Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


AVAST security problem

  • Please log in to reply
3 replies to this topic

#1 sportsvine


  • Members
  • 58 posts
  • Local time:11:19 AM

Posted 03 December 2009 - 01:16 AM

2 hours ago I was looking through Amazon, and out of nowhere my Avast siren goes off detecting a trojan horse, and this trojan horse was infecting Spybot S & D.

The name of this trojan horse is Win32:Delf-MZG

I put this trojan horse into the quarantine chest but it kept saying it couldn't go because SpyBot wasn't letting it.

I then had Avast run a start up scan and found many infected files, all by this Win32:Delf-MZG trojan.

However, after rebooting I found a yahoo forum in which many many people are posting that this is a problem with Avast as itself and Avast is reporting many false positives with peoples computers throughout cyberspace. Also, the Avast and Spybot forums are both completely down.

After reading some more stuff, it is being suggested that Avast had a bad update which is causing these false positives.

Anyone else familiar with this?

EDIT: Moved to a more appropriate forum-MG

Edited by garmanma, 30 December 2009 - 11:25 AM.

BC AdBot (Login to Remove)


#2 Capn Easy

Capn Easy

  • Members
  • 597 posts
  • Location:New Jersey
  • Local time:01:19 PM

Posted 03 December 2009 - 02:37 AM

Yes, Avast! found the same "Trojan" in a different program on my computer. Apparently it was a false positive. This is from the Avast! forum (which is still a very busy place):

Win32:Delf-MZG false positive was fixed in the latest VPS - 091203-1.

I was running Virus Database 091203-0, and I assume you were, too. If your version hasn't updated itself, you can manually update it.

EDIT: Avast! has put a post on their forum acknowledging the problem and promising to provide some instructions to people who were severely affected. It's located at http://forum.avast.com/index.php?topic=516...36938#msg436938

Edited by Capn Easy, 03 December 2009 - 02:59 AM.

#3 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,739 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:19 PM

Posted 03 December 2009 - 07:25 AM

The avast forums are quite busy today and folks may encounter problems when attempting to go there.

As such, below is the statement they provided:


last night, avast had a bad false positive issue. At around 12:15am GMT we released VPS update 091203-0 which started flagging hundreds of innocent files as a "Win32:Delf-MZG" Trojan (or, in less common cases, as "Win32:Zbot-MKK"). Among the files affected were high-profile programs produced by Adobe, Realtek sound card drivers, various media players etc.

We are still investigating the issue, trying to find out what exactly happened and how to make absolutely sure it will not happen again.

At 5:50am GMT, another VPS update (091203-1) was released, fixing the issue (for both "Win32:Delf-MZG" and "Win32:Zbot-MKK").
Those who have not used their computers between 12:15am and 5:50am will most likely not be affected.

If you're still using the bad VPS (091203-0) we recommend to invoke a VPS update immediately.

Our technical support team is currently preparing extensive HOWTOs about how to fix the situation for those who were hit by the problem.

We will be updating you shortly.

We deeply apologize for any inconvenience this has caused.


Win32:Delf-MZG false positive issue statement

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Williamwarn


  • Members
  • 2 posts
  • Local time:12:19 PM

Posted 29 December 2009 - 11:08 AM

Thanks for information!!!

I was really searching this type of information in last few days.

This information will give me lot of help in near future.

Thanks a lot

Edited by Amazing Andrew, 29 December 2009 - 01:10 PM.
Mod Edit: De-spamified - AA

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users