Resolve for Delf-ALI 1.07
Updated on 17 Aug 2011
By Anthony Buckner
By Anthony Buckner
76 KB Safe To Install
Advertising
Specifications
License:
Freeware (Free)
Updated:
Downloads:
338
Platform:
Windows All
Publisher:
Sophos Plc(more)
Website:
Unknown
User Reviews:
Other versions:
Do you like
Resolve for Delf-ALI?
Resolve for Delf-ALI?
Publisher's Descriptions
Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms. They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.
Troj/Delf-ALI is a worm and IRC backdoor Trojan for the Windows platform.
Troj/Delf-ALI spreads to other network computers by exploiting common buffer overflow vulnerabilities, including RPC-DCOM (MS04-012).
Troj/Delf-ALI runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
Troj/Delf-ALI includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/Delf-ALI is installed it creates the clean text file msguid32.dll.
The following registry entry is created to run Troj/Delf-ALI on startup:
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun
Microsoft IIS
Troj/Delf-ALI attempts to log details from banking applications related to the following sites:
www.halifax-online.co.uk
ibank.barclays.co.uk
online.lloydstsb.co.uk
online-business.lloydstsb.co.uk
www.ukpersonal.hsbc.co.uk
banesnet.banesto.es
extranet.banesto.es
ebanking.bccbrescia.it
www.bankofscotlandhalifax-online.co.uk
oi.cajamadrid.es
bancae.caixapenedes.com
banking.postbank.de
meine.deutsche-bank.de
myonlineaccounts2.abbeynational.co.uk
ibank.cahoot.com
webbank.openplan.co.uk
bancopostaonline.poste.it
mybank.bybank.it
ibank.internationalbanking.barclays.com
welcome7.co-operativebank.co.uk
welcome11.co-operativebankonline.co.uk
Troj/Delf-ALI modifies the HOSTS file in order to redirect access to the above sites.
Troj/Delf-ALI stores logged information to the following clean text files in the Windows system folder:
abbey.dll
bane.dll
bankofscot.dll
barc.dll
barc3.dll
bccbrescia.dll
bybank.dll
cahoot.dll
caixapenedes.dll
cajamadrid.dll
coo11.dll
coo7.dll
deutchebank.dll
halif.dll
hsbc.dll
lloy.dll
posta.dll
postbank.dll
wool.dll
Troj/Delf-ALI can be removed from Windows computers automatically with the following Resolve tools:
Windows disinfector
DELFAGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
· Open DELFAGUI.com file from your desktop after downloading it.
· Click on the Start Scan Button.
· Wait for the process to complete.
· After removing the worm you should install the Microsoft patch MS04-012 or, on single computers, update with all relevant security patches from Windows update.
Command line disinfector
DELFASFX.EXE is a self-extracting archive containing DELFACLI, a Resolve command line disinfector for use by system administrators on Windows networks.
Troj/Delf-ALI is a worm and IRC backdoor Trojan for the Windows platform.
Troj/Delf-ALI spreads to other network computers by exploiting common buffer overflow vulnerabilities, including RPC-DCOM (MS04-012).
Troj/Delf-ALI runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
Troj/Delf-ALI includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/Delf-ALI is installed it creates the clean text file msguid32.dll.
The following registry entry is created to run Troj/Delf-ALI on startup:
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun
Microsoft IIS
Troj/Delf-ALI attempts to log details from banking applications related to the following sites:
www.halifax-online.co.uk
ibank.barclays.co.uk
online.lloydstsb.co.uk
online-business.lloydstsb.co.uk
www.ukpersonal.hsbc.co.uk
banesnet.banesto.es
extranet.banesto.es
ebanking.bccbrescia.it
www.bankofscotlandhalifax-online.co.uk
oi.cajamadrid.es
bancae.caixapenedes.com
banking.postbank.de
meine.deutsche-bank.de
myonlineaccounts2.abbeynational.co.uk
ibank.cahoot.com
webbank.openplan.co.uk
bancopostaonline.poste.it
mybank.bybank.it
ibank.internationalbanking.barclays.com
welcome7.co-operativebank.co.uk
welcome11.co-operativebankonline.co.uk
Troj/Delf-ALI modifies the HOSTS file in order to redirect access to the above sites.
Troj/Delf-ALI stores logged information to the following clean text files in the Windows system folder:
abbey.dll
bane.dll
bankofscot.dll
barc.dll
barc3.dll
bccbrescia.dll
bybank.dll
cahoot.dll
caixapenedes.dll
cajamadrid.dll
coo11.dll
coo7.dll
deutchebank.dll
halif.dll
hsbc.dll
lloy.dll
posta.dll
postbank.dll
wool.dll
Troj/Delf-ALI can be removed from Windows computers automatically with the following Resolve tools:
Windows disinfector
DELFAGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
· Open DELFAGUI.com file from your desktop after downloading it.
· Click on the Start Scan Button.
· Wait for the process to complete.
· After removing the worm you should install the Microsoft patch MS04-012 or, on single computers, update with all relevant security patches from Windows update.
Command line disinfector
DELFASFX.EXE is a self-extracting archive containing DELFACLI, a Resolve command line disinfector for use by system administrators on Windows networks.
Do you like Resolve for Delf-ALI
Resolve for Delf-ALI Disclamer
Please be aware FindMySoft.com accepts no responsibility for the file you are downloading. The same applies to the information provided about the software products listed.
We do not allow the inclusion of any Resolve for Delf-ALI serial, keygen or crack and we disclaim any liability for the inappropriate use of Resolve for Delf-ALI.
FindMySoft advises that Resolve for Delf-ALI should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
We do not allow the inclusion of any Resolve for Delf-ALI serial, keygen or crack and we disclaim any liability for the inappropriate use of Resolve for Delf-ALI.
FindMySoft advises that Resolve for Delf-ALI should be only used in accordance with the rules of intellectual property and the existing Criminal Code.
For your own protection ALWAYS check downloaded files for viruses.
Advertising
Popular News
The soon to be released Samsung Galaxy S3 is shaping up to be an event bigger commercial success than its predecessor, the Samsung Galaxy S2
Linux fans once again have the chance to take part in the annual Linux Foundation T-Shirt Design Contest, now in its 3rd edition
Your Rating
3.3
out
of
5
of
5
Rated By
8 Users
8 Users
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Resolve for Delf-ALI
HTML Linking Code
HTML Linking Code
Latest Reviews