SMSC.exe Removal
Spyware Worm Remove
• Backdoor.ForBot.d
• W32.HLLW.Gaobot
• WORM_AGOBOT.WF
Worm Name: SMSC.exe remove worm, aka wf_agobot, sdbot worm.
Symptoms: Desktop hangs on load, Device Manager shows Com Port as Disabled.
Impact: Shutdown about 30 of my retail locations--all at the same time.
The Fix: Apply these changes...TrendMicro
Cleanup Instructions.
Prevention: Remove Windows "Default Shares". Keep Anti-virus defs and
Windows patches up-to-date.
SMSC.exe Com Port Worm Problems:
Com Port disabled due to newly added/invalid Registry entries that are assigned: win32 USB Driver.
The Win2k Desktop will not load. The Win2k Workstation desktop just hangs upon reboot.
DOS attack launched on various internal/external ip addresses.
The quickest way to get the workstation operable is to:
1. Restart machine in Safe Mode with Networking.
(This is a manual interrupt
option that appears during system startup. Press either the F5 or F12 key depending
on BIOS)
2. Manually delete the smsc.exe file from the c:\winnt\system32 folder.
3. Empty the Recycle Bin.
4. Restart the machine.
5. Machine will boot up as normal. However, com port will not work properly until
the registry is cleaned up (see below).
Resolutions:
Apply most recent Windows Patches & SP packs.
I had approximately 30 retail locations shut down because of this worm (due to
unpatched machines).
Apply these changes...also available at TrendMicro
1. Remove c:\winnt\system32\smsc.exe
2. Empty Recyle Bin.
3. Open Registry Editor.
Click Start>Run, type REGEDIT, then press Enter. In the left panel, double-click
the following: HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Run
In the right panel, locate and delete the entry: Win32 USB 2 Driver = "smsc.exe" In
the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>RunOnce
In the right panel, locate and delete the entry:Win32 USB 2 Driver = "smsc.exe" In
the left panel, double-click the following: HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>Run
In the right panel, locate and delete the entry: Win32 USB 2 Driver = "smsc.exe" In
the left panel, double-click the following: HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>RunOnce
In the right panel, locate and delete the entry: Win32 USB 2 Driver = "smsc.exe" In
the left panel, double-click the following: HKEY_LOCAL_MACHINE\Software\Microsoft
Windows\CurrentVersion\Runservices In the right panel, locate and delete the
entry: Win32 USB 2 Driver = "smsc.exe" Close Registry Editor.
4. Reboot machine.
...Where nothing can possibli go wrong!
Remember the 1973 film classic, Westworld? A story about a computer virus 20 years before anyone had heard of 'em. Please watch a little clip from the movie by clicking here.
Latest Computer Viruses
Books, Software