How to Remove Downblocker Trojan

Downblocker is a Trojan horse that downloads potentially malicious files onto the compromised compute and was discovered on August 28, 2017. It can affect Windows 7, 8 and 10 systems and the risk level is Very Low

Once executed, the Trojan creates the following file:

  • %AppData%\IntelSofts_[RANDOM CHARACTERS].exe

The Trojan creates the following registry entry so that it runs every time Windows starts:

  • HKEY_CURRENT_USER\SoftWare\MicroSoft\Windows\CurrentVersion\Run\”IntelSofts” =
  • “%AppData%\IntelSofts_[RANDOM CHARACTERS].exe”

Next, the Trojan connects to one or more of the following remote locations:

  • [http://][REMOVED]
  • [http://][REMOVED]
  • [http://][REMOVED]
  • [http://][REMOVED]

The Trojan then downloads and executes the following potentially malicious file:

  • %AppData%\MicrosoftUpdte.exe

Leave a Reply