NAV won't detect MHTMLRedir.exploit in pagefile.sys

[strangerland]

I have a dual boot system: windows xp home and suse linux 9.2. When I'm in linux I use clamav to scan for viruses and it detects Exploit.HTML.MHTRedir-8 (which I believe Norton refers to MHTMLRedir.exploit) in my /windows/D/pagefile.sys
When I'm in windows Norton detects nothing. What gives? I've even gone into regedit and set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management

Value Name: ClearPageFileAtShutdown
Value Type: REG_DWORD
Value: 1

To clear the pagefile every time I shut down windows but clamav still detects the trojan.

 

[darksasami]

Like most Windows programs, Norton AntiVirus won't scan pagefile.sys, because there's very little it could do with it if it found anything without drastic consequences. An HTML redir exploit is going to be something that should be caught on the fly when you go to whatever site is causing it. Are you sure Windows is using that pagefile for swap?

Hanlon's Razor: Never attribute to malice that which is adequately explained by stupidity.

 

[strangerland]

Well I'm not absolutely sure its using this pagefile. I had eliminated the pagefile on my c partition and recreated it on the d partition and its the only one set up. I did this trough system properties advanced tab performance settings.