Author Topic: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))  (Read 45374 times)

0 Members and 1 Guest are viewing this topic.

Offline bggm

  • Newbie
  • *
  • Posts: 4
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #45 on: December 03, 2009, 01:28:03 PM »
win32:ertfor
win32:alureon-EI
win32:malOb-W
Almost for sure these are viruses - if you doubt, rescan them in chest.

Offline arrie

  • Newbie
  • *
  • Posts: 2
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #46 on: December 03, 2009, 01:37:18 PM »
jeez, now even my posts won't go through >:( can anyone help on the programs that wouldn't restore from the chest?  and can anyone help me to help the dozens of people I have converted to Avast to deal with this tomorrow?  I have told those I can contact to leave their computers off for now

Offline MSMStud

  • Newbie
  • *
  • Posts: 2
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #47 on: December 03, 2009, 01:41:49 PM »
jeez, now even my posts won't go through >:(
LULZ they've got Avast! Antivirus on their servers and its eating inflammatory posts!

IT'S SKYNET! THE MACHINES ARISE FROM ALWIL!  SAVE YOURSE--*kkkrrrrzzzzssssccchchhttt*

;D
MSMStud has updated his status to "Douche with nothing useful to contribute, who will STFU now."
« Last Edit: December 03, 2009, 01:43:31 PM by MSMStud »

Offline nmb

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3061
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #48 on: December 03, 2009, 01:52:25 PM »
Hello arrie,

the problem is because of the forum server being overloaded.
you can extract the files instead of restoring the files. extract it to a temporary folder and copy it to the original location(the location is also visible in the chest).

thanks
nmb
« Last Edit: December 03, 2009, 02:17:13 PM by nmb »

Offline richteratmosphere

  • Newbie
  • *
  • Posts: 15
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #49 on: December 03, 2009, 02:03:08 PM »
When avast reported spybot as being malware, I suspected that it was a false positive.  I didn't send anything to the chest or delete any of the files that ended up being false positive.  I checked the forum and confirmed that a lot of people were experiencing false positives.  Programs like Spybot were rendered unusable for a while, but my avast updated to a more current virus database file, and now I am not experiencing any problems.  My Windows XP booted sucessfully.

After noticing the problem with avast on my desktop, I quickly turned on my laptop and disabled automatic virus database updating so that my laptop wouldn't be affected until this problem was sorted out.  Since a new virus database file has been released, the next time that I turn on my laptop, I will re-enable automatic virus database updating.  There is a red font notice about this Win 32:Delf-MZG problem on the avast site.  I am glad that this problem has been addressed by avast, and grateful that there doesn't appear to be any permanent damage to my OS because of this.

I've been using the free version of avast for around two years now, and this is the first major problem that I have experienced.  Overall, I am still really impressed with avast.

Offline nmb

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3061
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #50 on: December 03, 2009, 02:20:23 PM »
Hello richteratmosphere,

it is all about using common sense and that is what you have used and saved your pc from the wreck. thanks for those supporting words in bad times.

thanks
nmb

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 82283
  • No support PMs thanks
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #51 on: December 03, 2009, 03:11:45 PM »
Ensure you have the latest VPS version 091203-1  as a number of false positives on this malware name, Win32:Delf-MZG have been corrected. So rescan this file within the chest if that is where it is and Restore it if no longer detected.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.544) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline jaikrishna

  • Newbie
  • *
  • Posts: 19
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #52 on: December 03, 2009, 04:27:35 PM »
For those who have lost their precious files, by clicking 'Delete' button, you can just recover them using a file recovery software such as Recuva which comes from makers of CCLeaner.

You can find it at http://www.piriform.com/recuva


Offline street_lethal

  • Full Member
  • ***
  • Posts: 177
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #53 on: December 03, 2009, 05:23:03 PM »
I've said it before i'll say it again, always a good idea to create backup images folks.

Offline street_lethal

  • Full Member
  • ***
  • Posts: 177
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #54 on: December 03, 2009, 05:31:02 PM »
I was always fond of Avast, and that mistake didn't make me lose trust in it - though it made me a little concerned. I hope nothing like that happens again, but there were dozens of ways to minimize and in my case nullify all damages (a little thinking doesn't hurt!).
All those who call for vengeance upon loosing many crucial programs or even OS - it is partly your fault as well. Anti-virus and anti-spyware programs are only of help for securing your computers against destruction, the most important thing is having common sense - why didn't you find it weird that suddenly all your files has the same infection all over the disk soon after av update? Do you think that there is a chance of you having one of the newest viruses all over the disk? Well, that could happen if you were to install/download/run programs that you don't know or trust(or visit certain dangerous sites), and if you run programs from unknown sources, that's your fault for having viruses. Of course I don't say that Alvil is not guilty, but a letter of apology and help with restoring lost files is sufficient enough, so refrain from hanging them by the necks for your lack of sense.

I concur.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #55 on: December 03, 2009, 05:41:50 PM »
Guys, please, stop contemplating whose fault it was or wasn't... there are many people who're now in trouble because of avast, and it's necessary to help them.

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline GoldenSt8r

  • Newbie
  • *
  • Posts: 2
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #56 on: December 03, 2009, 06:50:01 PM »
It all happened so fast.  Sirens were going off, popups all over the place, and the next thing I know my system was rebooting and running a boot scan.  Dozens of files were being reported infected by the Win32: Delf-mzg virus, and each one wanted me to make a decision - delete, move, or repair, etc.  Some couldn't be moved, some couldn't be repaired, and as a result many were deleted.  Yikes!  And System restore wouldn't work.  I figured I was going to have to reformat what had been a perfectly running system, but first I wanted to know exactly what had been deleted.  

I searched the Avast site and many of the other forums and couldn't find the answer.  I ran a search on my system asking what files had been changed since 12/2 and stumbled onto the file I needed.  I'm posting this for anybody else who experienced the same thing.  It seems this should be posted prominently on the Avast site for others who need more help than just restore files from the chest.

Find and Open the file called aswboot.txt.  It will print a list of all of the files/programs deleted during the boot scan.

From my list, I've reinstalled A-squared  and HostMan and a few others.  I'm left with not knowing what to do about the following files...

File C:\COMPAQ\Audio\RTHDCPL.exe is infected by Win32:Delf-MZG [Trj], Repair: Error 42060 {The file was not repaired.}, Move to chest: Error 0xC0000034 {Object Name not found.}, Deleted
File C:\COMPAQ\Audio\SEC508.Skn is infected by Win32:Delf-MZG [Trj], Deleted
File C:\Documents and Settings\All Users\Application Data\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.msi is infected by Win32:Delf-MZG [Trj], Deleted
File C:\Program Files\Compaq\SetRefresh\SetRefresh.exe is infected by Win32:Delf-MZG [Trj], Deleted
File C:\SWSetup\SP36746\program files\COMPAQ\SetRefresh\SetRefresh.exe is infected by Win32:Delf-MZG [Trj], Deleted
File C:\SWSetup\sp39852\WDM\MicCal.exe is infected by Win32:Delf-MZG [Trj], Deleted
File C:\SWSetup\sp39852\WDM\RTHDCPL.exe is infected by Win32:Delf-MZG [Trj], Deleted
File C:\WINDOWS\CREATOR\Plugin\WNASPINT.DLL is infected by Win32:Zbot-MKK [Trj], Repair: Error 42060 {The file was not repaired.}
File C:\WINDOWS\CREATOR\WNASPINT.DLL is infected by Win32:Zbot-MKK [Trj]

I don't use Microsoft Office so I'm not worried about that one, but does anyone know anything about the others on this list and how to reinstall them?  

Thanks
« Last Edit: December 03, 2009, 07:04:07 PM by GoldenSt8r »

Offline Foggy

  • Jr. Member
  • **
  • Posts: 48
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #57 on: December 03, 2009, 07:54:39 PM »
I was always fond of Avast, and that mistake didn't make me lose trust in it - though it made me a little concerned. I hope nothing like that happens again, but there were dozens of ways to minimize and in my case nullify all damages (a little thinking doesn't hurt!).
All those who call for vengeance upon loosing many crucial programs or even OS - it is partly your fault as well. Anti-virus and anti-spyware programs are only of help for securing your computers against destruction, the most important thing is having common sense - why didn't you find it weird that suddenly all your files has the same infection all over the disk soon after av update? Do you think that there is a chance of you having one of the newest viruses all over the disk? Well, that could happen if you were to install/download/run programs that you don't know or trust(or visit certain dangerous sites), and if you run programs from unknown sources, that's your fault for having viruses. Of course I don't say that Alvil is not guilty, but a letter of apology and help with restoring lost files is sufficient enough, so refrain from hanging them by the necks for your lack of sense.

Common sense tells me to do what the computer asks me to do.....especially when you try to boot up and fail and the only option you have is to do as the computer asks and run a restore to factory default. That was my only option if I wanted to get up and running. :(

Offline mikereid

  • Newbie
  • *
  • Posts: 14
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #58 on: December 03, 2009, 08:08:58 PM »
Couldn't find an aswboot.txt file - only an application aswboot, whats the location of the file?


Offline GoldenSt8r

  • Newbie
  • *
  • Posts: 2
Re: If you are getting virus alerts please read! (Win32:Delf-MZG (Trj))
« Reply #59 on: December 03, 2009, 08:43:31 PM »
Couldn't find an aswboot.txt file - only an application aswboot, whats the location of the file?



C:\ProgramFiles\Alwil Software\Avast4\DATA\report