I have been using Avast! along with Spyware Terminator (integrated with ClamAV) for years without problem. However, this morning -after both program’s updates-I turned the computer off. Later, when I restarted the computer I received the following warning from Avast!:
"File C:\Windows\Temp\clamav-5b396513da04bb1cd6447b4417ffca contains a sample of script JS:ScriptSH-inf[trj] "
I reasoned that this was perhaps a conflict between the two programs and therefore deleted the file. Upon restart, the same message returned albeit with the file number changed. I moved this file to the Avast! quarantine chest. Upon restart the message returned this time with another file number (i.e. the file address remains the same until after the words “clamav-” and after that the file number changes). The script “JS:ScriptSH-inf[trj]” remains the same in each Avast! warning. I deleted my computer’s temporary files to no avail. The warning returns on each startup.
I was wondering if someone could offer an opinion as to what my next action should be. I’m almost certain that this is merely a case of two security software programs interacting. However the Avast! virus warning popping up on each restart is a bit aggravating.
Maybe another classic example of two antivirus conflicting.
I think ClamWin has merely nothing do add to avast detection.
It’s a sensation of security and not security itself.
Even SpywareTerminator, nowadays, will add very very little. They are useful as a second opinion, non-resident.
I must respectfully disagree. While I realize that Spyware Terminator is looked down on a bit as somewhat outdated, I recently had an experience which proved its usefulness. My niece was using my computer to access her MySpace page. One of her friends provided a link to an associated site (I know little of MySpace). When she clicked on the link, there was an attempt by that site to install a MyWebSearch toolbar, some sort of autodialer and several other pieces of malware. Unfortunately, Avast! did not flag a single piece of malware. Surprisingly, Spyware Terminator/ClamAV alerted regarding the toolbar, autodialer and one other piece of malware. When I scanned with Avast! there was no sign of detection, but SuperAntiSpyware subsequently found 22 issues and Malwarebytes found 6 registry entries related to the attempted install.
This is not to disparage Avast! as it has been my AV for years. It is to point out that having a backup is not such a bad idea.
Thank you for your posts. Unfortunately I did not quarantine but rather deleted the files. There were around 30 or so total and I quite frankly did not want them on my machine, especially the autodialer. Also, to be quite honest, it never occurred to me that Avast would want them, although in hindsight it would have made Avast stronger having their definitions. I will try to be more vigilant next time (though I hope there will be no next time! ;D) I’ve warned my niece not to simply click on a pretty bauble dangled before her, but she’s 11 and still impressionable.
As I said I still highly value Avast! and that’s why I was concerned when it began flagging this script in Spyware Terminator’s ClamAV update.
This morning (5/13/09) my Avast! once again showed a warning concerning a trojan horse and flagged the same script “JS:ScriptSH-inf[trj]”. I checked the false positive option on the warning pop-up and sent the notice to Avast!. Hopefully this may help.
Yes. Spyware Terminator offers the option of integrating ClamAV’s signatures into the Spyware Terminator’s Real-Time Shield signatures. According to what one of the Spyware Terminator techs told me a while ago, integrating ClamAV’s signatures with Spyware Terminator’s increases the effectiveness of the program’s Real-Time Shield. In fact, during the fore-mentioned episode with MySpace, it was the Clam element of ST which caught the malware. I realize the potential for conflicts between two antivirus programs, but my Avast and my Spyware Terminator have existed peacefully for quite a while with not one problem.
I am by no means a software expert, but I intimate from two other posts currently on this forum that the Avast! program seems to be detecting the antivirus signature “JS:ScriptSH-inf[trj]” in other programs, Spybot and ClamWin (I believe ClamWin and ClamAV are different programs, but am not quite sure). This is the first signature that my Avast! has ever detected inside another program, and over the years I’ve used it with Avorax, Threatfire, Windows Defender, Spyware Terminator, SuperAntiSpyware, Spybot, Malwarebytes, AdAware, among others. I have had more luck (and fewer conflicts) with Avast! than with any other antivirus program I’ve ever used and it is my favorite AV software. That’s why I was hoping that perhaps the people at Avast! might be able to rectify the conflict.
Actually, if not, it’s a relatively minor niggle, and a simple matter of checking “No Action” on the warning box.
This is a NEW finding that avast keeps noticing upon updating of the clamwin database.
Clamwin is superior to any other anti-virus program possble. It has no active scanning abilities though, so it is useless for more users. However, it has found a trojan that avast did not find. (you probably are infected with it). Avast has a very good web scanner though and has caught a lot real crap from even Opera browser.
Clamwin should be used daily as a scanner in the early morning/sleeping hours on all windows machines no matter what the virus program is. Clamwin has been and still is routinely sued by antivirus companies as it is a superior scanner and takes away business. None of the lawsuits stick of course. the latest was by trendmicro.
Anyways, this is a very disconcerting find “JS:ScriptSH-inf[trj]”
Has someone hacked clamwin? I think it would be rather something attacking clamwin that is never cleaned out, if it is actually a virus (trojan, whatever)
Any reply from Avast? I am going to email clamwin as well.
Just wanted to give a heads-up on having a back up or redundant malware byte-type defense.
noticed my computer had a virus by the slow-down,etc…I downloaded Spyware terminator because it has ALWAYS seem to catch any virus that all the “best” such as Avast, AVG, etc miss.
It actually found 4 middle of the road threats, a bout 7 tracking cookie-low threats and one TROJAN…marked as critical
Dont know how avast let them by, but "Iobit has a great free malware scan out there…I use all 3
I have reduced my real time security software from five with W7 and avast!6 to just three with W8-CP and avast!7; i.e, avast!7 AIS, SAS-Pro (I have a lifetime license and there are no apparent conflicts with avast7) and Firefox security related addons like NoScript.
