Whether "win32:zbot-mkk" it also a false alarm?

Whether “win32:zbot-mkk” it also a false alarm?

I hope so. I had “zbot-mkk” report on my computer in addition to the “delf-mzg.” I’ve updated to the new virus database, but I have not yet completed a full scan.

Do you have the updated VPS - 091203-1 downloaded from Avast on your machine yet before doing your scan?

If you’re asking me, yes.

After updating the virus database I rescanned the “delf-mzg” file that I quarantined. It came up as “no virus” so I restored it. By the time I encountered the “zbot-mkk” report I suspected a false positive problem and I was telling Avast! to take no action, so it’s still on the computer.

I just alerted the mods. about this.

Yes, it’s the same story.
I’ve updated the statement thread accordingly: http://forum.avast.com/index.php?topic=51647

Thanks
Vlk

I seriously thought my computer was infected last night with DELF-MZG adn Zbot-MKK and allowed Avast to delete the reported infected executables. (Adbobe, Nero, and many more of my programs) When it got to some infections in my Win32 folder, I was expecting post boot problems and sure enough, my computer will not get past the BIOS post now.
I’ll be trying a Windows repair install today and if successful a re-install of the now damaged programs.

I’m only posting this as FYI as to the possible impact of this problem on other users.

Even a boot into Safe Mode isn’t possible?

We haven’t had any reports on Microsoft (operating system) files being affected by the issue, so the system should hopefully boot.

Thanks
Vlk

I also did a full scan and deleted all files. Before I did the scan I was unable to run multiple programs such as media monkey and peer guardian do to the “virus.” After the scan completed it did start Windows successfully. However I am scared to reboot. There were some files that were detected in both windows temporary folder and windows system folder. Perhaps I can post the log later.

So you were deleting the files (as opposed to moving them to the Virus Chest)?

Just as a heads up, I tried putting my DLL’s in the chest when the trojan false positive showed up, but I kept getting access denied and delete was the only thing that worked.

I deleted as well for the same reason. Repair and move to chest did not work. I can post the log when I get home.