I'm pretty much a novice so I hope my questions don't seem ridiculous. I've got MS AntiSpyware Beta1 on my computer, and the other day it gave me the warning that I had Rivarts.A trojan in 9 different regisrty keys: HKey_Local_Machine_system\Current COntrol\Services\mchInjDrv\Type1. THe other enteries follow the same info with additional "file" in place of the Type1 entry. I'd clean it and get a clean bill of health. Then, the next time I'd restart my computer, Voila! the Rivarets would return. I installed the Ewido's free program earlier today. I ran Nod32, Spybot, MS Antispyware, PestPatrol in safemode today and no program found the Rivarts. When I restarted in normal mode, AntiSpyware found it again, and cleaned it again. Rivarts is listed on some of the Sites as a legitimate pest, so I'm all the more unsure how it can be a false positive and a legitimate pest at the same time....ummm... I feel like I'm being pushed into becoming some kind of "expert" just to get by and use my computer without incidents. It would sure brighten my day if someone would kindly put a few of my questions put to rest, so I can rest, eh?! I've a few questions: 1. Why isn't the Ewido's software alerted to this trojan? 2. Why doesn't the Ewido program accept my choice to allow my TIghtVNC program to be accepted? I keep getting a Zone Alarm message like this-"guard is trying to communicate with "C:\Installations\COmmunications|TightVNC\WinVNC.exe" -servicehelper by opening a thread. When I said "ALLOW", the VNC program dropped from my notification tray and opens a box stating "VNCHooks.dll is missing for VNC.exe" How do I fix this 3. SHould I allow or deny the guard's request to open a thread with VNC? I don't know what the request means. 4. Can I delete the extra language files downloaded with the Ewido software package such as German, French, Japanese, etc. since English is the only language I'll be needing? Can this be done without harm? I think that covers my confusion, but who knows I may be so deep into something I know so little of that my questions barely are the "tip of the ole iceberg"? I surely hope not. Thank you to anyone who can help me out. I am most grateful. 3/29/06 PS: I read in these threads how one can choose to ignore all the files detected by scan as "Not-A-Virus", but I've scoured through all the options and do NOT find it anywhere. Where is this so I can stop the VNC warnings? I found that the VNCHooks and the VNC.exe are in the quarintine---yesterday, the VNCHooks was nabbed; today, the VNC.exe was nabbed. Does this mean I can retore my VNC functioning by somehow removing them from quarentine (is that the refresh button?)? Also, when I allow or deny ZoneAlarm's requests to "communicate with VNC-servicehelper by opening a thread", or to "change fileWINDRVDIR\etc\hosts", am I the ignorant one cutting off my VNC?? I notice too, that some computer stats help, so here goes: I've got 1GB memory, AMD Athlon64 3000+, nVidea nForce4, 2 ide HDs with 250GB+ (pretty sure),XP Pro with a full office suite and add'l add on's with some kind of Corrupted Outlook functioning; ZoneAlarm Security Suite v6.1.744.001, with the Vir & Spyware & IM & email protection at OFF; MRU-Blaster v1.5, WebRoot Window Washer v6.05..; SpywareBlaster 3.51; Spybot S&D v1.4; PestPatrol126.96.36.199.1; Lavasoft AdAware SE PRo, build115. Real time is Z/A, Nod32 v1.1461, MS ANtiSpyware-Beta1 v1.0.7.01. I think I got the vip stuff noted, or not Sorry I didn't include this stuff before. I presently think it's fair to say, "I'm in WAY over my head", but I need to get this stuff working so I can overcome what a disabling accident has had me contending with. This is my hope for a better future. Carpe Diem!