• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

virus question

amish

amish

Diamond Member
hi all. i've been hit with "TR/Pahador.F" three times now. it was on my wife's computer and my computer twice. i deleted it once and it came back the next morning.

has anybody seen it before? WTF am i doing to piss off the computer gods?


specs:
shuttle SNG85G (?)
AMD socket 754 3200+
1 gig CVR
80g HD
Samsung DVD burner
Windows XP home
SBC/AT&T DSL
 
Do you have a firewall between those two PCs? It sounds like they are passing stuff back and forth. And it also sounds like you didn't get all the malware fully removed from at least one of the PCs.
 
Originally posted by: RebateMonger
Do you have a firewall between those two PCs? It sounds like they are passing stuff back and forth. And it also sounds like you didn't get all the malware fully removed from at least one of the PCs.
Click to expand...

good question. i've only got the windows firewall set up on both computers outside of my Linksys WRT54G router. is there a way to correctly configure the windows firewall?

i'll give AntiVir another go on both systems after i disconnect them both from the router once i get home.

thanks for the help.
 
Originally posted by: amish
good question. i've only got the windows firewall set up on both computers outside of my Linksys WRT54G router. is there a way to correctly configure the windows firewall?
Click to expand...
As long as you haven't disabled the Windows SP2 firewall, that's about the best you can do.

If it's a trojan or worm, up-to-date AV software can usually find it and remove it.

Pahador appears to be a recent trojan, which makes entries in the Registry (to reload itself with each reboot)

It also tries to send screen shots and keystroke logs of your computer to another computer for their viewing pleasure.
 
You could also hit the "Don't allow exceptions" checkbox on Windows Firewall to close the door more. At this point, I'd uninstall whatever antivirus software you're using, install a 30-day trial version of Kaspersky AntiVirus Personal 6, click the green Settings checkmark and max out all the detection options, then update it, reboot, and run an exhaustive scan. Let a Kaspersky antivirus scanner be the final screenshot that the bad guys get to see :evil:


Big picture: sounds like it might be time for some user education and a switch to Limited accounts. In Control Panel > User Accounts, create a new account and name it Admin. Leave it as a Computer Administrator, and then reduce your established user account to Limited and see if that works OK for you. Far safer against accidental infection or semi-deliberate infection. If people still bust out the Admin account to shoot themselves in the foot with Weatherbug or Hotbar or something worse, then that's the user-education part.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top