Skip navigation.
Home

How to remove .sys trojan

|

Could you tell me about how to remove this malware ?

When I manually edit and delete this file or registry,
the access denial message is displayed.
When I check attribute command for this file,
I cannot change any attribute for this.

trace:
c:\windows\system32\drivers\fzbilwy.sys

registry:
HKLM\System\CurrentControlSet\Service\fzbilwy

regards
-hisaki

Try with GMER and

Try with GMER and RootkitRepeal.

-hisaki

1. Try to identify this malware on virustotal.com
2. Install any antivirus program (or update installed)
OR
Try this

1. Open console (Win+r-> cmd)
2. cd c:\windows\system32\drivers\
3. attrib -s -h -r fzbilwy.sys
4. cacls fzbilwy.sys /G YourUserName:F
5. sc stop fzbilwy && sc delete fzbilwy
6. del fzbilwy.sys
7. restart

If its no help at all boot from any livecd and remove this f*cking file)