resolve for delf-ali 1.07
a tool that removes delf-ali trojan
| details |
size: 76 kb
license: freeware free
os: windows all
publisher: sophos plc
|
date added: 30/08/2010
date updated: 30/08/2010
total downloads: 2
|
|
resolve for delf-ali 1.07 publisher's description
resolve is the name for a set of small, downloadable sophos utilities designed to remove and undo the changes made by certain viruses, trojans and worms. they terminate any virus processes and reset any registry keys that the virus changed. existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.
troj/delf-ali is a worm and irc backdoor trojan for the windows platform.
troj/delf-ali spreads to other network computers by exploiting common buffer overflow vulnerabilities, including rpc-dcom (ms04-012).
troj/delf-ali runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via irc channels.
troj/delf-ali includes functionality to access the internet and communicate with a remote server via http.
when troj/delf-ali is installed it creates the clean text file msguid32.dll.
the following registry entry is created to run troj/delf-ali on startup:
hklmsoftwaremicrosoftwindowscurrentversionrun
microsoft iis
troj/delf-ali attempts to log details from banking applications related to the following sites:
www.halifax-online.co.uk
ibank.barclays.co.uk
online.lloydstsb.co.uk
online-business.lloydstsb.co.uk
www.ukpersonal.hsbc.co.uk
banesnet.banesto.es
extranet.banesto.es
ebanking.bccbrescia.it
www.bankofscotlandhalifax-online.co.uk
oi.cajamadrid.es
bancae.caixapenedes.com
banking.postbank.de
meine.deutsche-bank.de
myonlineaccounts2.abbeynational.co.uk
ibank.cahoot.com
webbank.openplan.co.uk
bancopostaonline.poste.it
mybank.bybank.it
ibank.internationalbanking.barclays.com
welcome7.co-operativebank.co.uk
welcome11.co-operativebankonline.co.uk
troj/delf-ali modifies the hosts file in order to redirect access to the above sites.
troj/delf-ali stores logged information to the following clean text files in the windows system folder:
abbey.dll
bane.dll
bankofscot.dll
barc.dll
barc3.dll
bccbrescia.dll
bybank.dll
cahoot.dll
caixapenedes.dll
cajamadrid.dll
coo11.dll
coo7.dll
deutchebank.dll
halif.dll
hsbc.dll
lloy.dll
posta.dll
postbank.dll
wool.dll
troj/delf-ali can be removed from windows computers automatically with the following resolve tools:
windows disinfector
delfagui is a disinfector for standalone windows computers. to use it you have to do the following:
* open delfagui.com file from your desktop after downloading it.
* click on the start scan button.
* wait for the process to complete.
* after removing the worm you should install the microsoft patch ms04-012 or, on single computers, update with all relevant security patches from windows update.
command line disinfector
delfasfx.exe is a self-extracting archive containing delfacli, a resolve command line disinfector for use by system administrators on windows networks.
|
| antivirus information |
| downloadsky has downloaded and tested resolve for delf-ali on 2010-8-30 20:14:33 with some of today's best antivirus engines and you can find below, for your convenience, the scan results: |
| kaspersky: | clean |
| nod 32: | clean |
| bitdefender: | clean |
|
| no spyware |
| no adware |
| no viruses |
|  resolve for delf-ali: does not contain any adware or spyware, certified by download sky. |
|
| related press releases |
thirty days trial limitation has been removed from the free trial edition of leawo blu-ray copy v1.3.4.0 [2010-10-22 21:14:53]
shenzhen, china p.r. (september 27, 2010) – leawo software (http://www.leawo.com) has removed the limitation on the new version of blu-ray copy (http://www.leawo.com/blu-ray-copy/), so as to benefit i... |
| avg identity protection remover - removes any protection for avg identity [2010-7-26 21:58:41]
the name avgidp uninstaller stands for avg identity protection remover. a small tool that will remove any protection for avg identity. |
| make photos perfect with photo stamp remover [2009-9-23 11:27:58]
make photos perfect with photo stamp remover.
photo stamp remover is a photo correction tool that can remove date stamps, watermarks, scratches, stains, wrinkles, and other unwanted objects from di... |
| attacks during thanksgiving holidays leaves windows users vulnerable; days before thanksgiving worst for trojans and worms [2009-3-5 22:50:08]
new york, ny, dec 4, 2008-
windows users were preparing for one the worst times of year for malware, and virus attacks. according to an analysis of 500,000 computers by pctools.com, the time around... |
| new software release announced by digeus - junk file remover went public [2009-3-2 22:37:46]
digeus, inc. has announced the release of junk files remover, top powerful disk cleaner program that can be safely used to perform disk cleanup for vista, xp and any other platform. junk files remover... |
|
|
|
| rising unknown virus detector |  the rising unknown virus detector application was developed to be a small tool that will scan your system for suspicious files.
bhow to use rising detector:/b
step 1: please click "download" and save "rsdetect.exe" o |
|
| kaspersky virus removal tool |  the kaspersky virus removal tool application was designed to be another virus scanner and detection software from kaspersky. the produst will scan the specified locations for any virus threats and remove them or send to |
|
| dr.web cureit! |  dr.web cureit! is an antivirus and anti-spyware scanning tool that is developed on the dr.web engine which will help you quickly scan and cure, if necessary, a computer without installation of the dr.web anti-virus.
d |
|
| norman malware cleaner |  norman malware cleaner is a norman program that can be used to detect and remove specific malicious software (malware).
note that it should not be used as a substitute for running normal proactive antivirus protection |
|
| anti-trojan elite |  anti trojan elite provides a real-time malware firewall for user, once a trojan or keylogger would been loaded, the ate can detect, block and then clean it in time.
the ate can detect more than 55000 trojans, worms an |
|
| maftoox anti virus |  maftoox anti virus is a complate package of applications that aim to protect your computer from a possible virus infection or other malware threat. |
|
| exterminate it! |  surfing on the wave top in the modern digital world, where every particle is internet-connected, is fall-dangerous. digital ocean is much more risky than its natural counterpart. every profit minded criminal can be your |
|
| avast! internet security |  avast! provides a package of applications that aim to protect your computer from a possible virus infection or other malware threat. if you use it correctly, and in combination with other programs such as data backup uti |
|
|
antivirus & spyware cleaners 
