I’ll pile on! Have had this problem during the past two days also.
Running Win 7, 64 bit, IE9.
It's real easy to get Avast to detect the threat – simply go to the PayPal website – you don’t even have to log in. Avast pops-up with “TROJAN HORSE BLOCKED”, reporting that it blocked the threat when the file was created or modified.
The infected files are always located in the ‘Temporary Internet Files\Low\Content.IE5’ folder. It looks like the files are named either, ‘webscr[n].htm’ or ‘paypal_com[1].htm’.
I would’ve submitted a file report, but can’t as it looks like I need to browse to the subject file yet that’s tough to do when the file isn’t there. I have no problem getting to the specific folder directed by Avast. But the file isn’t where Avast says it is. So, when the pop-up reports that the Trojan Horse was “blocked when the file was created or modified”, does that mean that Avast actually blocked the file’s creation? Or did it remove it?
I got an email from PayPal telling me that the problem was definitely NOT on their end. They blame Avast. So the notion presented a couple posts before this one, that its strictly an IE problem is interesting. If it is, then I guess we’re at the mercy of any one at Microsoft who cares enough to be aware of this problem. Though a post a couple pages back in this thread reports having the same problem on a Mac. I wonder if that’s actually the case.
Anyway, the big question is: Despite the warnings, is it safe to do business on PayPal?
I wish Avast (I know I keep mis-writing their name) would chime-in with their perspective. I guess we should be asking the same of Microsoft, but their customer interface is so rigid, hierarchal, and cold, I’m not sure I want to invest the time to go there. It may be an Avast issue afterall, and that might very well be MS's entire answer.