Resolve for Delf-ALI icon

Resolve for Delf-ALI

2.4/5 11
Certified 100% CLEAN Freeware   

A tool that removes Delf-ALI trojan. #Virus protection  #Trojan protection  #Trojan remover  #Delf-ALI  #Remove  #Remover  

Description

Free Download

Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms. They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.

Troj/Delf-ALI is a worm and IRC backdoor Trojan for the Windows platform.

Troj/Delf-ALI spreads to other network computers by exploiting common buffer overflow vulnerabilities, including RPC-DCOM (MS04-012).

Troj/Delf-ALI runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

Troj/Delf-ALI includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/Delf-ALI is installed it creates the clean text file msguid32.dll.

The following registry entry is created to run Troj/Delf-ALI on startup:

HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun Microsoft IIS

Troj/Delf-ALI attempts to log details from banking applications related to the following sites:

www.halifax-online.co.uk ibank.barclays.co.uk online.lloydstsb.co.uk online-business.lloydstsb.co.uk www.ukpersonal.hsbc.co.uk banesnet.banesto.es extranet.banesto.es ebanking.bccbrescia.it www.bankofscotlandhalifax-online.co.uk oi.cajamadrid.es bancae.caixapenedes.com banking.postbank.de meine.deutsche-bank.de myonlineaccounts2.abbeynational.co.uk ibank.cahoot.com webbank.openplan.co.uk bancopostaonline.poste.it mybank.bybank.it ibank.internationalbanking.barclays.com welcome7.co-operativebank.co.uk welcome11.co-operativebankonline.co.uk

Troj/Delf-ALI modifies the HOSTS file in order to redirect access to the above sites.

Troj/Delf-ALI stores logged information to the following clean text files in the Windows system folder:

abbey.dll bane.dll bankofscot.dll barc.dll barc3.dll bccbrescia.dll bybank.dll cahoot.dll caixapenedes.dll cajamadrid.dll coo11.dll coo7.dll deutchebank.dll halif.dll hsbc.dll lloy.dll posta.dll postbank.dll wool.dll

Troj/Delf-ALI can be removed from Windows computers automatically with the following Resolve tools:

DELFAGUI is a disinfector for standalone Windows computers. To use it you have to do the following: ■ Open DELFAGUI.com file from your desktop after downloading it. ■ Click on the Start Scan Button. ■ Wait for the process to complete. ■ After removing the worm you should install the Microsoft patch MS04-012 or, on single computers, update with all relevant security patches from Windows update.

DELFASFX.EXE is a self-extracting archive containing DELFACLI, a Resolve command line disinfector for use by system administrators on Windows networks.

User Comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

Resolve for Delf-ALI 1.07

add to watchlist add to download basket send us an update REPORT
  runs on:
Windows All
  file size:
76 KB
  filename:
delfagui.com
  3 screenshots:
Resolve for Delf-ALI - screenshot #1Resolve for Delf-ALI - screenshot #2Resolve for Delf-ALI - screenshot #3
  main category:
Antivirus
  developer:
  visit homepage