My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
files\WinRAR\Default.FSX.

I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up a
little rash of forum posts, all related to AVG during the last couple of
days, discussing the same detection. The online multiple scanners are too
busy to test the file at the moment, but I'll check it out when they settle
down a bit.

Anyone else out there with AVG AS and WinRAR getting this?

My latest update from AVG also found something :Trojan Horse
Downloader.small.57.ba and T.H. Small.2.ab . Just left the forum and other
people are just starting to talk, but no answers yet that i saw. Ron

"Alan D" wrote:

> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
> files\WinRAR\Default.FSX.
>
> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up a
> little rash of forum posts, all related to AVG during the last couple of
> days, discussing the same detection. The online multiple scanners are too
> busy to test the file at the moment, but I'll check it out when they settle
> down a bit.
>
> Anyone else out there with AVG AS and WinRAR getting this?

oops, my AVG-AV found my problem not my AVG-AS. Scanning now with AS, I'll
see if anything shows up.

"Alan D" wrote:

> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
> files\WinRAR\Default.FSX.
>
> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up a
> little rash of forum posts, all related to AVG during the last couple of
> days, discussing the same detection. The online multiple scanners are too
> busy to test the file at the moment, but I'll check it out when they settle
> down a bit.
>
> Anyone else out there with AVG AS and WinRAR getting this?

Alan a full scan found only cookies.

"Alan D" wrote:

> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
> files\WinRAR\Default.FSX.
>
> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up a
> little rash of forum posts, all related to AVG during the last couple of
> days, discussing the same detection. The online multiple scanners are too
> busy to test the file at the moment, but I'll check it out when they settle
> down a bit.
>
> Anyone else out there with AVG AS and WinRAR getting this?

same here-two computers- only found cookies
robin
"Ron H" <(E-Mail Removed)> wrote in message
news:FCA74E9B-6F44-4A0B-AA6C-(E-Mail Removed)...
> Alan a full scan found only cookies.
>
> "Alan D" wrote:
>
>> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
>> files\WinRAR\Default.FSX.
>>
>> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up
>> a
>> little rash of forum posts, all related to AVG during the last couple of
>> days, discussing the same detection. The online multiple scanners are too
>> busy to test the file at the moment, but I'll check it out when they
>> settle
>> down a bit.
>>
>> Anyone else out there with AVG AS and WinRAR getting this?

Alan, send the file to AVG and they will check it out.
I just had one last week and i sent it to AVG
they told me it was a false positive after (it showed up as a registry file)
I sent them that part of my registry and told me they would fix it in their
next updates.
robin
"Ron H" <(E-Mail Removed)> wrote in message
news:FCA74E9B-6F44-4A0B-AA6C-(E-Mail Removed)...
> Alan a full scan found only cookies.
>
> "Alan D" wrote:
>
>> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
>> files\WinRAR\Default.FSX.
>>
>> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up
>> a
>> little rash of forum posts, all related to AVG during the last couple of
>> days, discussing the same detection. The online multiple scanners are too
>> busy to test the file at the moment, but I'll check it out when they
>> settle
>> down a bit.
>>
>> Anyone else out there with AVG AS and WinRAR getting this?

"Robinb" wrote:

> Alan, send the file to AVG and they will check it out.

Done that this morning, Robin. I also scanned the quarantined file at
virustotal and they all found nothing (including Ewido, so AVG may have
already fixed it).

As a general point - maybe you or someone else can tell me Robin? When a
file is quarantined, is it changed or 'sterilised' in any way? It seems odd
that I can simply attach it to an email and send it off to AVG if it had
really been infected. If it really were infected, wouldn't the email
antivirus checker prevent me from sending it?

Similarly, the file I sent to Virustotal was the quarantined file. (It
seemed daft to release it first). Is that the right thing to do?

"Ron H" wrote:

> Alan a full scan found only cookies.

Thanks Ron. Do you have WinRAR installed, though? It seems to be a
particular WinRAR file that may be triggering the AVG scanner.

Alan, don't use WinRAR but you ask a question that bothers me to. I feel that
when a program quarantines a file it renders it useless untill you restore or
delete it by the program that quarantined it in the first place. So i would
think by sending a quarantined file for a scan your sending a encrypted file,
useless for a malware scan. I've sent 3-4 quarantined files in the past and
they have come back neg. only to find out they were f.p.'s later. But if i
need to i won't quarantine so fast and then check and see. This is what i
think and i'm open for correction if i'm wrong.

"Alan D" wrote:

> My AVG scan today picked up what it called "Worm.Fujack.ac" in C:\Program
> files\WinRAR\Default.FSX.
>
> I'm pretty sure this is a false positive. Googling 'Fujack.ac' brings up a
> little rash of forum posts, all related to AVG during the last couple of
> days, discussing the same detection. The online multiple scanners are too
> busy to test the file at the moment, but I'll check it out when they settle
> down a bit.
>
> Anyone else out there with AVG AS and WinRAR getting this?

just like an virus, when it is quarantined it basically means a "bubble" is
placed around it and it cannot spread its venim anymore. It is basically
taken out of commission. You can still send it off in an email, it is only
quarantined on your computer. The anti virus/malware program will not allow
you to open it but it does allow you to email it. (where you are sending it
ie a virus check company, etc- I am sure they have mega protection up when
they receive these files)
If it is a false positive (and you know that for a fact) you can take it out
of quarantine and it goes back to where it came out of.
Sometimes the OS or a program actually needs that file to work so when you
quarantine it you might have problems with your OS or the program. the best
thing is to see what happens on your computer to see what starts to act
funky.
Also once in quarantine the best practice is to do a search and see if
anyone knows of a cleaner to clean the file. Some virus protections if they
cannot clean it they just quarantine it and you need to do some
investigating on the internet to find a way to actually clean or replace
this particular file.
In this case you can actually send it to AVG through your program.
I know you have the suite but in there in "Help"/Technical Support and read
on how to send a file to AVG. If you are not sure how to send it you can
just send them the path and they will explain how to send it to them.
robin
"Alan D" <(E-Mail Removed)> wrote in message
news:80C9B6AE-FFFD-41D4-89E6-(E-Mail Removed)...
>
>
> "Robinb" wrote:
>
>> Alan, send the file to AVG and they will check it out.
>
> Done that this morning, Robin. I also scanned the quarantined file at
> virustotal and they all found nothing (including Ewido, so AVG may have
> already fixed it).
>
> As a general point - maybe you or someone else can tell me Robin? When a
> file is quarantined, is it changed or 'sterilised' in any way? It seems
> odd
> that I can simply attach it to an email and send it off to AVG if it had
> really been infected. If it really were infected, wouldn't the email
> antivirus checker prevent me from sending it?
>
> Similarly, the file I sent to Virustotal was the quarantined file. (It
> seemed daft to release it first). Is that the right thing to do?
>