Thursday, January 22, 2009
winsmss.exe - Trojan Virus Removal
I got a nasty virus today (winsmss.exe) and couldn't really find any useful information with a Google search, so thought I'd leave instructions on how I removed it. First of all, go to your registry, by typing REGEDIT at Start -> Run or at any command prompt (back up your registry of course), and do a search for winsmss. I had plenty of entries. Delete ALL of them!
Start your computer in safe mode (you can actually do this first, before the Windows registry cleaning, but I didn't). Press F8 a few times as you're booting up, before it begins to load windows. Select safe mode (with or without networking, it doesn't really matter).
Go to your Windows directory (C:\Windows or C:\WINNT) and find the system32 directory. Delete winsmss.exe.
Run your virus scanner. It'll probably make you run it from the command line - but AVG does it for you.
Reboot - and you should be good.