Home Malware Programs Rogue Anti-Spyware Programs Windows Debugging Agent

Windows Debugging Agent

Posted: July 4, 2011

Windows Debugging Agent is a new version of previous rogue security programs that recycle both their appearance and their malicious code with different names slapped on top. The interface for Windows Debugging Agent will try to tell you that your computer is out of date and being threatened by a variety of infections and generally poor security, but these warnings are fake. Even though Windows Debugging Agent looks just like real security software, Windows Debugging Agent's only goal is to steal your money and credit card information. In addition to this, Windows Debugging Agent may also cause problems with other applications, including browser hijacks and preventing programs from running. You should remove Windows Debugging Agent from your PC with quality anti-virus software, since Windows Debugging Agent is a complex threat and may be installed by Trojans.

Windows Debugging Agent - the Agent with Plenty of Threats for Your Other Programs

Windows Debugging Agent is as good as identical to other rogue security applications in its family, including recent additions like Windows Inviolability System, Windows Proofness Guarantor, Windows AV Component and Windows Antivirus System. Like its relatives, Windows Debugging Agent will pretend to monitor wide swathes of your PC's security while also warning you about any infections and other PC threats.

This may sound like a great deal, especially for a free 'trial' program, but the catch is that it's too good to be true - none of the security-monitoring information that Windows Debugging Agent pretends to offer is, in fact, accurate. With the help of nasty Trojans, Windows Debugging Agent will also make use of a variety of attacks to force you towards the Windows Debugging Agent website and disable your real security:

  • May hijack your web browser to redirect you to the Windows Debugging Agent website. This can include using fake error messages to block 'undesirable' (in other words, real security-based) websites, setting your homepage to a new URL, creating pop-ups or even redirecting you during a search.
  • May also block programs with infection-threatening pop-ups, purely to stop you from using software that could delete Windows Debugging Agent and other PC threats. This may disable your ability to use even basic Windows utilities; this includes a proper anti-virus scanner.

Firing Windows Debugging Agent from the PC Security Job

Windows Debugging Agent may also create other pop-ups even when you're not trying to use another application, based on the logic that these threats will scare you into purchasing Windows Debugging Agent. Some of Windows Debugging Agent's warnings can include:

Warning!
Location: [application file path]
Viruses: Backdoor.Win32.Rbot

Warning!
Name: [application file name]
Name: [application file path]
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning! Database update failed!
Database update failed!
Outdated viruses databases are not effective and can't [sic] guarantee adequate protection and security for your PC!
Click here to get the full version of the product and update the database!

System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.
This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.

Warning! Running trial version!
The security of your computer has been compromised!
Now running trial version of the software!
Click here to purchase the full version of the software and get full protection for your PC!

As the malicious cherry on top of a very unpleasant cake, Windows Debugging Agent may also be installed by Trojans such as Zlob or Fake Microsoft Security Essentials Alert. These Trojan droppers may also complicate the process of deleting Windows Debugging Agent, but in all cases, a good anti-virus program that's been updated and is used properly will be able to remove Windows Debugging Agent without trouble.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %AppData%\Microsoft\[RANDOM CHARACTERS].exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell "%AppData%\Microsoft\[RANDOM CHARACTERS].exe"

Additional Information on Windows Debugging Agent

  • The following messages's were detected:
    # Message
    1 Warning! Running trial version!
    The security of your computer has been compromised!
    Now running trial version of the software!
    Click here to purchase the full version of the software and get full protection for your PC!
    2 Warning! Database update failed!
    Database update failed!
    Outdated viruses databases are not effective and can't [sic] guarantee adequate protection and security for your PC!
    Click here to get the full version of the product and update the database!
    3 System component corrupted!
    System reboot error has occurred due to lsass.exe system process failure.
    This may be caused by severe malware infections.
    Automatic restore of lsass.exe backup copy completed.
    The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.
    4 System Security Warning
    Attempt to modify register key entries is detected. Register entries analysis is recommended.
    5 Warning!
    Location: [application file path]
    Viruses: Backdoor.Win32.Rbot
    6 Warning!
    Name: [application file name]
    Name: [application file path]
    Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

One Comment

  • Belly Niel says:

    Was really disgusted to keep getting those popups. Thanks for providing Windows Debugging solution with your SpyHunter. Worked great and does not cost much. Well worth it so I can finish my reports on my PC.

Loading...