stickyb
24th Mar 2010, 09:22
If you want the short version, please tell me how to find out where TR/PSW.Kates.BV.8 is hiding.
For the longer tale of woe - read on.......
A friend of mine had what appeared to be an intermittent memory problem on his HP Desktop.
Said desktop had been bought in America with legal copy of windows, etc etc, and he bought it with him to thailand when he moved.
Another friend suggested a local computer "expert". Said expert duly arrived, and although limited English skills hampered too much discussion, assured my friend he could fix the problem.
Computer came back a few days later. Problem appeared to have been fixed but then my friend started noticing a few things wrong, like missing programs.
Asked me to have a look, and a system that was running genuine xp, receiving updates from Msoft, with Avira and Sypbot installed now refused to update as it wasn't a genuine Copy of Windows, and the antivirus protection had disappeared apart from a trial copy of NOD which did not seem configurd to do much.
Turns out that the expert had fixed thememory problem by installing a new motherboard, and then on top of that installed a clone of windows along with cloned MSoffice 2007 and various other junk bits and pieces.
I have spent some time cleaning up the system, and we can get the system legal again by paying $ to Msoft, but I cannot find where this one particular virus is hiding.
Every so often Avira will block it from creating a file, but all the scans with Avira and Mbam (including rootkit) come up clean, but still the detection message comes up periodically.
Anyone got any ideas?
For the longer tale of woe - read on.......
A friend of mine had what appeared to be an intermittent memory problem on his HP Desktop.
Said desktop had been bought in America with legal copy of windows, etc etc, and he bought it with him to thailand when he moved.
Another friend suggested a local computer "expert". Said expert duly arrived, and although limited English skills hampered too much discussion, assured my friend he could fix the problem.
Computer came back a few days later. Problem appeared to have been fixed but then my friend started noticing a few things wrong, like missing programs.
Asked me to have a look, and a system that was running genuine xp, receiving updates from Msoft, with Avira and Sypbot installed now refused to update as it wasn't a genuine Copy of Windows, and the antivirus protection had disappeared apart from a trial copy of NOD which did not seem configurd to do much.
Turns out that the expert had fixed thememory problem by installing a new motherboard, and then on top of that installed a clone of windows along with cloned MSoffice 2007 and various other junk bits and pieces.
I have spent some time cleaning up the system, and we can get the system legal again by paying $ to Msoft, but I cannot find where this one particular virus is hiding.
Every so often Avira will block it from creating a file, but all the scans with Avira and Mbam (including rootkit) come up clean, but still the detection message comes up periodically.
Anyone got any ideas?