We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.

Le Support de BullGuard

Nous sommes ici 24/7 pour vous aider


Envoyez un e-mail à notre équipe d'assistance et nous reviendrons vers vous dans les 24 heures qui suivent.


 

 

How to remove Trojan.Downloader.Istbar.D



THREAT NAME

Trojan.Downloader.Istbar.D

 

 

CLEAN INSTRUCTIONS

1. Restart the system in Safe Mode.


2. Open Windows Explorer, locate the infected file and delete it.


3. Delete the C:\Program Files\RapidBlaster folder.


4. Go to Start, Run type regedit and press OK.


5. Locate and delete the following key:


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, rb32 lpt001



SYMPTOMS

1. Increased network traffic.


2. Presence of a folder called RapidBlaster in the C:\Program Files folder.

DESCRIPTION

1. When run, it will create a copy in the C:\Program Files\RapidBlaster folder. The file will be called rb32.exe.


2. It will create the following registry key:


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, rb32 lpt001


3. It will try to initiate a connection and download files from:


http://cnt.rapidblaster.com
http://devcnt.rapidblaster.com



Author:
The BullGuard Team