Win32:Adloader-AC False Positive?

I’ve been getting this issue for the past couple of days and I can’t figure out what the deal is?

11/1/2008 9:06:51 PM SYSTEM 1504 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Program Files\BitTorrent_DNA\dna.exe” file.
11/4/2008 12:17:29 AM Compaq_Owner 1504 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Program Files\BitTorrent_DNA\dna.exe” file.
11/5/2008 1:35:53 AM Compaq_Owner 1484 Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Program Files\BitTorrent_DNA\dna.exe” file.
11/7/2008 2:58:18 PM Compaq_Owner 1484 Sign of “Win32:Adloader-AC [trj]” has been found in “C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates{0DB90A17-4436-457E-95AF-DCA264E402CC}\mpasbase.vdm.temp” file.

This is why the avast generic signature is identifying dna.exe as win32:trojan-gen, http://eccentric-toast.com/dnaexe.

The Windows Defender, Definitions Update detection on mpasbase.vdm.temp is probably down to as the signatures are added avast is detecting an unencrypted signature. So I think this one could be down to not encrypting signatures.

I would imagine that after the update the mpasbase.vdm.temp (presumably a temp file) would have been removed after the update.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.