1 of 4
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer

Windows Troubles Killer

The Fake Microsoft Security Essentials is a terribly big family of rogues, and Windows Troubles Killer is the newest addition to the nest. Previous versions of this malicious application include Windows Necessary Firewall, Windows Protection Alarm, Windows Efficiency Analyzer and the like. This rogue enters the targeted computer via Trojan infection or some other mean, which is able to trick the user into believing that there is something wrong with his computer and he simply must use Windows Troubles Killer to eliminate the problem.

However, in order to finalize the infection the user has to download Windows Troubles Killer himself. That might be really easy to do if one is intimidated and desperate to wipe out the security messages that keep on popping up, “informing” him about Trojan.Horse.Win32.PAV.64.a which supposedly has infected the system. Windows Troubles Killer provides this information about the previously mentioned Trojan:

Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press 'OK' to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

With this prompt the rogue urges you to download and fully install the program which should take care of all your computer security programs. When Windows Troubles Killer gets in your system it performs a fake system scan, giving a poor overall security rating to your computer and urging you to fix the errors found by purchasing the full version of the program.

Buying Windows Troubles Killer involves revealing your personal and banking information to the creators of this rogue. With your credit card number and the CVV2 at their disposal, the criminals will be able to hack into your account and steal your money anytime they wish. Therefore you must ignore the results of the scan and the annoying pop-up messages you receive from Windows Troubles Killer. The only way out of this situation is terminating the program. Remove Windows Troubles Killer as soon as you can either manually or automatically, it depends on your choice of preference. As long as the rogue disappears from your system without a trace, all methods of removal are good.

Download Spyware Removal Tool to Remove* Windows Troubles Killer
  • Quick & tested solution for Windows Troubles Killer removal.
  • 100% Free Scan for Windows

How to manually remove Windows Troubles Killer

Files associated with Windows Troubles Killer infection:


Windows Troubles Killer DLL's to remove:


Remove Windows Troubles Killer registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.