W32.Fujacks!gen


Aliases: N/A
Variants: W32/Fujacks.gen!af0c7e08293d, W32.Fujacks.E, W32/Fujacks-AZ, Worm.Win32.Fujack.o, ~Worm.Fujack.GZ

Classification: Malware
Category: Computer Worm

Status: Inactive
Spreading: Slow
Geographical info: Some parts of Asia, Europe, North and South America, Africa and Australia
Removal: Easy
Platform: W32
Discovered: 09 Jan 2007
Damage: Medium

Characteristics: W32.Fujacks!gen was first found on January 9, 2007 which is a generic detection for the W32.Fujacks family of worms. This means that the worm detects any member of W32.Fujacks family. This worm mainly affects Windows systems.

More details about W32.Fujacks!gen

Once a variant of W32.Fujacks!gen is found and is executed, the worm does several actions. First, the worm infects three specific files (.asp, .htm, .html). these files could be found on local system. Then, the worm adds subkeys to the system registry and deletes the run subkeys of identified security-related software. The worm produces a copy of itself to network shares with the use of some weak passwords. It also creates itself to remote password sharing through the use of a dictionary attack against weak passwords. The worm has the capability to infect executables on the local drive and replicates itself to other locations. Furthermore, the worm may create [DRIVE LETTER]\autorun.inf and deletes .gho, .exe, .scr, .pif and .com files. Also, it removes all local network shares.

Some reports that the W32.Fujacks!gen application may allow a remote attacker to make an unauthorized access to a user’s computer system by creating a backdoor program without allowing the computer user know that the machine is infected. This action, the reports add, can make the computer vulnerable to various mediums and there is a possibility that the computer can loss control. According to a number of users, this malicious program can infect the machine through freeware, peer-to-peer networks, malicious websites, and shareware. Possible signs that a machine is infected by this backdoor Trojan may include occurrences of pop-up advertisements on the computer desktop, alterations in the settings of the browser’s homepage, reduced computer system speeds, and installation of search toolbars and Browser Helper Objects to the Internet browser.