win32:fujack-k on vista pagefile.sys(FP)

[proactivelover]

i install avast v4.8.1256 on c Partition(winxpsp3) but on d Partition i install vista when i scan vista pagefile.sys avast give me virus warning(win32:fujack-k)
i think it's fp pls fix it

[RejZoR]

This must be an on-demand deetction because pagefile.sys is excluded from on-access scanner.

[proactivelover]

This must be an on-demand deetction because pagefile.sys is excluded from on-access scanner.

yes

[igor]

Well, I looked at the signature... it's certainly not ideal, false positives might occur on HTML pages that write about that piece of malware - but I wouldn't call this detection on the pagefile.sys necessarily a false positive, this signature certainly doesn't appear in an ordinary (unrelated) file.

You have to realize that the pagefile is a partial snapshot of the computer memory - so maybe you've visited some webpage covering this piece of malware... or it's also possible that this malware was indeed active in that operating system.
(Or, maybe you have a different antivirus installed in that system which keeps uncrypted virus signatures in memory...)

Personally, I wouldn't change this detection. (After all it's been there since April 2007, and I don't think it was reported as false positive during that long time... I can see one post about it here on the forum, and it was a conflict of 2 different antiviruses, as I mentioned.)


Btw, this isn't related to the beta in particular (any other avast! version would report the same)... so I'll probably move this thread into some other forum.

[TaDa]

OK going to try again

Been experiencing problems because of pagefile.sys and just lost what I was originally going to post.

I think your assessment of the OPs problem is wrong.  I've experienced the same problem and it isn't the first time.

Awhile back when running a scan, pagefile.sys came up as a false positive.  Can't remember if it was Vista or XP that I scanned at that time.  I was able to bypass the false positive and continued with the scan.  I didn't change anything in Avast with regards to pagefile.sys and when doing scans afterwards it never came up again, until yesterday.

On Monday I ran a scan in Vista and nothing came up.  Yesterday I scanned in XP and it came up again showing Vista's pagefile.sys as being a virus (same as the OPs).  Unfortunately I wasn't paying full attention and moved it to a temp file where it was given a .vir extention.

After the scan I removed the .vir extention and copied it back to the Vista root, however, the file must have been changed because I've been experiencing problems since and both Vista and XP are acting strange.

I've run Avast again, as well as Spybot and AVG anti-spyware in both Vista and XP nothing comes up. 

So what do I do now? 

I tried running sfc /scannow but it won't run in Vista's root.  Thought about trying to run sfc /scannow in XP but not sure if it will work using the Vista disk.  I don't want to use the XP disk as it is Vista's pagefile.sys that was changed not XP's.