Help with TR/PSW.Kates.BV.8
Thread Starter
Joined: Feb 2000
Posts: 542
Likes: 0
From: asia
Help with TR/PSW.Kates.BV.8
If you want the short version, please tell me how to find out where TR/PSW.Kates.BV.8 is hiding.
For the longer tale of woe - read on.......
A friend of mine had what appeared to be an intermittent memory problem on his HP Desktop.
Said desktop had been bought in America with legal copy of windows, etc etc, and he bought it with him to thailand when he moved.
Another friend suggested a local computer "expert". Said expert duly arrived, and although limited English skills hampered too much discussion, assured my friend he could fix the problem.
Computer came back a few days later. Problem appeared to have been fixed but then my friend started noticing a few things wrong, like missing programs.
Asked me to have a look, and a system that was running genuine xp, receiving updates from Msoft, with Avira and Sypbot installed now refused to update as it wasn't a genuine Copy of Windows, and the antivirus protection had disappeared apart from a trial copy of NOD which did not seem configurd to do much.
Turns out that the expert had fixed thememory problem by installing a new motherboard, and then on top of that installed a clone of windows along with cloned MSoffice 2007 and various other junk bits and pieces.
I have spent some time cleaning up the system, and we can get the system legal again by paying $ to Msoft, but I cannot find where this one particular virus is hiding.
Every so often Avira will block it from creating a file, but all the scans with Avira and Mbam (including rootkit) come up clean, but still the detection message comes up periodically.
Anyone got any ideas?
For the longer tale of woe - read on.......
A friend of mine had what appeared to be an intermittent memory problem on his HP Desktop.
Said desktop had been bought in America with legal copy of windows, etc etc, and he bought it with him to thailand when he moved.
Another friend suggested a local computer "expert". Said expert duly arrived, and although limited English skills hampered too much discussion, assured my friend he could fix the problem.
Computer came back a few days later. Problem appeared to have been fixed but then my friend started noticing a few things wrong, like missing programs.
Asked me to have a look, and a system that was running genuine xp, receiving updates from Msoft, with Avira and Sypbot installed now refused to update as it wasn't a genuine Copy of Windows, and the antivirus protection had disappeared apart from a trial copy of NOD which did not seem configurd to do much.
Turns out that the expert had fixed thememory problem by installing a new motherboard, and then on top of that installed a clone of windows along with cloned MSoffice 2007 and various other junk bits and pieces.
I have spent some time cleaning up the system, and we can get the system legal again by paying $ to Msoft, but I cannot find where this one particular virus is hiding.
Every so often Avira will block it from creating a file, but all the scans with Avira and Mbam (including rootkit) come up clean, but still the detection message comes up periodically.
Anyone got any ideas?
Hippopotomonstrosesquipidelian title
Joined: Oct 2006
Posts: 1,825
Likes: 1
From: is everything
See if Housecall can help. HouseCall - Free Online Virus Scan - Trend Micro USA
Joined: Jan 2010
Aviation Qualifications: ATPL
Posts: 43
Likes: 0
From: UK
Run a scan while in safe mode. To enter safe mode you need to tap F8 while the computer starts up. If the windows logo appears before you get a menu you've missed it. When the list pops up, select 'safe mode with networking' so you can receive update for the antivirus software if you have an internet connection.
Safe mode usually stops viruses from loading/starting up. In normal mode they start up as normal and have the ability to lock files etc that would prevent you from removing them.
Safe mode usually stops viruses from loading/starting up. In normal mode they start up as normal and have the ability to lock files etc that would prevent you from removing them.
Thread Starter
Joined: Feb 2000
Posts: 542
Likes: 0
From: asia
Safe Mode is ok
Every scan I run comes out clean, in safe mode or in normal mode.
It is just that soemthing somewhere is trying to create a file and getting blocked by the a/v software. I can't find out what is trying to create the file.
It is just that soemthing somewhere is trying to create a file and getting blocked by the a/v software. I can't find out what is trying to create the file.
