Debug Privilege?

I have been using Comodo Firewall for a few days and I must say I am impressed after using ZoneAlarm for many years. It is clear that both the flexibility and protection levels are so much higher.

I have a question though. Every time a new program starts up that hasn’t yet been defined, it asks for access and then it asks for elevated (debug) privileges. I am using XP home SP3 and am the Owner (administrator). Why does every program ask for elevated privileges? is this normal and I just haven’t noticed it before because I was using ZoneAlarm or is something else going on? It’s a bit (only a bit :)) of a pain having to click twice for every program and I’m not clear why every one needs the elevated permissions to run.

Thank you for your help and keep up the great work.

Sybrandus

This is out of the ordinary. It is a minority of programs that will ask this usually. I am not sure to why it is happening but I hope you are not infected with one of those viruses that will inject its self in executables.

To see if malware is playing a role I would advice to scan using the Dr Web Live CD. This CD will allow you to boot from that CD which will install a mini Linux desktop which will allow to run the Dr Web scanner. This scanner is capable of successfully removing this type of infections.

Go to the Dr web website, download the ISO image and burn it. Then boot from that CD, update the scanner and let it scan. It is a big slow.

When done follow What to do if you’re infected - eXPerience Rev.3 to be on the safe side of things.

Just to share the resolution of this … my user accounts had debug privileges set. I believe this was caused by installing a program used by microsoft help which was helping me to resolve an issue with updates. They obviously didn’t remove it.

Removed debug privileges from all my user accounts (using a 3rd party program as this is not so easy to do in XP home) and the problem is gone.

Sybrandus

Thanks for letting us know. It is something I would not have thought of, that’s for sure.