ANI virus

Virus Name: Exploit.ANIfile
Virus Chinese name: ANI virus
Virus Type: Worm
Risk level: ★ ★
Affected platforms: Windows 2000/XP/2003/Vista

Description: The Exploit.ANIfile.b example, "ANI poison" variant b is a system using Microsoft Windows ANI file handling vulnerability (MS07-017) for the spread of network worms. "ANI poison" variant b running, self-copied to the system directory. Modify the registry, boot from the start to achieve. Infection in normal executable file and the local web files, and download a lot of Trojans. Infection in the local disk and network shared directory multiple types of Web documents (including *. HTML, *. ASPX, *. HTM, *. PHP, *. JSP, *. ASP), implanted using ANI file handling vulnerability malicious code. To the logic of self-replication under the root directory, and create a autorun.inf autoplay configuration file. Double-click the drive letter to activate the virus, causing re-infection. Modify the hosts file, shielding more than Web sites that are mostly used to spread other viruses previously the site. In addition, "ANI poison" variant of b can also use the built-in SMTP engine to spread via e-mail.