Category: Computer Worm
Europe, North and South America, and some parts of Asia and Australia
29 Jul 2003
W32.HLLW.Egar.int is a worm that uses Kazaa programs to propagate. Users using peer-to-peer sharing programs are prone to being infected by this worm. It is believed that there are still a lot of bugs in the program. Once executed, it modifies system registries so that it runs when windows starts. The worm cannot continuously be successful in copying itself. It affects all Windows Operating System platforms namely Windows 2000, Windows 95, Windows 98, Windows NT, and Windows XP.
W32.Egar.int Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Egar.int from your computer.
More details about W32.Egar.int
The author chose to write this in Visual Basic format. Using Kazaa network, a peer-to-peer sharing program and its shared folder, this worm creates folder and/or files such as hlkeygen.exe, cskeygen.exe, Windows XP Keygen.exe, Windows .NET KeyGen.exe, Windows .NET Enterprise Server KeyGen.exe, Windows .NET All Version Activation Crack.exe, Windows .NET All Version KeyGen.exe, Windows .NET WPA Crack.exe, Windows .NET Activation Hack.exe, Windows XP WPA Crack.exe, Cisco Hacker.exe, Cisco Hacker 2003.exe, Cisco Hacker v4.0.exe, Cisco Scanner 2.exe, Cisco Scanner Lite.exe, Cisco Scanner Setup.exe, and Proxy Scanner v4.0b.exe. All the program files infected by this worm tend to be hidden and would be hard to detect. Most parasites attempt to hide their tracks, so you will have to enable the displaying of hidden and system protected files.
The W32.Egar.int program may also open a backdoor to the victim computer. Once the backdoor has been executed, the hacker may perform several malicious actions. The hacker could use the victim computer to engage in denial of service (DoS) attacks. The hacker could also transmit critical information to a remote server. Some users whose computers have been infected with this program have reported that their USB ports have been disabled. The malware may also disable the system restart and shutdown. It does not offer an End User License Agreement (EULA) before and during its installation. It does not provide a completely functional uninstaller.