Numerous Trojan warnings since last update.

[Tsimmes]

Avast updated itself about 15 minutes ago and within two minutes began reporting many, many instances of Win32:Delf-MZG in many of my files, including those that had been on my computer for a very long time. I did a boot scan with instructions to move malware to the chest and before I knew it almost twenty files had been moved before I stopped the boot scan. Something seems very wrong here--can these all be false positives?

[MisuVir]

Latest VPS file (4091203-0) is detecting the following files as having Win32:Delf-MZG.
    TUGZip\TzShell.dll
    TUGZip\TzUpdate.exe
    TUGZip\TzSFX.exe
    TUGZip\TzScript.exe
    TUGZip\TUGZip.exe
    ACER eSettings\awcomm.dll
    Spybot\SDHelper.dll
    Spybot\UninsSrv.dll
    Skype\Plugin Manager\skypePM.exe
    ... More?

Definitely looks like false positives. Needs to be fixed.

[Logonogonogoner]

The same thing happened to me. Apparently Skype decided to turn bad on us.

[Aikijitsu]

Okay. Looks like this isn;t my computer. Too bad I moved that supposed trojan to the chest. It disabled my anti-spyware programs. Is there some way to reverse that? Worse comes to worse, I can just re-install them.

[AARGH]

Lots of folks on DSLreports.com stating same thing.  I had it claim speedfan, Anydvd and Alcohol120 all had exact same Malware (Win32:Delf-MZG[Trj])

Hopefully this will get fixed soon...

[Logonogonogoner]

C:\Program Files\Skype\Plugin Manager\skypePM.exe

So I am not the only one with this problem, I suppose

[Lee.Davis]

Many PCs in our office are also picking this up. We are actually a software development house and circumstantial evidence is pointing to some Delphi code being flagged as a virus.

All of the software we write is now being flagged as being infected by the Win32:Delp-MZG Trojan - this is obviously a BIG problem for us - I've advised our Tech Support team to be ready for an influx of calls.

Lee.

[Inglonias]

This problem has occurred before. It sucks. I know.

Spyware Doctor for me, but thats it.

Taking no action seems to be alright.

[dranber17]

i have updated my avast home antivirus just few minutes ago on both my desktop and laptop computer running win xp pro and media version and after booting up avast have detected several scr and exe files (so many , including trusted files cybersitter,skype pm,speedmypc, renamemaster,searchandrecover files) having been infected by 2 trojans?? .
win32.delf.mzg (trj)
win32.zbot.mkk (trj)
, i think this is false positive error from avast update dec 03, 2009.
please fix.:'(
thanks

[Yanto.Chiang]

Hi there,

This happened with me too, after up to date this early morning and then avast detected some file at my windows and avast library file was infected by this variant trojan :

avast! [User]: File "C:\Program Files\Alwil Software\Avast5\redemption.dll" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "C:\Windows\Installer\6976fe.msi|>Product.CAB|>PluginManagerExe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "C:\Windows\Installer\6976fe.msi|>Product.CAB|>PluginManagerUtils" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "C:\Windows\Installer\6976fe.msi|>Product.CAB|>PluginManagerExe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "C:\Program Files\Skype\Plugin Manager\skypePM.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

Some file has been quarantined by avast, but some file deleted by avast. 

Is it FP or real infected?
For quarantined files, i submit it already to avast with avast 5 features.

[blinka]

Avast detected KMplayer as a virus... come on!!! KM player is just a ovie player... i clicked on teh "not do anything" button, but it blocked the KMPLAYEr so i unninstalled it and when i tried to install it again i got like 10 virus alerts, and i didnt even clicked on anything i just closed them, but it is still blocked can't seem to make it work. It also said that a screensaver was a trojan, come on it's .SCR it's not a trojan! can someone fix this?

[udidwht]

Same issue here guys. It flagged files from Skype, Online Armor so far...I've been choosing 'Take no Action since it's obvious they're F/P's. Just be sure and read the file name carefully before choosing 'Take no action'.

[asbaker]

Well it's almost 10 PM Eastern time and Avast is still going crazy on programs I've used for years. Plus, getting this forum to appear on my screen as very difficult - takes forever to show up if it does at all.

Is a change in virus database being worked on?

[Yanto.Chiang]

Hi Vlk, Igor, Pavel,

Please do something, before everyone faced the same problem like me. All of my tools and even my system also application detected as Win32:Delf-MZG [Trj].

And mostly deleted by avast.

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\helper.dll" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\Update.exe|>[Armadillo]" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\Update.exe|>[Armadillo]" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\PCToolsAntiVirusExtension.dll" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\PCTAVHook.dll" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\avinstall.exe|>{app}\Upgrade.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\hideipng.exe|>{app}\hideipng.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\ophcrack-win32-installer-3.3.1.exe|>$INSTDIR\pwdump\servpw64.exe" is infected by "Win32:PUP-gen [PUP]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\SmitfraudFix.exe|>SmitfraudFix\dumphive.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\SmitfraudFix.exe|>SmitfraudFix\swreg.exe|>[UPX]" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\SmitfraudFix.exe|>SmitfraudFix\swxcacls.exe|>[UPX]" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\X-Lite3_29712.exe|>{app}\eyeLook.dll" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\TrojanKiller\trojankiller-setup.exe|>{app}\trojankiller.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\TrojanKiller\trojankiller-setup.exe|>{app}\checkfile.exe" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009

avast! [User]: File "D:\Yanto\Utilities\Aplications\Trojan Remover\trjsetup681.exe|>{app}\Rmvtrjan.exe|>[Armadillo]" is infected by "Win32:Delf-MZG [Trj]" virus.
"%3" task used
Version of current VPS file is 091203-0, 12/03/2009


And many more.......what is going wrong guys.....i need to unstinstall avast here....

[Ximinez]

Same here with SpySweeper running VPS version "091203-0, 12/03/2009".
 
The following files were flagged under the following 4 Webroot sub-folders:

C:\Program Files\Webroot\Spy Sweeper\
ClientHelper.dll
Core.msi
language.dll
lockbox.dll
SafeSweeper.exe
SpySweeperUI.exe
SSCtxMnu.dll
VersionInfo.dll
ziptv06.dll

C:\Program Files\Webroot\Spy Sweeper\Cleanup\
CtxCleanup.exe
WashEngine.exe
WcCtxMnu.dll

C:\Program Files\Webroot\Spy Sweeper\Core.msi\Data1.cab\
lockbox.dll
ziptv06.dll
wrlzma.dll

C:\Program Files\Webroot\Spy Sweeper\Core.msi\
ISSetupFile.SetupFile2

My current workaround is to stop then disable (at startup) the following 2 Webroot services via Run ... services.msc:

Webroot Client Service
Webroot Spy Sweeper Engine

as well as disable the SpySweeperUI.exe file to load at Windows startup.

I will keep them this way until ALWIL re-issues the VPS to no longer flag these false positives.