Resolve for W32/Apology-B A tool that removes W32/Apology-B
Download

Resolve for W32/Apology-B Ranking & Summary

Resolve for W32/Apology-B Tags

Virus Malware Cleaner Trojan virus remover trojan protection W32/Apology-B removes

Resolve for W32/Apology-B Description

SWAPOL is the name of the utility for disinfecting the W32/Apology family of viruses.In order to clean your computer you need one of the following tools:The SWAPOL self-extractor and save it into the C: (root) directory. The Emergency SAV Distribution (DOS) self-extractor and save it into the C: (root) directory. W32/Apology-B is a file infecting virus with email-aware worm and backdoor characteristics. During the infection process the virus creates three hidden files in the windows directory.IE_Pack.exe contains code which modifies wsock32.dll. Win32.dll is a copy of the file sent by email, it contains code for all components of the virus. MTX_.exe is the backdoor component. When it is executed it tries to connect to a website and download further programs to run.The virus replaces wsock32.dll with a modified version which monitors network traffic. When the virus detects the user sending an email, it will send another to the same recipient. The message will have no subject or body text, only an attachment with one of the following names:README.TXT.pifI_wanna_see_YOU.TXT.pif MATRiX_Screen_Saver.SCR LOVE_LETTER_FOR_YOU.TXT.pif NEW_playboy_Screen_saver.SCR BILL_GATES_PIECE.JPG.pif TIAZINHA.JPG.pif FEITICEIRA_NUA.JPG.pif Geocities_Free_sites.TXT.pif NEW_NAPSTER_site.TXT.pif METALLICA_SONG.MP3.pif ANTI_CIH.EXE INTERNET_SECURITY_FORUM.DOC.pif ALANIS_Screen_Saver.SCR READER_DIGEST_LETTER.TXT.pif WIN_$100_NOW.DOC.pif IS_LINUX_GOOD_ENOUGH!.TXT.pif QI_TEST.EXE AVP_Updates.EXE SEICHO-NO-IE.EXE YOU_are_FAT!.TXT.pif FREE_xxx_sites.TXT.pif I_am_sorry.DOC.pif Me_nude.AVI.pif Sorry_about_yesterday.DOC.pif Protect_your_credit.HTML.pif JIMI_HMNDRIX.MP3.pif HANSON.SCR FUCKING_WITH_DOGS.SCR MATRiX_2_is_OUT.SCR zipped_files.EXE BLINK_182.MP3.pifWhen it is active the virus will also attempt to block user access to websites which contain information about viruses. It blocks access to sites whose URLs include text from the list below.NII.nai.avp.AVP.F-Sef-semaplpandsophndmiafeeyennlywatbavymanIt also prevents the user from sending email to organisations whose domain name begins with text from the following listNII.nai.avp.AVP.F-Sef-sewildlist.oil.esafe.cperfectsupcomplex.isHiServ.comhiserv.commetro.chbeyond.commcafee.compandasoftwearthlink.inexar.comcomkom.co.meditrade.mabex.comcellco.comsymantec.csuccessfulinforamp.nnewell.comsingnet.cobmcd.com.abca.com.nztrendmicrosophos.commaple.com.netsales.nf-secure.cF-Secure.cIf you detect W32/Apology-B we recommend using Sophos Anti-Virus in full mode to detect all fragments which may be present on the PC.

Resolve for W32/Apology-B Related Software