Author Topic: WIN32:Delf-GD (Read 2298 times)

REDACTED · « **on:** August 14, 2012, 11:59:17 PM »

Hello,

I have been seeing repeated pop-ups all day today warning me that Avast blocked a virus. I have scanned my system several times using Avast and Malwarebytes. It appears to resolve the issue and then I get the pop-ups until it becomes infected again. Then run the scans, rinse repeat all day. The pop-ups stop only when I have the infection - once cleaned they start again.

mBam, OTL and aswMBR logs to follow.

Thanks for your assistance.

REDACTED · « **Reply #1 on:** August 15, 2012, 12:01:28 AM »

OTL Logs attached

REDACTED · « **Reply #2 on:** August 15, 2012, 12:04:48 AM »

aswMBR attached

Theo Peterbroers · « **Reply #3 on:** August 15, 2012, 09:37:47 AM »

Hi Dasbury07,

Attaching those logs is the right thing to do, but there may be a simpler solution.

WIN32:Delf-GD was named in a number of topics in this forum the past few days. You may use the search function to check out those posts.

The problem has been determined to be the vidicommedia antiphishing domain advisor. This product uses unencrypted Panda malware signatures. Those unencrypted signatures are seen by other antivirusproducts as the real threat.

Please check if the domain advisor is installed on your pc (probably without your permission) with the link near the bottom of this webpage hxxp://software.visicommedia.com/en/products/antiphishing/ (replace xx with tt). If so, uninstall the antiphishing advisor.

Best regards,

essexboy · « **Reply #4 on:** August 15, 2012, 03:43:43 PM »

That is confirmed... They use unencrypted data so Avast will see it as a virus

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

Author Topic: WIN32:Delf-GD (Read 2298 times)

REDACTED

WIN32:Delf-GD

REDACTED

Re: WIN32:Delf-GD

REDACTED

Re: WIN32:Delf-GD

Theo Peterbroers

Re: WIN32:Delf-GD

essexboy

Re: WIN32:Delf-GD