Categories
Windows Antivirus

Resolve For Enfal Antivirus and Spyware for Windows

Resolve for Enfal description

A tool that removes Enfal trojan
Resolve is the name for a set of small, downloadable Sophos utilities designed to remove and undo the changes made by certain viruses, Trojans and worms. They terminate any virus processes and reset any registry keys that the virus changed. Existing infections can be cleaned up quickly and easily, both on individual workstations and over networks with large numbers of computers.

Troj/Enfal-A is a Trojan for the Windows platform.

Troj/Enfal-A includes functionality to:
– inject multiple threads into the process EXPLORER.EXE
– download code from the internet

When run Troj/Enfal-A copies itself to dismgnt.exe and winkrnl.exe.

Troj/Enfal-A modifies the following registry entry to run itself on Windows Logon:

HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon
Userinit
userinit.exe,DisMgnt.exe

Troj/Enfal-B is a backdoor Trojan for the Windows platform.

Troj/Enfal-B includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/Enfal-B is installed the following files are created:
DisMgnt.exe
NtApi.exe
Winkrnl.exe
acetempkb791024.l0g

where NtApi.exe is an archiver application.

Troj/Enfal-B injects multiple threads into the process EXPLORER.EXE.

The files DisMgnt.exe and Winkrnl.exe are detected as Troj/Enfal-A.

Registry entries are set as follows:

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced
ShowSuperHidden
0

HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon
Shell
Explorer.exe,

Windows disinfector
BDLAAGUI is a disinfector for standalone Windows computers. To use it you have to do the following:
· Open BDLAAGUI.com file from your desktop after downloading it.
· Click on the Start Scan Button.
· Wait for the process to complete.

Command line disinfector
ENFALSFX.EXE is a self-extracting archive containing ENFALCLI, a Resolve command line disinfector for use by system administrators on Windows networks.

See Demo – Download – Visit Author Site

Please comments and give ratings. You may also report of broken or incorrect link using comments box below. Thanks!