Raghav SR Blog

Virus spread when Anti-virus is in a pathetic state. My whole college is infected with Fujacks Virus and all the students accessing those files in their home via Usb are also affected ! So don’t ask me.,

Overview -

W32/Fujacks!htm is a detection for the following type of files infected with the parasitic W32/Fujacks virus:
- htm
- html
- asp
- php
- jsp
- aspx

When infected, these type of files will act as a downloader when executed and download the W32/Fujacks virus.
Characteristics
Characteristics -

These type of infected files:
- htm
- html
- asp
- php
- jsp
- aspx

When executed by a browser, will download in background a variant of W32/Fujacks parasitic virus, which will infect the following files:
- EXE
- SCR
- PIF
- COM

and the already cited types above.
When infecting the html,htm,asp,php,jsp and aspx files, it will append an iframe with width=0 and height=0, so the user will not notice it.
Symptoms
Symptoms -

The computer may become slow and may occasionally reboot due the infection of the executable files.
For the W32/Fujacks!htm infected files, they will have an iframe in the last line of the files.
Method of Infection
Method of Infection -

The W32/Fujacks virus will search several different vectors to find these type of files:
- htm
- html
- asp
- php
- jsp
- aspx
- EXE
- SCR
- PIF
- COM

So it can infect them.
Removal -
Removal -

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

Additional Windows ME/XP removal considerations
Variants
Variants -

N/A