It seems that there is a problem when downloading Zattoo. Avast! finds a virus. Not sure. Could you please check.
Thanks for your assistance.
Well the strange thing I get two alerts first an exe file downloaded to a docs & settings, user, temp folder, h74yjzd.exe followed by an alert on hXXp://download.tattoo.com/zattoo-3.1.1beta.exe.
I say strange because I can’t see why it would be downloading to the temp folder another .exe file. So because of that I aborted the beta download file as I had intended to upload it to virustotal for checking. If you have a copy of tattoo-3.1.1beta.exe (I assume this is the same file as you don’t mention that) then you could upload it to VT.
- Upload to VirusTotal - Multi engine on-line virus scanner and report the findings of these files here. If any are detected by multiple scanners send example to avast, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
Only 2 scanners find anything in h74yjzd.exe avast and one other GData which uses two scanners one being avast, so this detection would appear to be a false positive. I have sent h74yjzd.exe to avast for analysis as a false positive. However I’m still not happy about the way this was underhandedly downloaded to my system by tattoo.com.
Edit: I would have downloaded the above beta (pausing web shield) to send to VT (exceeds the 10MB limit) and send it to avast, but it is 16.5 ish MB and too much on dial-up.
Problem solved this morning. I have downloaded and installed Zattoo on two machines (Vista XP1 and XP Pro SP3) without any problem this morning.
Thanks for your on-going efficient assistance.
Thanks for the feedback.
I installed zattoo on Saturday evening, and it worked normally (without any alerts from avast, neither during installation nor when I actually ran the program).
Today I tried to run it again for the first time after Saturday, and I got a virus alert by avast. Then, I scanned the installation file as well, and I got the same alert (although I didn’t get anything on Saturday when I first installed it).
Could it be that there is a bug in the newest virus definitions set that I downloaded? I don’t remember when it was, but surely AFTER Saturday. If this is not the case, then what else could be wrong? Is it possible that a virus/trojan has entered my machine and only copied itself into the zattoo files? (both installation file AND actual program)?
Many thanks!
Did you follow David’s suggestions on reply #1?
No, because I panicked and deleted both files before trying to figure out what is wrong.
Are you aware of any discrepancies for Zattoo within avast? Do you have any idea what could have been the cause of this alert?
No, sorry, I don’t.