Hello,
I just wanted to relay my findings of a false positive that I have found.
I use Avast! for resident protection and I use a 2nd AV scanner (Clam AV) on one of my workstations.
Seems like Avast keeps alerting me when ClamAV downloads a new virus definition database file.
I get this:
avast! [WORKSTATION1]: File “C:\Users\GeeLo\AppData\Local\Temp\clamav-2975b368aef9e353f9e2e3f2a53e328b.000009ec.clamtmp\daily.ndb” is infected by “JS:ScriptSH-inf [trj]” virus.
“Resident protection (Standard Shield)” task used
Version of current VPS file is 090522-0, 05/22/2009
I uploaded the detected file in question to http://www.virustotal.com/ and only 4 virus programs indicated a virus, including Avast,
all other commercial AV scanners did not… so it looks like this as a false positive.
Just wanted to share this info with the rest of you.