False positives after update Avast (fixed!)

UPDATE: THE ISSUE IS RESOLVED / FIXED : updated version: 091203-1
Continue reading at the bottom of this post for info on the fix

What was going on:

The latest Avast virusdatabase update came with a serious bug. In version 091203-0 various files* are being marked as “Win32:Delf-MZG (Trj)”. These are all false positives and should
be ignored. (* rumors say the affected files are written in Delphi )

Apart from falsely marking files as this virus some say it can hinder the windows operating system’s boot, so if you happen to suffer from these symptoms, under no circumstance reboot your system. If you would reboot, Avast could block certain services from starting.

To disable Avast (temporarily) follow these instructions: (continue reading at the bottom for the fix)

  1. Right mouse clicking the Avast icon near your clock.
  2. Choose Stop On-access scanning tasks

If you got stuck and need to reboot your system, follow these instructions first. ( In any other case, just disabling Avast. ): (continue reading at the bottom for the fix)

  1. Reboot in safe mode: Hold down F8.
  2. Log in as Admin
  3. Uninstall AVAST & DO NOT SCAN YOUR COMPUTER!!
  4. Wait until Avast fixes the bug or install another virus scanner.

Disable AVAST for the time being.
Wait for another iAVS update and click NO ACTION when action is required.

Quote from: zone12 on Today at 02:05:26 AM

The recent avast! VPS update has a serious flaw inside it, various files are being marked as “Win32:Delf-MZG (Trj)”. Some of the common files being marked as this false positive include Skype and Spybot S&D.

Apart from marking various files as this virus, the new update brought a crippling threat to the windows operating system. Accounts are vague but some are reporting that the new update may hinder the windows operating system’s boot.If you have updated avast during the last 48 hours do not restart your computer!This is caused by avast scanning the starting files, during this process it will mark a file as hazardous and will not allow you proceed without aknowledgement, being that this is happening during the time in which windows loads there is no possable way to give aknowledgement to the program therefore putting the computer at a standstill.

The problem started a few hours ago. In an attempt to find out what is happening, thousands of users went to Avast’s forum, immediately overloading it. In the mean time, “avast” is trending on twitter.

UPDATE: It is finally fixed. ( Thursday 7:05 CET )

Information about current update:
Total time: 39 s

– Vps: Updated
(previous version: 091203-0, updated version: 091203-1)

Server: download650.avast.com (209.62.90.50)
Downloaded files: 6 (1,78 KB)
Download time: 9 s

To UPDATE Avast follow these instructions:

  1. Right mouse clicking the Avast icon near your clock.
  2. Choose UPDATE
  3. Choose iAVS update

EXTRA:

How to restore files from the chest:

The Virus Chest can be accessed directly from the options menu in the Avast program window. To get there right click the Avast icon near your clock and choose Start Avast!. Cancel any starting scans!!! (important) Then click on the chest icon. A window containing a list of files will open. Right clicking on any file will produce the following options we can use:

  • Refresh all files: Select this option if you want to make sure you are looking at the complete list of files. The program refreshes the list automatically but you can use this option if you do not want to wait.
  • Restore file: The file will be restored to its original location and at the same time removed from the Chest.
  • Extract file: The file will be copied to the selected folder.

I suggest restoring.

(taken from the manual: http://download787.avast.com/files/manuals/user-manual-home-eng.pdf )

update: Official statement of AVAST (Alwil) http://forum.avast.com/index.php?topic=51647

One thought on “False positives after update Avast (fixed!)

  1. Pingback: Walter De Vos blog » Alles is virus volgens Antivirussoftware AVAST

Leave a Reply

Your email address will not be published.

Bad Behavior has blocked 1756 access attempts in the last 7 days.