Resolve for Alcra-B A tool that removes W32/Alcra-B
Download

Resolve for Alcra-B Ranking & Summary

Resolve for Alcra-B Tags

Remove Trojan antivirus protection trojan remover trojan protection Alcra-B

Resolve for Alcra-B Description

Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms. They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers. W32/Alcra-B is a worm for the Windows platform. W32/Alcra-B spreads via file sharing on P2P networks. W32/Alcra-B includes functionality to download, install and run new malware executables. W32/Alcra-B is a worm for the Windows platform. W32/Alcra-B spreads via file sharing on P2P networks. W32/Alcra-B includes functionality to download, install and run new malware executables. W32/Alcra-B typically arrives with the filename Setup.exe. When first run W32/Alcra-B displays a dialog box with the text "Setup", "Welcome to the Setup Wizard ...". W32/Alcra-B creates the folder winupdates, copies itself to this folder as winupdates.exe and creates the following files: winupdatesa.zip cmd.com bszip.dll netstat.com ping.com regedit.com taskkill.com tasklist.com tracert.com All files and folders will have the hidden and system attributes set, including the Windows system folder. a.zip is a zip archive containing a copy of W32/Alcra-B named Setup.exe. Bszip.dll is a clean file compression utility. The new files created in the Windows system folder by W32/Alcra-B with a COM extension are simply 'MZ' stubs (2-byte files simply containing "MZ"), designed to disable the standard Windows applications: cmd, netstat, ping, regedit, taskkill, tasklist and tracert. Executables files with a COM extension have precedence over files with the same filename, but an extension of EXE, therefore if a user runs "cmd", "netstat", "ping", "regedit", "taskkill", "tasklist" or "tracert", the new file with a COM extension will be executed rather than the legitimate executable with an extension of EXE. The following registry entry is created to run winupdates.exe on startup: HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun winupdates winupdateswinupdates.exe /auto W32/Alcra-B can be removed from Windows computers automatically with the following Resolve tools: Windows disinfector ALCRAGUI is a disinfector for standalone Windows computers. To use it you have to do the following: · Open ALCRAGUI.com file from your desktop after downloading it. · Click on the Start Scan Button. · Wait for the process to complete. Command line disinfector ALCRASFX.EXE is a self-extracting archive containing ALCRACLI, a Resolve command line disinfector for use by system administrators on Windows networks.

Resolve for Alcra-B Related Software