Ask Me Help Desk

Ask Me Help Desk (https://www.askmehelpdesk.com/forum.php)
-   Spyware, Viruses, etc. (https://www.askmehelpdesk.com/forumdisplay.php?f=477)
-   -   Computer rebooting during scans (https://www.askmehelpdesk.com/showthread.php?t=17705)

  • Jan 12, 2006, 02:50 PM
    gadawgfan
    Computer rebooting during scans
    I have gone though a lot of problems and had to reformat my drive again. I have already installed all of microsofts patches and I am running zone alarm with AVG and ewido. Every time I try to run through a complete scan with ewido it restarts the computer. I ran AVG and everything checked out OK. No viruses were identified but some files it checked had changed by them instead of OK. The same thing happened two days ago and I had to boot up from a rescue disk and reformat. Does anybody have any suggestions?
  • Jan 12, 2006, 03:19 PM
    manutd4eva
    Don't know about your problem but if some files had changed by them you probably have spyware. I would run MS Antispyware as AVG doesn't pick spyware up. For example hosts may be changed so if you go to microsoft.com it takes you to a scammer website etc go to:

    c:\WINDOWS\system32\drivers\etc\hosts

    And open it with notepad then it should look like this:
    Code:
    # Copyright (c) 1993-1999 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    #      102.54.94.97    rhino.acme.com          # source server
    #      38.25.63.10    x.acme.com              # x client host

    127.0.0.1      localhost
    If not just press ctrl A and delete it all then copy and paste that them go to Microsoft and download MS Antispyware (beta)
  • Jan 12, 2006, 04:16 PM
    gadawgfan
    I checked that out and its all normal - I tried the MS scanner and my computer shut down about half way through the scan.

    The files in AVG that show Changed are

    c:\\windows\system32\kernel32.dll
    c:\\windows\system32\wsock32.dll
    c:\\windows\system32\user32.dll
    c:\\windows\system32\shell32.dll
    c:\\windows\system32\ntoskrnl.exe

    Any suggestions?
  • Jan 12, 2006, 04:21 PM
    manutd4eva
    These are all vital system files I think.
    Go to start - run- and type "msconfig" (without the quotes) then click the startup tab and deselect everything except any important drivers - display, sound etc then restart and run a scan.
    Or you can try running a scan in safe mode.
    Turn off you computer completely then turn it back on and keep pressing F8 and then a menu comes up - go down to safe mode using the arrow key - just safe mode not with networking - then run a scan.
  • Jan 20, 2006, 12:09 PM
    Whiskey14
    I would suggest downloading Spybot - Search & Destroy 1.4, a program that removes spyware, available from:

    http://www.pcworld.com/downloads/fil...d,22262,00.asp

    Once installed, enable Tea Timer. Open the Spybot Search & Destroy, click the "+" sign next to Tools on the left side of the screen, click System Startup, then on the right side of the page check HK_CU Run Spybot Tea Timer.

    The Resident TeaTimer is a new tool of Spybot-S&D which perpetually monitors the processes called/initiated. It immediately detects known malicious processes wanting to start and terminates them giving you some options, how to deal with this process in the future.

    Check for updates before running. If you have trouble getting the updates, near the top of the Update Window, click the little arrow next See-Cure #1(Europe), highlight the next one on the list, See-Cure #2 and try to download the updates. If that doesn't work, try the next one the list. Until you get one you can download from. Being a free program, if too many people are using the same site to download the updates, some people will not get them.

    Check for viruses by going to:

    http://security.symantec.com/sscv6/d...d=ie&venid=sym

    Click the GO button, then under Virus Detection, click Start. You might be told that you need to download and install ActiveX Contols for the scan to work, answer Yes.

    Write down exactly anything it finds, then go to: http://sarc.com/ and do a search for what was found. Symantec usually has a removal tool and/or directions for removing manually.

    Go to Windows Update and download the available updates.

    Hope this helps!
    Whiskye14

    • All times are GMT -7. The time now is 05:57 AM.