Wishing there were computer condoms . . .

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mbmadiw, Aug 10, 2009.

  1. mbmadiw

    mbmadiw Corporal

    One of my computers seems to have caught some malware. Windows XP Home running AVG antivirus.

    When clicking on search results in Google, it takes me to pages other than the search result. So, I suspected Adware. I downloaded AdAware from this site and started to run it. AdAware shut down about 3 minutes into the computer scan and that program is now inaccessible.

    I tried to install other similar programs and get a message saying I do not have sufficent rights on the machine to install programs. It's an administrator profile and I just installed AdAware, so obviously something is screwy. Sooooooooo, since I can't follow the instructions listed on this site to diagnose my problem (because I can't install any software), can anyone help me out?

    I guess the answer I am looking for is to this question. How do I get my rights back to install software? Then, I believe I can install the software to diagnose the problem and remove the malware. If you disagree, please let me know what you think! Thanks!
     
    Last edited: Aug 10, 2009
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please, if you haven't already, follow the instructions here:
    If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First. If TDSSserv is not found, just continue on with the READ & RUN ME.

    TDSSserv Non-Plug & Play Driver Disable

    READ & RUN ME FIRST. Malware Removal Guide

    Both ComboFix and MGTools require no installation.

    Have you tried running any of the scans in safe mode? Did you rename them as suggested?

    It is becoming a very common problem these days for malware to change SeDebugPrivilege on administrator type accounts. They do this to prevent you from running various tools to help in the removal of malware. Tools like rootkit detectors and Look2Me-Destroyer commonly make use of this priviledge to help locate and/or remove stubborn malware. If you run a tool and receive a message similar to below (note this is an example for F-Secure's BlackLight Rootkit tool)

    F-Secure BlackLight was unable to acquire necessary privileges (SeDebugPrivilege)

    it means that the application cannot run and that you must restore the SeDebugPrivilege level on the user account being used. The below steps will do this for you.


     
    Last edited: Aug 12, 2009

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds