| Port No | 41666 |
| Service Name | RBT |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This server program of a backdoor malware accepts data from a remote computer and executes the commands from its client program. |
| Reference Link | RBT |
| Attack | Solution: Boot in MS-DOS using a clean bootable diske or restart in MS-DOS mode by going to the Start>Shutdown>Restart in MS-DOS mode. At the command prompt, type the following commands hitting the Enter key after every command line: cd\ cd Windows cd System del MGSRV32.EXE Click Start>Run, type Regedit then hit the Enter key. In the left panel, click the plus sign (+) to the left of the following: HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion RunServices In the right panel, look for and then delete this registry value: " MGSRV32" " MGSRV32.EXE” Scan your system with Trend Micro antivirus and delete all files detected as BKDR_RBT.A. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.