Win32 a false positive?

Avast reports that I have Win32.Cfd on my computer in C:\Program Files\Broadjump\Client Foundation\CFD.exe. Is this a false positive?

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\IoCtlSvc.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
C:\Program Files\DateInTray\DateInTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: DateInTray.lnk = C:\Program Files\DateInTray\DateInTray.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Well sort of. I think avast has added it to it’s antispyware detection if you are using 4.8. I’ve had the file for some time now and I’m not worried about.

Many thanks. So I can relax, sort of. Is there any way of stopping Avast from reporting this at every bootup?

Add it to the exclution list.

on demand-right click the “a” icon, select program settings, exclutions

on access-left click the"a" icon, click the standard shield icon, customize button, advanced tab

I’ve added the file address to both locations but still receive warning message on bootup. In case my aged fingers were again going walkabout I also copied the sites by browsing, but to no avail.

I just tried a right click on demand scan and avast didn’t scan it. so that part of the exclutions works. Perhaps startup scan is different? I only excluded it to test the on demand scan. Without it in the exclutions a right click scan will detect it.

It have never been detected here at startup amd I don’t have it excluded.

Did you add the complete path

C:\Program Files\Broadjump\Client Foundation\CFD.exe

Yes, the full address was added to both functions. Does Avast clear false positives with subsequent updates? Should this incident be reported? I can’t believe that we are the only two sufferers – and yes this only started with the last week of updates.

No,it’s not just us. You are the first to report not being able to exclude it though. I haven’t had a problem with the detection on startup.

Do you have avast 4.8? It may be the rootkit scan portion of avast that is detecting it.

http://forum.avast.com/index.php?topic=34696.msg291062#msg291062

A very interesting and informative page. In view of the fact the other accepted utilities don’t throw this file up as a threat, and since there does seem to be a slight consensus that it serves some purpose I think I’ll leave it alone and hope for future respite. If it was my program I think that I would have contacted Avast by now …

Now to find out why I’m the only sad individual who can’t block it through preferences …

Good talking. Joe out.