You are right, this is one hell of a trojan
. However, I can and will help you out.
Follow these instructions: (before u do this make a restore point!!!)
1. Go to
start ->
run -> type in 'regedit'
2. Locate these strings and delete them.
a. HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run
winshost.exe = %sysdir%\ winshost.exe
b. HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Run
winshost.exe = %sysdir%\ winshost.exe
3. Also hit
cntl+alt+del ->
processes -> end WINSHOST.EXE if found there. (might want to try step 3, first if it doens't work)
4. Do a windows update as well, this trojan loves to screw ur security patches over.
5. Reboot your computer. Post results.
6. If this doesn't go right, i have something we can try next.