A tool that removes W32/Alcra-B. #Trojan remover #Trojan protection #Antivirus protection #Alcra-B #Trojan #Remove
Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms.
They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.
W32/Alcra-B is a worm for the Windows platform.
W32/Alcra-B spreads via file sharing on P2P networks.
W32/Alcra-B includes functionality to download, install and run new malware executables. W32/Alcra-B is a worm for the Windows platform.
W32/Alcra-B spreads via file sharing on P2P networks.
W32/Alcra-B includes functionality to download, install and run new malware executables.
W32/Alcra-B typically arrives with the filename Setup.exe.
When first run W32/Alcra-B displays a dialog box with the text "Setup", "Welcome to the Setup Wizard ...". W32/Alcra-B creates the folder winupdates, copies itself to this folder as winupdates.exe and creates the following files:
winupdatesa.zip cmd.com bszip.dll netstat.com ping.com regedit.com taskkill.com tasklist.com tracert.com
All files and folders will have the hidden and system attributes set, including the Windows system folder.
a.zip is a zip archive containing a copy of W32/Alcra-B named Setup.exe.
Bszip.dll is a clean file compression utility.
The new files created in the Windows system folder by W32/Alcra-B with a COM extension are simply 'MZ' stubs (2-byte files simply containing "MZ"), designed to disable the standard Windows applications: cmd, netstat, ping, regedit, taskkill, tasklist and tracert. Executables files with a COM extension have precedence over files with the same filename, but an extension of EXE, therefore if a user runs "cmd", "netstat", "ping", "regedit", "taskkill", "tasklist" or "tracert", the new file with a COM extension will be executed rather than the legitimate executable with an extension of EXE.
The following registry entry is created to run winupdates.exe on startup:
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun winupdates winupdateswinupdates.exe /auto
W32/Alcra-B can be removed from Windows computers automatically with the following Resolve tools:
ALCRAGUI is a disinfector for standalone Windows computers. To use it you have to do the following: ■ Open ALCRAGUI.com file from your desktop after downloading it. ■ Click on the Start Scan Button. ■ Wait for the process to complete.
ALCRASFX.EXE is a self-extracting archive containing ALCRACLI, a Resolve command line disinfector for use by system administrators on Windows networks.
Resolve for Alcra-B 1.07
add to watchlist add to download basket send us an update REPORT- runs on:
- Windows All
- file size:
- 76 KB
- filename:
- alcragui.com
- main category:
- Antivirus
- developer:
- visit homepage
IrfanView
calibre
Bitdefender Antivirus Free
Zoom Client
7-Zip
Context Menu Manager
ShareX
4k Video Downloader
Microsoft Teams
Windows Sandbox Launcher
- 4k Video Downloader
- Microsoft Teams
- Windows Sandbox Launcher
- IrfanView
- calibre
- Bitdefender Antivirus Free
- Zoom Client
- 7-Zip
- Context Menu Manager
- ShareX