I have gone though a lot of problems and had to reformat my drive again. I have already installed all of microsofts patches and I am running zone alarm with AVG and ewido. Every time I try to run through a complete scan with ewido it restarts the computer. I ran AVG and everything checked out OK. No viruses were identified but some files it checked had changed by them instead of OK. The same thing happened two days ago and I had to boot up from a rescue disk and reformat. Does anybody have any suggestions?

Don't know about your problem but if some files had changed by them you probably have spyware. I would run MS Antispyware as AVG doesn't pick spyware up. For example hosts may be changed so if you go to microsoft.com it takes you to a scammer website etc go to:

c:\WINDOWS\system32\drivers\etc\hosts

And open it with notepad then it should look like this:


# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost


If not just press ctrl A and delete it all then copy and paste that them go to Microsoft and download MS Antispyware (beta)

I checked that out and its all normal - I tried the MS scanner and my computer shut down about half way through the scan.

The files in AVG that show Changed are

c:\\windows\system32\kernel32.dll
c:\\windows\system32\wsock32.dll
c:\\windows\system32\user32.dll
c:\\windows\system32\shell32.dll
c:\\windows\system32\ntoskrnl.exe

Any suggestions?

These are all vital system files I think.
Go to start - run- and type "msconfig" (without the quotes) then click the startup tab and deselect everything except any important drivers - display, sound etc then restart and run a scan.
Or you can try running a scan in safe mode.
Turn off you computer completely then turn it back on and keep pressing F8 and then a menu comes up - go down to safe mode using the arrow key - just safe mode not with networking - then run a scan.

I would suggest downloading Spybot - Search & Destroy 1.4, a program that removes spyware, available from:

http://www.pcworld.com/downloads/file_description/0,fid,22262,00.asp

Once installed, enable Tea Timer. Open the Spybot Search & Destroy, click the "+" sign next to Tools on the left side of the screen, click System Startup, then on the right side of the page check HK_CU Run Spybot Tea Timer.

The Resident TeaTimer is a new tool of Spybot-S&D which perpetually monitors the processes called/initiated. It immediately detects known malicious processes wanting to start and terminates them giving you some options, how to deal with this process in the future.

Check for updates before running. If you have trouble getting the updates, near the top of the Update Window, click the little arrow next See-Cure #1(Europe), highlight the next one on the list, See-Cure #2 and try to download the updates. If that doesn't work, try the next one the list. Until you get one you can download from. Being a free program, if too many people are using the same site to download the updates, some people will not get them.

Check for viruses by going to:

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Click the GO button, then under Virus Detection, click Start. You might be told that you need to download and install ActiveX Contols for the scan to work, answer Yes.

Write down exactly anything it finds, then go to: http://sarc.com/ and do a search for what was found. Symantec usually has a removal tool and/or directions for removing manually.

Go to Windows Update and download the available updates.

Hope this helps!
Whiskye14