is Microsoft's Machine Debug Manager program which is included in Microsoft Visual Studio .NET, Microsoft Office 2007, Microsoft Office 2003, and a Microsoft Office XP post-Service Pack 3 release to provide support for program debugging. The Script Debugger is actually a JScript debugger used by programmers and advanced users when debugging programs; testing scripts developed using an ActiveX script engine; debug scripts developed with VBScript and JScript, ActiveX components and Java applets. It allows viewing and modifying program source code, variables, and values, or controlling the flow and pace of how the script works and allows debugging Internet Explorer errors by using a script interface tool.
This process starts when script debugging is enabled in Internet Explorer. It runs as a service with the local system account and is loaded when the computer starts but sometimes tends to slow system performance
. This is a non-essential process
and if you do not use your computer for debugging purposes, you can safely turn off the Machine Debug Manager.
To reconfigure script debugging options and Disable Machine Debug Manager
- Click on Start > Run and type: iexplore.exe.
- On the Tools menu, click Internet Options > Advanced tab.
- Click the "Advanced tab" and scroll down to "Browsing".
- Put a check mark next to "Disable Script Debugging (IE)".
- Put a check mark next to "Disable Script Debugging (Other)".
- Uncheck "Display a notification about every script error".
- Click "OK" and close Internet Explorer.
To disable the service:
Screenshot with an example of how to do this if needed.Note: If another application like Microsoft Visual Studio or .NET reinstalls Mdm.exe, or if Mdm.exe /Regserver is run on a computer that is running Window XP, Mdm.exe is re-added to the RunServices registry key. If the Detect and Repair feature within some Microsoft applications runs, this will also cause Mdm.exe to be re-registered on the system and reappear in Task Manager.
- Click on Start > Run and type: services.msc
- Press OK.
- Click the "Extended tab" at the bottom to view all the info on your services.
- Scroll down the list and find the service called Machine Debug Manager.
- When you find the service, double-click on it or right-click and choose "Properties".
- In the Properties Window > General Tab that opens, click the "Stop" button.
- From the drop-down menu next to "Startup Type", click on "Disabled".
- Click Apply, then OK and close any open windows.
I can find no information on dirhost.exe so I suspect it was bad. rtsecar.exe
is related to malware. See here
are very dangerous
because they provide a means of accessing a computer system that bypasses security mechanisms and steal sensitive information like passwords, personal and financial data which they send back to the hacker. Remote attackers use backdoor Trojans as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge. Read Danger: Remote Access Trojans
If your computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately
to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised
. They should be changed by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
Although the backdoor Trojan was identified and removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because the backdoor Trojan has been removed the computer is now secure
. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read "When should I re-format? How should I reinstall?
" and "Help: I Got Hacked. Now What Do I Do?
Should you decide not to follow that advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. Let me know how you wish to proceed.