Techi help

[Fred Elliot]

Have got a Trojan DL programme embedded in system 32 within windows.

Ill be fucked if I can get the little fucker out, as the programme is constantly being used by windows and making it undeletable.

have tried the usual, running anti virus and anti spyware in safe mode etc, but cant seem to get rid of it and it's trowing warnings up left right and centre.

Any ideas chaps (sonic, JJ ?)

[jayohaitchenn]

if you know wht it is called, start up in safe mode, then check your processes in task manager.  Find the process called whatever it is and end it, then run your virus scan or whatever...

try that  

[BANGKOK RED]

Have got a Trojan DL programme embedded in system 32 within windows.

Ill be fucked if I can get the little fucker out, as the programme is constantly being used by windows and making it undeletable.

have tried the usual, running anti virus and anti spyware in safe mode etc, but cant seem to get rid of it and it's trowing warnings up left right and centre.

Any ideas chaps (sonic, JJ ?)

I had something a similar quite some time back Fred, and the reason that no virus programme was able to remove it was that it was embedded into the registry (Hence always in use by a windows programme).

I google searched the virus and eventually found a way to delete it, which meant literally going into the registry myself and deleting it, after having to find which registry key it had latched itself onto. A real bugger which took alot of time, but I got there in the end.

Sorry I can't be more specific but s I said it really was some time ago.

Hope this helps.

Just a quick edit, becuase I forgot to emphasize that it took ONE HELL OF ALOT OF TIME.

[Lash_sumthin]

google the trojan name too, places like the trend micro site have full instructions on how to remove most of them

http://www.trendmicro.com/vinfo/virusencyclo/

EDIT - what BG beat me to really -  the above site should tell u where to go in the registry if thats indeed (and probably) necessary

[Fred Elliot]

Thanks lads

[sonic youth]

if it's embedded itself in the registry, you'll probably need to remove it manually...

CCleaner might do it for you though, get it here.

what's the trojan called?

[Peter Venkman]

What is the exact name of the trojan?

Some can be total bastards to remove, I do have some trojan removal programs I can email you but they will only work with certain types of trojans, and some need editing of the regedit in safe mode afterwards.

Not really difficult but not for the novice user.

Most of it is common sense stuff.

Let us know the name and I will investigate for you Fred.

[Fred Elliot]

TR/Dldr.Agent.fnw.1

THAT'S THE FUCKER

[Peter Venkman]

http://www.avira.com/en/download/index.html

They say they can remove it for you with a free download fred, give that a go first and then report back!

Another option.....download the free trial of Norton Internet Security, remove the trojan...if it can find it...then uninstall the Norton www.norton.com has it for free trial.

[Fred Elliot]

Thats the anti virus I use as standard JJ, wont even touch it mate.

Have tried it all ways, even in safe mode

[Lash_sumthin]

yeah surprisingly very little on it but that avira product appears to have updated its definitions to deal with it

[Simon Pieman]

Fred. Sometimes the fuckers embed themselves in your system restore - so it wont get removed unless you disable system restore. If nothing else works you might need to give it a go.

Unfortunately you lose your restores points doing this, but then again if you need to clean it up it's worth it. You'll need to disable sys restore and do what Jayohfuckface said (safe mode etc)

[Fred Elliot]

Fred. Sometimes the fuckers embed themselves in your system restore - so it wont get removed unless you disable system restore. If nothing else works you might need to give it a go.

Unfortunately you lose your restores points doing this, but then again if you need to clean it up it's worth it. You'll need to disable sys restore and do what Jayohfuckface said (safe mode etc)

Wont even let me do a SR Si

Ill try it through applications in the task manager

[Simon Pieman]

Have you tried turning off system restore....may as well if it wont let you do it anyway

[Fred Elliot]

Fred. Sometimes the fuckers embed themselves in your system restore - so it wont get removed unless you disable system restore. If nothing else works you might need to give it a go.

Unfortunately you lose your restores points doing this, but then again if you need to clean it up it's worth it. You'll need to disable sys restore and do what Jayohfuckface said (safe mode etc)

How do I disable SR Si ?