How to clean the activexdebugger32.exe virus

From Emre virus labs:

This motherfucker virus was living in my parents` computers. (Since I use Linux I don`t have any as usual…) And it`s a pain in the ass…

What the virus does:

  • Shares your drives to the world as PATRON1, PATRON2, etc…
  • Copies itself to any writeable devices around you. USB sticks are great examples.
  • On a USB drive, it generates an autorun.inf file and a copy of itself. Each time you connect your USB drive it infects your computer again…
  • It uses the CPU at least to 70%… Noisy bitch…

How do you know that you are infected:

  • Press CTRL+Shift+Esc buttons. You`ll see the activexdebugger32.exe process running.
  • You can see a copy of the executable (activexdebugger32.exe) in your USB drives if you enabled the STUPID Windows to show you hidden files.

How to kill the bastard and have a nice smiley day/night (It`s 3am ok?) If you kill your computer i`m not responsible.

  • Plugin your USB stick (if you have one)
  • Kill the process activexdebugger32.exe
  • Delete the activexdebugger32.exe binary. It usually lives under c:windowssystem32 (or c:winntsystem32 depending your Windows installation)
  • open regedit. Go to the top of the tree on the left pane. hit F3 (or CTRL+L) to open the search dialog. type, yes you know it, activexdebugger32.exe, NUKE the damn registry entries wherever it`s found. (Search until the end)
  • Go to the root folder of your USB stick and delete, yes you`re right again, activexdebugger32.exe and autorun.inf
  • Update: Motherfucker leaves more trails… Delete the file NESNELER.EXE (meaning objects.exe in turkish) under c:Documents and SettingsLocal SettingsTemp
  • Update: Delete all the files under C:windowssystem32 named: Ijl11.dll, KMON.OCX, KTKBDHK3.DLL, MSWINSCK.OCX, PAC, scrrntr.dll, scrrun.dll
  • Done.

Lastly, fuck microsoft and windows, have a nice life….

Update after 4 months: Damn I was angry when I wrote this. And it was 3 am. The entry was somewhat full of typos so i edited and changed some info. 😛

  1. HI!
    I met this virus, I think I remove it but each time I start my computer I have this message in the begining:Windows cannot find`activexdebugger.exe`.Make sure you typed the name correctly…..
    What can I do to remove this message?

  2. My system is now under the control of the above mentioned virus, plz send me a suggestion for killing the virus from my system permanently.

  3. To remove that you`ll have to run regedit, search for activexdebugger and remove everything where it occurs. That bastard really digs deep into the system.

    And then get one of those tools that let you disable the autorun stuff.

  4. sorry i just need ur help so i asked u that
    i can`t tolerate this autorun motherfucker in my pc

  5. activexdebugger
    I met this virus, I think I remove it but each time I start my computer I have this message in the begining:Windows cannot find`activexdebugger.exe`.Make sure you typed the name correctly…..
    What can I do to remove this message?

  6. You receive this message when your computer starts because you have not removed the name “activexdebugger32.exe” from your registers.

  7. Hi guys! I had the same nasty virus….i followed your instructions and it worked… notebook is clean now…10x guys….ps i didn`t deleate scrrun.dll….good luck : )

  8. Thanks a lot!It realy works! It`s great to know that there is help online for such cases.Thanks once more and keep on doing this!

  9. Well… I found this sucker on my ipod (don`t even get me started on how surprised I was, I mean what the hell?!) and it tried to infect my brand new installation of Vista. And? And it failed : ) The new system architecture is now VERY immune for any kind of alteration that is not meant by the user. This fucker did not have enough privileges to copy itself into windows folder and to amend the registry. It sure tried to run and got in some kind of loop, but after I killed all the processes I could find I was gone (I removed all the files from temp folder as well). To be absolutely sure I will install nod32 to double check, but I am pretty sure that VISTA users can sleep well (for a change : )). Regards : )

  10. dude, i dont know if the antivirus program erased it or not but when i go into c/ or d/ drives, in seconds they just stop working and after that i see something about drwtsn32.exe when i close my computer file with problems i s ee activexdebugger32.exe is not responding. what to do?

    and something turkish
    emre sanirim blog un sahibisin. tesekkurler boyle bir sayfa icin.

  11. well i head this virus 100 times and every time i reinstaled windows and somehow 3-4 monts after that i get it again. But i saw this now and i cant find activexdebugger32.exe in c:windowssystem32 so i cant remove it what do u sugest i should do

  12. Hey guys

    I found this headache in my usb and somehow it makes my usb write protected, dont know how…
    i can access all the data but no deleting or modification.
    And i cannot delete it since it is write protected.
    Emre i checked in linux, write protection is still there, what you can say?

  13. I picked up this bug from a copy shop that took files from my flash drive for printing but they are not smart with computers and apparently don`t know it`s on there (or care). If you see weird things when you right-click the drive (such as “Ac”)that`s a bad sign. If you don`t see the activexdebugger32.exe in System32/ then you may have to tell Tools/Folder Options to allow viewing of protected system files. I didn`t see it on mine either but when I did that it showed up. Also you can take a non-viral .exe program, name it activexdebugger32.exe and toss it on the thumb drives and in system32 (make hidden/read-only) so if it tries to run again it will pop up giving you warning that it tried to launch. And don`t give files to copy shops on thumb drives, only CDs. Also check cameras as they can act as thumb drives and carry the virus!

  14. please help me..i have the same problem..i followed this instruction,but this bitch virus emerge all time..i cann,t open my hard disks and my phone by clicking twise..and when i start my computer there is ,,didn.t find activexdebugger32.exe,, what can i me

