Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
Here's some additional info on mdm.exe...
[[The Machine Debug Manager runs as a service and is loaded when your
computer starts. If you do not use your computer for debugging purposes, you
can safely turn off the Machine Debug Manager.]]
How to turn off Machine Debug Manager in Office XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;321410
Machine Debug Manager Service
http://www.theeldergeek.com/machine_debug_manager.htm
[[Filename: mdm.exe
Program Title: Machine Debug Manager
Comments: Used by developers for debugging. Those who have encountered it
have unchecked it with no degradation in performance. May cause your
computer to "hang" if you have MS Visual Studio
installed and this disabled because it appears to take over error handling -
hence the U recommendatioon. Can also be listed as MDM7. ]]
http://www.windowsstartup.com/wso/detail.php?id=1515
OFF2000: Files Whose Name Begins with "fff" Appear in Windows Folder
;221438]http://support.microsoft.com/default.aspx?scid=kb;[LN];221438
Machine Debug Manager
http://support.microsoft.com/search/default.aspx?catalog=LCID%3D1033&query=Machine+Debug+Manager&x=10&y=9
--
Hope this helps. Let us know.
Wes
MS-MVP Windows Shell/User
In news:%23vZhBxZIFHA.2936@TK2MSFTNGP15.phx.gbl,
Blondie <nobody@nowhere.org> hunted and pecked:
> I found MDM.EXE on both systems with the 'debugger' user type.
>
> The properties for MDM.EXE indicate that it is part of Visual Studio
> .NET Version 7.00.9466
>
> I think this module must have been installed as part of MS Office
> 2003 Pro (OEM Version). I installed 3 copies of this software, and
> just now checked the 3rd PC ... it also has this module, and now has
> 'debugger' user type for the local & Domain UserID ( Administrator
> Group ) I don't know for how long this user type has been present on
> the 3rd PC ... there have been no strange problems reported from this
> 3rd PC though.
>
> I guess that the presense of user type = debugger it is not a
> problem, and may be a benefit to have this module in the system.
>
> I will have to look elsewhere to understand the reasons for the
> strange behaviour of two of these PCs.
>
> PS ... I looked for information about 'user type = debugger' on the
> Knowledge Base and could not find anything that seemed relevant ...
> the article you referenced provides much better information than I
> was able to find on my own.
>
> Thanks!
>
>
> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
> news:%23XFZuSMIFHA.904@tk2msftngp13.phx.gbl...
>> mdm.exe maybe? Microsoft .NET Framework 1.1? I'm guessing.
>>
>> See if Mdm.exe (Machine Debug Manager) exists. It comes with a
>> bunch of MS
>> programs. I.e. Microsoft .NET Framework 1.1, Microsoft Office 2003.
>>
>> [[As a security enhancement, users who do not belong to the
>> Administrators group or to the Debugger Users group will not be able
>> to debug scripts with
>> the Microsoft Script Editor.
>> By default, the only member of the Debugger Users group is the
>> Administrator
>> who installed the application. ]]
>> Users must belong to the Administrators group or to the Debugger
>> Users group
>> to use the Script Editor component in Office 2003
>>
http://support.microsoft.com/default.aspx?scid=kb;en-us;891962
>>
>> --
>> Hope this helps. Let us know.
>>
>> Wes
>> MS-MVP Windows Shell/User
>>
>> In news:eC3XL1GIFHA.3500@TK2MSFTNGP14.phx.gbl,
>> Blondie <nobody@nowhere.org> hunted and pecked:
>>> I looked at these two PCs again today.
>>>
>>> One of them was only installed about 3 days before this 'problem'
>>> was noticed.
>>>
>>> I installed both of these PCs ... WinXP Pro, Office 2003 Pro ... a
>>> handful user applications.
>>> NO development applications of any kind have been installed.
>>>
>>> First one that acquired the 'debugger' status was installed about 2
>>> months ago, we noticed the problem after 'joining' the SBS Domain
>>> about 3 weeks ago. The PC started to complain that there was no
>>> default mail application to send the message requested by a program,
>>> the day after joining the domain ... nobody knew anything about any
>>> program that could be expected to be sending a message. That is the
>>> first time we noticed the User type = debugger.
>>>
>>> The second PC was installed last week, WinXP Pro, Office 2003 Pro
>>> ... a few user applications, no development programs ... the user
>>> type = debugger was not present in the system when I turned it over
>>> to it's new owner.
>>>
>>> The next day the user installed Trend Micro PcCillin 2002 and it was
>>> unable to update itself ... so, another customer call was scheduled
>>> ... 3 days after it was installed it's two local Administrator
>>> accounts had acquired the 'debugger' status. The user had installed
>>> 3 programs:
>>>
>>> 1) Adobe Reader 7
>>> 2) Ad-Aware SE
>>> 3) DocuPrinterLT
>>>
>>> The only one on this list that is common with the other PC with the
>>> 'debugger' User type is Adobe Reader 7.
>>>
>>> I removed the PcCillin installation that was unable to update itself
>>> (persistent error code 47 ... means corrupt downloaded virus
>>> signature file) and replaced it with Trend Micro Internet Security
>>> 2005 (which did update itself) ... ran a complete system scan, found
>>> nothing.
>>>
>>> I am concerned that this user type = debugger 'materialized' without
>>> any understandable reason, but this by itself does not seem to be
>>> causing a problem ... I wonder if it is a symptom of something wrong
>>> though?
>>>
>>> I wonder what else changed and why?
>>>
>>>
>>> "Wesley Vogel" <123WVogel955@comcast.net> wrote in message
>>> news:%23OiyiZ5HFHA.2620@tk2msftngp13.phx.gbl...
>>>> I don't know why. Did you install .NET, Visual Studio or
>>>> something?
>>>>
>>>> [[Debugger Users group enables you to remotely access debugging
>>>> components on other machines.]]
>>>>
>>>> [[Debug programs
>>>> Computer Configuration\Windows Settings\Security Settings\Local
>>>> Policies\User Rights Assignment
>>>>
>>>> Description
>>>> Determines which users can attach a debugger to any process. This
>>>> privilege
>>>> provides powerful access to sensitive and critical operating system
>>>> components.
>>>>
>>>> This user right is defined in the Default Domain Controller Group
>>>> Policy object (GPO) and in the local security policy of
>>>> workstations and servers.
>>>>
>>>> By default, only administrators and LocalSystem accounts have the
>>>> privileges
>>>> to debug programs.]]
>>>>
>>>> --
>>>> Hope this helps. Let us know.
>>>>
>>>> Wes
>>>> MS-MVP Windows Shell/User
>>>>
>>>> In news:%23Pqgj73HFHA.3776@tk2msftngp13.phx.gbl,
>>>> Blondie <nobody@nowhere.org> hunted and pecked:
>>>>> Just recently 2 out of 7 PCs (all Windows XP Pro) on the local LAN
>>>>> have begun to behave strangely and when I went to check up on them
>>>>> to see if I could find anything wrong I noticed that on each of
>>>>> them the original user account (type = Administrator) has been
>>>>> changed to type = debugger; user.
>>>>>
>>>>> I haven't seen this before, does anyone know why this happened or
>>>>> what this user type = debugger means?
>>>>>
>>>>> Thanks