BBC radio 2

Did you hear our how to guides on Simon Mayo's Radio 2 Drivetime show?

You may have read about Howopia in The Telegraph?

How to remove the win32sta.dll virus from your Windows XP Computer

Your rating: None
It's all too easy, whether it's by visiting an unfamiliar web page, clicking a suspicious email, or just forgetting to update anti-virus software, before you know it you've got a virus. Win32sta.dll is a recent example of a "rootkit" or "trojan" and it's difficult to remove with normal anti-virus software. This 'How To' will show you what to do if you get this infection, and may help with other viruses too.
What you'll need: 
A PC with access to the internet
A Strong Software Removal Tool
Some confidence using technology
Win32sta.dll slows down your computer and steals your personal details. If your XP PC is affected by this behaviour, open Task Manager by pressing Ctrl + Alt + Delete, and select Task Manager from the Menu. In Task Manager, under the processes tab, look to see if 'Win32.sta.exe' is listed and if it is, select it and click 'End Process'.
The virus will soon reappear in processes, so more work is needed. Restart the computer and keep pressing the F8 key as it starts up. Select 'Safe Mode with Networking' from the menu that eventually appears.
In 'Safe Mode with Networking', click Start, select Search, and 'All Files and Folders'. Type 'Win32.dll' in the box labeled 'All or part of the file name', then select 'Local hard drives' in the box labeled 'Look in.' Then press Search. Select and delete every reference to the file that appears.
The virus could still reappear, so you'll need a strong software removal tool to scan and remove any traces. There are paid for removal tools, but Malwarebytes is free for private use. Open your browser and type '' in the address bar. Under the Products tab click Malwarebytes Anti-Malware Free. Download and install the software, then use it to scan the PC, and remove any infection found. Restart the Computer normally.
Back in normal mode, you'll have to scan and delete any registry entries which name the virus. Normally I'd say back-up the registry before changing it, but the registry may well be infected. Even so, proceed very carefully.
Click Start and select Run, type 'regedit' in the box, and then OK. When regedit appears, under the Edit column click Find, type 'win32sta' and then click Find Next. If any entry is found select and delete it then click Find Next again, and repeat the process until every trace of the file is gone. Then close regedit.
Before restarting your computer it's a good idea to turn off System Restore, as the Restore points contain registry backups which may be infected. Go to your desktop, right click My Computer, and under the System Restore tab, check the box labeled 'Turn off System Restore on all Drives'. Restart the computer and search for the virus. If you've followed this 'How To' carefully it should be gone.
Removing this virus can be tricky. But the principle - of using 'safe mode with networking' and a powerful removal tool, can work for this and other infections.
You may have to repeat some of the steps in this 'How to' to totally flush the virus.
Once you are certain you are virus free again, switch System Restore back on.
Always update your anti-virus program.


Post new comment

This question is for testing whether you are a human visitor and to prevent automated spam submissions.

Featured writers

We have had a chat with a couple of our more experienced writers.

Find out more about their experiences and why they contribute to Howopia.

Spotlight on two writers.

Share this

How To guides

Howopia is a new website dedicated to bringing together a community of experts to create the most useful 'How To' guides, to help you to achieve almost anything.

Related links