W32.Eggman


Aliases: Win32.Slaman.i, W32/Slaman.gen, W32.Eggman.gen, Win32.HLLP.Slaman, Win32/Tsumi.A@mm 
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: Dormant
Spreading: Slow
Geographical info: Europe, North and South America, and some parts of Asia and Australia
Removal: Easy
Platform: W32
Discovered: 13 Jul 2003
Damage: Low

Characteristics: W32.Eggman is commonly known as a virus written in Visual Basic. This virus searches for .exe files in the current folder and adds itself to the beginning of that file. When successful in finding the “.exe” file, it attaches and infects that file. It affects all Windows Operating System platforms namely Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, and Windows XP.

More details about W32.Eggman

W32.Eggman can spread to systems that do not have passwords or to ones with simple passwords. Discovered last July 13, 2003, the virus is said to be created by a “virus generator”. As always, make sure and always enforce a password-policy as one of your daily practice in saving and protecting files. Auto play facility in your computer should be disabled to prevent the automatic launching of executable files on network and removable drives. You should also disconnect the drives when not used. File sharing should also be turned off if it is not needed. Do not always install or turn on computer services popping up in your screen because these are critical avenues usually affected by the virus. More importantly, do not accept applications that are unsigned or sent from unknown sources. Removal will mostly include deleting any file that contains its detection. However, you first need to disable System Restore in your Windows Me and or XP or any windows operation you have.

Cleaning the PC from infection often means deleting the files infected by it. However, it's not easy to delete all files, especially if it is used by an active application. Furthermore, these files are not seen as they conceal themselves as legitimate files. This can be resolved by downloading a useful antivirus program that will absolutely remove all the traces of infection in your system. You can download it and install it in your PC by double clicking on the downloaded installer file. The software comes with a step-by-step guideline on how to install the software. After the installation, scan the computer completely and the antivirus software will provide you with a list of infected files. You may see a repair, delete, or remove option. Click either one of those in to wipe all the infections. However, you have to make sure that you have set the system restore into disable. You must also remove all worms infected files as well as those being patched or copied to the registry keys. Once you have successfully removed all the infected files, you must modify and restore them.