W32/Fujacks-J

Category:	Viruses and Spyware	Protection available since:	17 Jan 2007 00:00:00 (GMT)
Type:	Win32 executable file virus	Last Updated:	17 Jan 2007 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Fujacks-J is a prepending virus for the Windows platform.

W32/Fujacks-J can also spread to network shares and has backdoor functionality.

W32/Fujacks-J includes functionality to access the internet and communicate with a remote server via HTTP.

W32/Fujacks-J attempts to download and run additional code and executables.

W32/Fujacks-J searches for files with HTML and ASP extensions and append code to them. These files are detected as Troj/Fujif-A.

When first run W32/Fujacks-J copies itself to <System>\drivers\nvscv32.exe.

The following registry entry is created to run nvscv32.exe on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
svcshare
<System>\drivers\nvscv32.exe

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
CheckedValue
0

Sophos's anti-virus products include Behavioral Genotype™ Protection, which can proactively guard against new threats without requiring an update. Sophos customers have been protected against W32/Fujacks-J (detected as Mal/Packer) since version 4.10.

Try Sophos products for free
Download now

W32/Fujacks-J

Free Mac Anti-Virus

Popular topics