So I've got this Trojan...atleast thats what I gather it is.

ZeFrog · Post by **ZeFrog** » Fri Apr 20, 2007 8:48 pm

Well when I booted my comp I got a massive slowdown, went through the processess, find this:

windrv0.exe

So I googled it, found pages in non-english with "TROJAN" beside it, so I manually went through removing it from the system processess...and things began going normally..So I tracked it down, obviously if deleting it was easy, I wouldn't have a problem, so...what now?

I want to nip this thing quick without needing to load up a sh*tload of AV software, or anything else that might slow my system down.

And FYI it wasn't like this when I last used it, I'm rather careful with everything I do. So I can very easily blame this on my niece and her penchant for surfing and clicking on anything that peaks her interest....I think maybe I should take the time to lock down my comp for family visits...but first I need this solved..

LuV3r8o1 · Post by **LuV3r8o1** » Fri Apr 20, 2007 8:54 pm

Hmm...I didn't know this was a computer issues forum.

Anyway, check this out: http://forums.majorgeeks.com/showthread.php?t=35407

Its worked for me on multiple occasions.

Now quit looking at horse scat pr0n!

Death2U · Post by **Death2U** » Fri Apr 20, 2007 9:01 pm

THat is definitely a keylogger.

JeSsi3JaiJai · Post by **JeSsi3JaiJai** » Fri Apr 20, 2007 10:12 pm

the best and safe way to do it is format your pc..... i did it all the time......

0000000000 · Post by **0000000000** » Fri Apr 20, 2007 10:31 pm

just close the process each time you restart, if u a gamer, guess u restart/off your comp very rarely

Sharp324 · Post by **Sharp324** » Fri Apr 20, 2007 10:39 pm

JeSsi3JaiJai wrote:the best and safe way to do it is format your pc..... i did it all the time......

formatting is the last option, ive spent hours removing trojans and over 100,000 spyware from a friends computer. Got them all out without a format, but the last once was imbedded in the win32 file and thats very tricky, could fix it and it cause a format anyway so i went ahead and format it then. But yeah formatting is a last resort..

Spongey · Post by **Spongey** » Fri Apr 20, 2007 10:42 pm

Anyone heard of Firefox + Java block plugin + Adblock plug in?...

JaJa · Post by **JaJa** » Fri Apr 20, 2007 10:43 pm

Search for the SysInternals tools, specifically ProcExp and TCPView to determine what is calling it, and kill it and any processes spawned by it so it won't restart. You can also see what files this process uses, so you can identify what needs to be deleted.

Next, search for Startup Control Panel by Mike Lin, it is a VERY useful app for locating where a proc starts from, and after you kill the currently running proc, you can disable it from restarting. After that, you should reboot and check ProcExp again to see if it has come back or not, I've seen some sneaky things with that. If it is still not running, go ahead and delete or at least relocate the file so any autostarts will not be able to locate it.

Mage Pker · Post by **Mage Pker** » Fri Apr 20, 2007 10:52 pm

most spyware removal tools remove these type of trojans.

spybot ad aware the free\good ones.,

spyware doctor for the best but u gotta pay.

Matrixman__ · Post by **Matrixman__** » Sat Apr 21, 2007 6:23 am

formatting is my first resort, i have all my info on back up drives, just format my comp, plug in my backup dives, install what i need and i am good to go in like 30mins, do it regularily, oh and once ur dont formatting, change all of ur SRO account info, unless its already gone

Suppaman · Post by **Suppaman** » Sat Apr 21, 2007 1:41 pm

Kaspersky! just get the trial version, and that plus adaware should remove the trojans. I had a ton before, and it cleaned out my entire computer.