We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.

Close

BullGuard Support

Vi er her 24/7 for at hjælpe dig.


Send en e-mail til vores support team og får svar i løbet af 24 timer.


 

 

How to remove Trojan.Downloader.Istbar.D



THREAT NAME

Trojan.Downloader.Istbar.D

 

 

CLEAN INSTRUCTIONS

1. Restart the system in Safe Mode.


2. Open Windows Explorer, locate the infected file and delete it.


3. Delete the C:\Program Files\RapidBlaster folder.


4. Go to Start, Run type regedit and press OK.


5. Locate and delete the following key:


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, rb32 lpt001



SYMPTOMS

1. Increased network traffic.


2. Presence of a folder called RapidBlaster in the C:\Program Files folder.

DESCRIPTION

1. When run, it will create a copy in the C:\Program Files\RapidBlaster folder. The file will be called rb32.exe.


2. It will create the following registry key:


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, rb32 lpt001


3. It will try to initiate a connection and download files from:


http://cnt.rapidblaster.com
http://devcnt.rapidblaster.com



Author:
The BullGuard Team



00: 00: 00: 00
Dage Timer Minutter Sekunder
Close