Fujacks writer's removal tool slated
Virus creator's anti-virus not up to scratch, says Symantec.
A cleanup tool created by the writer of the Fujacks virus, also known as the 'Panda burning incense'
virus in reference to the icon used by infected files, has been criticised by researchers at Symantec as
ineffective at removing the man's own creations.
Fujacks gained much press coverage after Chinese press hyped
its virulence and effectiveness, although spreading has been limited, thanks in part to the clear evidence
of infection provided by the unusual icon. The removal tool was released after the man, 25-year-old Jun Li of
Wuhan province, was arrested in a groundbreaking case for the
Chinese police. Included with the tool is an apology from the virus writer, and a warning to computer users
to maintain good security regimes.
'It seems pretty obvious that a virus writer isn't going to have the necessary skills and knowledge to
create a decent removal tool,' said John Hawes, Technical
Consultant at Virus Bulletin. 'Users shouldn't trust amateurs to clean and protect their machines,
quality anti-malware and other security software is a must for anyone wanting to keep their machines and
data safe in the modern online environment.'
When analysed and tested by researchers at Symantec, the tool was found to be entirely useless at
removing several variants of the virus, and only partially effective against others, leaving behind doctored
registry keys and infected files. A blog posting on the study can be found at Symantec,
here,
while more detailed analysis of Fujacks itself can be found, in PDF format,
here.
30 March 2007
Tags:
virus
del.icio.us 
digg this
As expected, the annual VB100 test on Windows XP was an epic. A higher than usual pass rate was tempered by numerous stability issues with the products under test, prompting the unveiling of a new stability rating system. John Hawes has all the details.