Windows Debug System Virus – Remove This Malware Before It Corrupts Windows

Windows debug system is another fake software that will try to convince you that your computer is infected with malware or worse. The windows debug system virus tricks you by displaying a fake Microsoft security essentials screen that is very convincing. It has a proper Microsoft logo on it and even your computer configuration and at first glance it looks like a genuine product.

If you are unlucky enough to get this malware on your computer you will start getting warning messages that you have a win32.trojan on your computer. For most people this is enough to scare them into paying for this malware.

If you ignore the message you will be presented with further messages warning you that your computer has been compromised and then will tell you it needs to scan your computer. It will then run a fake system scan which is nothing more than a series of animated screenshots and then tell you that your computer is infected with Trojan horse.win32.pav.64.a and that you need to install the full version of the windows debug system to fix this. The only real solution is to get rid of the windows debug system virus before it gets worse.

How can I get rid of this malware?

You can try the manual method first and in some cases this does get rid of it.

#1 Since this malware hijacks your screen you need to close it first. To do this let it run a fake scan when your computer starts. Once this is done it will tell you that you need to pen the license manager to activate the software. Open the license manager and then close the program by clicking on the “x” in the top right if the fake scan screen.

#2 The next step is to stop the malware completely. To do this start task manager by right clicking on the windows taskbar at the bottom of your screen. Then select task manager. When it opens go to the processes tab.

The name for the process for this malware is randomly generated but is usually a garbage name such as xgjfddg.exe or some other nonsensical name. Once you find it you need to click it with the mouse and then click on end process at the bottom of the task manager box.

#3 The next step is to remove the registry entries to be able to remove the windows debug system virus. These entries are below.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavastui.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsegui.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsekrn.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsascui.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsmpeng.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsseces.exe “Debugger” = ‘svchost.exe’


To remove the above entries you need to start the registry editor. Go to the windows start button on the taskbar. Then go to run and type in regedit. Once the registry editor opens search for and delete these entries.

#4 Once you have done this you need to modify the following entry. Some people seem to think you need to delete it but doing this is a mistake and will cause even further problems.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore “DisableSR ” = “1”

Should be changed to:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore “DisableSR ” = “0”

This key when set to “1” prevents system restore from working and setting it back to zero will enable it again. It is disabled by the windows debug system malware.

When you have run these steps and restart your computer you should find that you have been able to remove the windows debug system. If it is still there it is either because there are other registry files present or the random files it is using are still there. In this case you need to remove this malware automatically.

A simple two step process to get rid of the windows debug system virus.

#1 download a system scanner and make sure it is not more malware.

#2 Run a complete system and registry scan that will get rid of this malware quickly.

If you computer is infected follow the manual method first and if this does not work or you don’t feel confident enough run the automatic method to fix your computer.

Source by Brad Armstrong