W32.Chili


Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: active
Spreading: Low
Geographical info: Low
Removal: Moderate
Platform: W32
Discovered: 12 Nov 2002
Damage: Low

Characteristics: W32.Chili is known to copy itself automatically to the hard drive as well as floppy disk drive.

More details about W32.Chili

Based on some IT reports, this program has been created using the Microsoft Visual Basic programming language. The W32.Chili program creates a standard Windows folder icon to disguise itself to unsuspecting users of your computer or laptop. As a result, when you double-click the icon, the virus is executed and shows a specific message saying: "Guarde toda informacion 10:55:59 PM, 28.99, Temp de retroceso para grabar antes de qui se apague La Pc". This program copies itself as C:\%system%\System.exe. Note that %System% is a variable. It means that the virus attached itself to any system folder of the computer whatever drive letter it maybe.

This program continuously runs and locates the System folder and copies itself to that location. Upon installation, system folders are saved or created in this way: C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). When the virus is installed, it adds a certain registry key value. After the virus runs, it remains in memory, and it examines the floppy disk drive periodically. If it finds a floppy disk in the drive, it copies itself as A:\System.exe.