Hi
We have a software accounting system called Omni Accounts. Since this morning we have been innudated with calls that this worm has been found in our cashbooklib.bpl. This is only happing with users running AVAST and it seems to be since a new virus pattern file was released last night.
Please HELP! Who do we contact?
Chris Kudla
Omni Accounts
South Africa
this issue will be fixed today, we’re working on the update…
None of our customer that use Avast can start our Software, disable or whitelist is the only solution.
We get errors on many of our .bpl files.
What is done with .bpl files in the latest update? Will this be fixed today? We have made all the code, and we don’t make no virus 
Hi
Thanks, we are swamped at our call centre. Is there anything our users can do to get around the problem for now, as it is month end and this is accounting software.
Also is it possible for you to send us a mail that we can forward onto our users advising them of what the problem is as mpost of them are blaming us!!
Regards
Chris Kudla
Anything new? Please give us an update now & then
I think many applications written in Delphi (which use .bpl libraries) are dead since today’s morning 
The worst thing you (or your customers) can do is to delete ‘infected’ .bpl files from disk. That will destroy the application. Temporary solution we use is to exclude ‘*.bpl’ files from Avast scanning.
Hope Avast team will fix this bug soon.
it’s fixed internally already… the public VPS update should come out around 5pm CEST… it was a little bug, but it affected more bpl files, my/our apologies for that…
*maybe sooner
Dear Maxx
This is great news. Thanks for the quick response.
Regards
Chris Kudla
Omni Accounts
www.omniaccounts.co.za
Can you please tell me the virus signature version that has fixed the .bpl problem? Avast picked up this same alert on PCTools Spyware Dr. [pctoolscomponents.bpl]. Also, on the first of my 5 laptops to give me this alert, I panicked and chose the “move to chest” option (I know, I know… It was early in the AM and I wasn’t fully awake…). Needless to say, that app is now disabled. How can I remove the reference to this file from the chest so I can get my app working again (I have since added and exception for *.bpl as suggested)??
Update your avast and move (restore) the file back from Chest (right click the file).
If it is a false positive…
If it is not, i.e., if the file is really infected, it should be better to let it into chest!
Check the file in www.virustotal.com
I assume from what’s been said here already that today’s problem (which applies to me as I have Spyware Doctor and spent a couple of hours scanning etc before reading this topic) relates to the anti-virus update introducing a bugged false positive report for this virus rather than it introducing the virus itself?
It seems to read that way, but I’d have thought that from a business point of view it would be a smart move for the company to make the point crystal clear. I also think it would be useful for people who don’t visit here to have a simple email routine when this sort of situation arises so that all registered users are alerted to the actual situation and thereby don’t panic unnecessarily when they start getting false positive reports which they have no means of distinguishing from the real thing!
I have the same problem my Avast home edition detected win32 junkpoly from a file in TuneUp Utilities 2009 named EmbeddedWebBrowser_D2006.bpl file. Now my TuneUp Utilities 2009 is not working and the EmbeddedWebBrowser_D2006.bpl cannot be deleted because it keeps coming back.
The new pattern file 090529-0 resolves the problem with our software package, Omni Accounts. I have downloaded and checked it.
Regards
Chris Kudla
www.omniaccounts.co.za
Thanks for reporting back 