Possible false alarm?

Hi all,
Today NOD32 heuristically idnentified a possible script virus in a file it has previously overlooked in the past ~60 days of scanning. The file is part of a engineering program on my laptop. I checked previous logs and the same file appears to be ok is all previous scans. Previous scans reveal that it never scanned within these types of files (*.chm - compiled html files). Was this capability added to scan within these in today's update? Yesterday, the total number of scanned files on the C drive was around 32000. Today, it increased to 56000. There are over 11000 sub-files scanned in this one file alone. Here is the email notification:

6/30/2004 20:29:22 PM - NOD32 Program Virus Alert triggered on PRECISION: C:\Program Files\Ansys Inc\v80\CommonFiles\HELP\en-us\ansyshelp.chm > CHM > /Hlp_C_OPEXE.html infected with probably unknown SCRIPT virus.

I would like to submit the file to ensure that it is not hostile (although this is unlikely), but the ansyshelp.chm is ~46 Megs. Should I decompile the file in some manner to submit the Hlp_C_OPEXE.html component?

Thanks for your help,
-Shelby

 

There has been and archive support module update day or two ago. As you noticed correctly, .cmh is extension for compressed HTML help file which may consist of thousands of single html files.... For a common user decompiling it is not that easy task....
You should try to contact eset supprot for furter advice.

 

i don't think ANSYS guys will be that careless. notify them about this alarm and after their verification you can ignore this as a FP. you can also ask them to send this specific part to NOD32 to fix this issue. if you have RoboHTML you can decompile this CHM file. there are lots of softwares which will allow you to do just that. Robo just sprang into my mind as i was watching the cartoon today.