Win95.Antic.695, W32/Antic.695, W95/Antic.695
PE_ANTIC.695, W95/Antic-A, Win95.Antic
Category: Computer Virus
Active & Spreading
Asia, North and South America, and some parts of Europe and Australia
05 Mar 2002
The W95.Antic program copies itself from the computer. This worm searches its compromised computer’s hard drive for electronic mail addresses and then it sends out itself to an e-mail message as an attachment to get more computers infected
W95.Antic Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W95.Antic from your computer.
More details about W95.Antic
W95.Antic makes use of its victim’s Internet connection or network connection in sending its replicas to other computers via electronic mail. This worm is capable of spreading without any user interference. Once W95.Antic has gained access to a computer; it replicates itself as an executable file and mounts itself invisibly into the system directory. Aside from replicating itself, W95.Antic also performs other activities including installation of rootkits to hide some files and running processes from being seen and detected by the user. Some of these files include a peer-to-peer client.
When the W95.Antic virus is executed, it attempts to copy itself on the system’s shared memory, hooks the file system open request, and then transfers the control to the original host of the program. Once the virus, W95.Antic, has successfully infiltrated and penetrated the machine’s memory, it will infect all programs having .exe and .scr file extensions, regardless of whether the files are located on a local computer, or on a remote share. Host files shall have an increase in file size between 695 bytes and 4,096 bytes – an indication that the file has been infected. Due to bugs, most files infected by this virus tend to crash.