Win32:VBCrypt-CSL [Trj] found during scan (clean boot scan) in NTUSER.DAT

[WhatIsTheFussAbout]

Avast just found  Win32:VBCrypt-CSL [Trj] during a full scan in NTUSER.DAT.  I then ran a boot time scan that came back clean.  I re-ran the full scan and it once again found the trojan.  However Avast cannot repair this file since it is in use - I believe it is part of the windows registry.  MalwareBytes Anti-Malware did not find this in a scan.

1) Why would the boot scan not find it and the standard scan find it?
2) How do I know if this is a false positive?
3) How do I go about backuping up and cleaning this file? 

I attached the report from the scans.

Thanks

[Eddy]

Upload the file to https://www.virustotal.com/ and post the report link here.
Also tell us where exactly the file is located.

[WhatIsTheFussAbout]

Thank you for your help.

https://www.virustotal.com/en/file/c3f2e1e9a0e15fe36dc74c430b78f7b3dd72d175319c0da7cd02edfd5fdcc63c/analysis/1388739889/

When I copied this file I renamed the copy to infected-ntuser.dat which I uploaded here.

The original file is c:\users\home\ntuser.dat   My Windows 7 user name is home.

Thank you

[Eddy]

It looks like a false positive.
Please report it using this form: http://www.avast.com/contact-form.php

[jwoods301]

Another user reported this yesterday in the "viruses and worms" forum.