is such a false positive.

[Down the Pub]

Quote:

Originally Posted by pedantic

I'm pretty sure the infected file, must be the configuration file for Jetico.

the file description is 'configuration Enviroment Support' so says to me that it should be there.

[pedantic]

Quote:

Originally Posted by Down the Pub

the file description is 'configuration Enviroment Support' so says to me that it should be there.

I'm sure it's a valid file, but not sure if it's borked or not lol

---------- Post added at 22:33 ---------- Previous post was at 22:23 ----------

Good news ! I hope

It's looking like a false positive, I submitted the file here which tests it with 27 other Av's, and Avast was the only one that picked it up.

[SnoopZ]

Yep sounds like good news.

[ADd]

I have just tested this for you, it seems that it is a false positive, here is the Jotti online scan results of the dll:

Quote:

File: bcfgenv.dll
Status:
POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 2e62fe89d1928829ef72429d13067e4f
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found Win32:Rbot-CCS
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

I got the same alert after a scan, and from the above results it is definately a false positive. I have emailed avast customer service to alert them to this error. BTW there was a definitions update today, so I think this may have been the problem.

[pedantic]

Thanks for all the help ! Looks like a falsey lol

---------- Post added at 22:40 ---------- Previous post was at 22:38 ----------

Quote:

Originally Posted by ADd

I got the same alert after a scan, and from the above results it is definately a false positive. I have emailed avast customer service to alert them to this error. BTW there was a definitions update today, so I think this may have been the problem.

Thanks for that info, peace of mind at last

[AntiSilence]

I had a similar thing with AvG and a file in the Java runtime folder a while back. I use Avast now though! lol

[ADd]

Thing with definitions, sometimes the guys/gals get them wrong - this has been known to happen with Kaspersky, Symantec amoung many others. Sometimes the mistakes are very serious:

http://news.com.com/CA+antivirus+del...ht&tag=nl.e433

For a server, but you can see the problems it can create. My advice would be to quarantine files and not delete until you are sure they are infected. This way if it is a mistake you can replace the file, incidentally quarantined files are completely safe.

If you come across FP, best thing is to report to the program makers, that way they can get the problem fixed, helping them, you and others users - either do this by email or use their forums (if they have one).