How to clean the activexdebugger32.exe virus 10.01.2007 19:46
Printer Friendly

From Emre virus labs:

This motherfucker virus was living in my parents' computers. (Since I use Linux I don't have any as usual...) And it's a pain in the ass...

What the virus does:

  • Shares your drives to the world as PATRON1, PATRON2, etc...
  • Copies itself to any writeable devices around you. USB sticks are great examples.
  • On a USB drive, it generates an autorun.inf file and a copy of itself. Each time you connect your USB drive it infects your computer again...
  • It uses the CPU at least to 70%... Noisy bitch...

How do you know that you are infected:

  • Press CTRL+Shift+Esc buttons. You'll see the activexdebugger32.exe process running.
  • You can see a copy of the executable (activexdebugger32.exe) in your USB drives if you enabled the STUPID Windows to show you hidden files.

How to kill the bastard and have a nice smiley day/night (It's 3am ok?) If you kill your computer i'm not responsible.

  • Plugin your USB stick (if you have one)
  • Kill the process activexdebugger32.exe
  • Delete the activexdebugger32.exe binary. It usually lives under c:\windows\system32 (or c:\winnt\system32 depending your Windows installation)
  • open regedit. Go to the top of the tree on the left pane. hit F3 (or CTRL+L) to open the search dialog. type, yes you know it, activexdebugger32.exe, NUKE the damn registry entries wherever it's found. (Search until the end)
  • Go to the root folder of your USB stick and delete, yes you're right again, activexdebugger32.exe and autorun.inf
  • Update: Motherfucker leaves more trails... Delete the file NESNELER.EXE (meaning objects.exe in turkish) under c:\Documents and Settings\Local Settings\Temp\
  • Update: Delete all the files under C:\windows\system32\ named: Ijl11.dll, KMON.OCX, KTKBDHK3.DLL, MSWINSCK.OCX, PAC, scrrntr.dll, scrrun.dll
  • Done.

Lastly, fuck microsoft and windows, have a nice life....

Update after 4 months: Damn I was angry when I wrote this. And it was 3 am. The entry was somewhat full of typos so i edited and changed some info. :P

Back to Eblog

Latest two blog entries:
Weird Java Time problem
Lotus Notes Sametime with Pidgin (or gaim)


Make a comment!
Comments will be approved first to prevent suckers to misuse/abuse my comments section. So, there is a delay!
No html tags are allowed. Text is your friend ;)
I will never use your email for bad purposes, so, chill.. ;)
Date: 05.16.2008 22:33
Name:
Email:
URL:
Subject:
Comment:
Please type the number you see in this picture to the box below.
Comments:
Jul <email-hidden> - 10.31.2007 17:57
activexdebugger
HI!
I met this virus, I think I remove it but each time I start my computer I have this message in the begining:Windows cannot find'activexdebugger.exe'.Make sure you typed the name correctly.....
What can I do to remove this message?
Tanx
archie <email-hidden> - 11.14.2007 13:37
lack of topic
scrrun.dll is not a part of the virus... it runs ms scripts - u should not delete it... i think : )
JINI <email-hidden> - 12.15.2007 08:14
Kill the Virus(activexdebugger32.exe)
My system is now under the control of the above mentioned virus, plz send me a suggestion for killing the virus from my system permanently.
Definiendum <email-hidden> - 01.03.2008 16:18
Windows cannot find'activexdebugger.exe
To remove that you'll have to run regedit, search for activexdebugger and remove everything where it occurs. That bastard really digs deep into the system.

And then get one of those tools that let you disable the autorun stuff.
Shuvo <email-hidden> - 01.28.2008 07:42
virus
sorry i just need ur help so i asked u that
i can't tolerate this autorun motherfucker in my pc
Alex <email-hidden> - 02.07.2008 05:59

activexdebugger
HI!
I met this virus, I think I remove it but each time I start my computer I have this message in the begining:Windows cannot find'activexdebugger.exe'.Make sure you typed the name correctly.....
What can I do to remove this message?
Tanx
Brazuca <email-hidden> - 02.07.2008 20:40
Edit register
You receive this message when your computer starts because you have not removed the name "activexdebugger32.exe" from your registers.
Serkan <email-hidden> - 02.11.2008 23:56
thx for help
thx for the info about this bitch...
ckriss <email-hidden> - 02.13.2008 12:36
happy now
Hi guys! I had the same nasty virus....i followed your instructions and it worked.....my notebook is clean now...10x guys....ps i didn't deleate scrrun.dll....good luck : )
Comrade <email-hidden> - 03.30.2008 15:51
activexdebugger32
Thank you very much for advice
louisa <email-hidden> - 04.14.2008 07:56
virus remover
Thanks a lot!It realy works! It's great to know that there is help online for such cases.Thanks once more and keep on doing this!
Brufuga <email-hidden> - 05.06.2008 20:01

Thanks, i found all of this and I kickoff to recycle!!! : )