Category: Computer Virus
Europe, North and South America, and some parts of Asia and Australia
29 Jan 2003
W32.Felic is a very tricky virus that deceives windows user by creating a valid windows folder when it is dropped. The author chose to write it on Microsoft Visual Basic programming language. All platforms of windows are vulnerable to this worm, may it be Microsoft IIS, Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP. When this folder is opened, it will execute the virus as well, thus making copies on the hard drive and floppy disk drive.
W32.Felic Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Felic from your computer.
More details about W32.Felic
Its filename is always “felicidades.exe” and “For You My Love.exe" on the removable drive. If the system date is May 1st, September 9th, or December 2nd, and the system time is 00:00:00, W32.Felic displays an image and a message containing, “Feliz Cumpleanos : Carlos Alberto DIA FELIZ DIA FELIZ DIA FELIZ DIA FELIZ Son los sinceros deseos de: [email protected]
@P [email protected]
@T.” It is usually in a blue window box that is enclosed with three circles colored orange, pink and green. Aside from displaying the message, it also adds a copy in the windows system directory as Win32.com. Once the virus has executed, it remains in memory.
According to various reports, the W32.Felic application is an infection that allows hackers to remotely influence the user’s infected computer, download unwanted files, take advantage of a security flaw in the system, distribute and spread viruses and threats, and install unsolicited files without consent from the user. It is possible that this virus will install and execute a remote administration utility that resembles legal remote administration programs being used by system administrators. These utilities connect the infected computer to the Internet or a Local Area Network to allow external control from hackers.