Author Topic: [9.0.2011] running bcdedit.exe at startup?  (Read 10361 times)

0 Members and 1 Guest are viewing this topic.

NoelC

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #15 on: January 01, 2014, 07:33:06 PM »
Excuse me, but if something is running an older version of a system program that's already been updated by a service pack from your TEMP folder the yes, it's most certainly suspicious activity - unless you know for certain it's supposed to work that way.  That knowledge changes it from "suspicious" to "awfully rinky dink", though.  Is Avast really doing this?

FYI, I don't have a BCDEdit.exe in my TEMP folder.

-Noel
« Last Edit: January 01, 2014, 07:34:42 PM by NoelC »

jwoods301

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #16 on: January 01, 2014, 09:28:10 PM »
It's actually a good way to make changes to boot configurations for your software...

If you understand what BCDEdit does, and you know Avast is running it, it should not be a concern.

NoelC

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #17 on: January 01, 2014, 09:49:46 PM »
Of course there's no problem with software using parts of the operating system to do its work.

The "suspicious" aspect would come in if something were to write a copy of an outdated operating system tool into the TEMP folder and execute it from there.  Malware more often does stuff like that. 

Not to mention that redistributing parts of Windows that way would likely be illegal.

Given what others have written above, it's possible that it was just a coincidence that Avast0815User happened to have an older copy of BCDEdit.exe in the TEMP folder.  Perhaps Avast sets its current folder to TEMP when it runs.  I've not observed any Windows update / installation process that left a copy of BCDEdit.exe in the TEMP folder, though.

-Noel

jwoods301

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #18 on: January 01, 2014, 10:52:22 PM »
aswAR.dll and aswEngin.dll reference BCDEdit.

Thanks to NirSoft's SearchMyFiles utility...

olddog

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #19 on: January 02, 2014, 12:11:16 AM »
Excuse me, but if something is running an older version of a system program that's already been updated by a service pack from your TEMP folder the yes, it's most certainly suspicious activity

I agree, and if it were to be done intentionally by any brand product, then it would indicate very poor design concept indeed.

jwoods301

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #20 on: January 02, 2014, 01:17:11 AM »
Excuse me, but if something is running an older version of a system program that's already been updated by a service pack from your TEMP folder the yes, it's most certainly suspicious activity

I agree, and if it were to be done intentionally by any brand product, then it would indicate very poor design concept indeed.

It's also possible that the "older" version is the only one fully compatible with all supported versions of Windows.

Offline OndraP

  • Avast team
  • Newbie
  • *
  • Posts: 8
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #21 on: January 02, 2014, 09:14:46 AM »
Hi guys, bcdedit.exe is currently used by avast! GrimeFighter. We will get rid of it (bcdedit :)) in next program update.

Thanks

Offline NON

  • Japanese User
  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5516
  • Whatever will be, will be.
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #22 on: January 02, 2014, 10:54:31 AM »
Hi guys, bcdedit.exe is currently used by avast! GrimeFighter. We will get rid of it (bcdedit :)) in next program update.
Many thanks alquist for clarification. I'm glad avast! team is now taken part in my thread :D
Now we're clear what it does and what it will be :)
Desktop: Win10 Pro 22H2 64bit / Core i5-7400 3.0GHz / 32GB RAM / Avast 23 Premium Beta(Icarus) / Comodo Firewall
Notebook: Win10 Pro 22H2 64bit / Core i5-3340M 2.7GHz / 12GB RAM / Avast 23 Free / Windows Firewall Control
Server: Win11 Pro 23H2 64bit / Core i3-4010U 1.7GHz / 12GB RAM / Avast One 23 Essential

Avast の設定について解説しています。よろしければご覧ください。

olddog

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #23 on: January 02, 2014, 02:20:15 PM »
Hi guys, bcdedit.exe is currently used by avast! GrimeFighter. We will get rid of it (bcdedit :)) in next program update.

Thanks for the explanation alquist  :)

Avast0815User

  • Guest
Re: [9.0.2011] running bcdedit.exe at startup?
« Reply #24 on: January 05, 2014, 10:43:59 AM »
As someone mentioned GrimeFigher I checked the menu "tools", but only rescue medium was listed as active.
Sandbox, firewall and safezone listed as optional items (showing plus symbol with green background when hovering over it).

Then I checked "programs and software" in control panel, clicked Avast and "deinstall/repair" and (surprise, surprise) GrimeFighter was checked!
Unchecked it, run setup, reboot and the revenant bcdedit.exe is gone!