1 of 5
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:
Windows Defence Center, Windows Error Correction , WindowsTroublemakersAgent

Windows Troublemakers Agent

There is no end to the cyber criminal attempts to extort financial gain from unsuspecting computer users. Windows Troublemakers Agent is yet another member of the huge Fake Microsoft Security Essentials fraud, which encompasses such notorious pests as Windows Defence Center, Windows Error Correction, Windows Optimal Tool and many more. These rogue system optimization applications share similar design, copying the symbols and color schemes from genuine security products with intention to trick the innocent users.

Windows Troublemakers Agent has the ability to stealthily enter your system, because you can’t really pinpoint the exact moment when it slithers inside. You might actually be infected already. If you want to check your computer for the Windows Troublemakers Agent infection, feel free the use the suggested malware scanner.

Download Spyware Removal Tool to Remove* Windows Troublemakers Agent
  • Quick & tested solution for Windows Troublemakers Agent removal.
  • 100% Free Scan for Windows

This rogue is very dangerous, because it uses a set of nasty methods to achieve its goal. Windows Troublemakers can very effectively block your desktop access. After the installation you might see that you can access neither your icons, nor your taskbar. Don’t panic, there is a way to restore your desktop access. Simply follow these instructions:

1. Reboot the computer. When it’s on again, you will see the rogue’s application on the screen. Click “OK” to make it disappear. The rogue will start a fake system scan.
2. Wait for it to finish and then you will see another fake security message. Click “OK” again.
3. Now it is possible to make the message go away. Click on the red “X” at the right top of the notification.
4. The notification will disappear and you will have your desktop restored.

Blocking the desktop is just one of the many horrendous things that Windows Troublemakers can do. This rogue usually enters your system via Trojan infection and then roots in your computer without your knowledge, until eventually it begins its attack against you and your computer. Windows Troublemakers Agent will initiate a fake system scan which will “find” multiple computer security threats in your system, and the rogue will inform you about it with these kinds of messages:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click \'show details\' to learn more.

Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a seriuos possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press \\\'OK\\\' to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.

This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.

Name: firefox.exe
Name: c:program filesfirefoxfirefox.exe
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

Needless to say, that you should by no means trust these notifications. They are obviously fake, and the poor syntax and spelling of these messages only support this claim. And nothing good can come from a fake program. Windows Troublemakers Agent only bombards you with these messages, so you would be convinced to buy the license for the full version of the program. If you do so, consider your money as good as gone forever. Not to mention that this rogue also significantly slows down your computer performance which eventually can results in a total system crash. Don’t hesitate any longer and terminate Windows Troublemakers Agent from your computer.

Download Spyware Removal Tool to Remove* Windows Troublemakers Agent
  • Quick & tested solution for Windows Troublemakers Agent removal.
  • 100% Free Scan for Windows

How to manually remove Windows Troublemakers Agent

Files associated with Windows Troublemakers Agent infection:


Windows Troublemakers Agent processes to kill:


Remove Windows Troublemakers Agent registry entries:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell “%AppData%\[random].exe”


  1. 1EB80 Mar 11, 2011

    I followed your instructions all worked great

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.