hello manganliso, regarding your problem; it could be that avg is lacking update definitions.. try updating it, and it could be that avg cannot detect this specific trojan.. try doing an online scan at trendmicro there:
http://housecall.trendmicro.com/
.. somewhat unlikely, but it can also be avg itself, you've mentioned that you've been using avg for several days now, did your computer run normally prior to installing avg? if yes, then avg could be the reason, although avg is one of the least memory hogging antiviruses, it is still a resident-antivirus.. and it will no matter take a nice chunk of your memory..and a slight performance degrade is normal; especially if you have a slow machine with inadequate ram.
if you scan with trendmicro's online scan and no viruses or trojans were detected.. and your computer is still acting up, then do a clean uninstall for avg..that is; remove every single registry key and file related to avg and i'll show you a way to have a nice responsive and secure pc without having an antivirus installed.
i've been using windows machines since windows 95, i've never installed any kind of antivirus or spyware removal and i;ve never once got infected with a virus.. most people, especially those advocates for antiviruses call me stupid or arrogant and that my system is completely infected and i'm not even aware of it.. i assure you, that my system is quite secure without any resident antivirus taking up my resources..
besides that, there's no end to update definitions, everyday there's a new virus or a variant.. viruses get more sophisticated and antiviruses get more bloated, require more of your system resources and even though they are supposed to protect you they start to function like a virus themselves.. they dramatically slow down your machine, requiring more ram .. the least resource hog of antiviruses will take up around 15-20% of your resources and there's another problem, an antivirus isn't exactly 100% bullet-proof.. as more viruses are released, antiviruses are always lagging behind with their definitions and the worse thing is; people get a false sense of security with all their antiviruses, spyware scanners installed and they practice bad browsing habits which further contribute to the spread of malware in general.
so the question is, can you be secure on a windows machine without an antivirus? the answer is absolutely.. how to do it is another thing.. honestly, i never tell people to compute without antiviruses.. i am an anti-antivirus, yet i don't advocate it because it's not for everybody.. but since you seem to be having problems with avg, i'll give you a few guidelines to start you off.. but first, if you're a novice and don't know much about computers, then please stick with your antivirus.
nowadays, most viruses spread through the internet, infected emails and malicious sites are the #1 origin of antiviruses, few others spread through removable media..like a cd or a flash drive from a friend etc.. with a few steps you can easily block out the source of viruses without the need of additional programs and without compromising your machine.
here goes..securing your windows machine without an antivirus:
1- first and above all, be wise.. use your head.. simple common sense goes a long way, do not open emails that lure you with nude images or discounted medincines etc. open only emails from addresses you know and that are on your contact list.. and do not open emails from your friends that contain attachments if that attachment has a binary extension like exe or zip or simply if the subject line looks fishy and doesn't sound like something a friend would send.(spear britney caught naked?)
2- safe browsing: dump internet explorer and use a different browser like k-meleon or any other gecko-based browser,they are much more secure than ie.. if you must use ie, then disable scripting for the internet zone and add your favourite sites and the ones you know you can trust into the trusted zone.. you can do that by going to your control panel> open internet options, click on security tab.. select internet zone>custom level and find active scripting>disable
3- blocking risky extensions -part 1: change the default execution of screensaver, files with .scr extension.. unfortunately windows hide this extension from your file types in folder options, so you have to do a little bit hard work and dig through the registry, go to run and type regedit, in regedit, click on edit>find and search for scrfile, when it finds scrfile, expand the folder, you'll find another folder called shell.. click on shell once, in the right click pane of regedit.. you'll see the key for shell called default and the entry for it is open.. double click on that key.. and type in anything you like instead of open, this simply changes the default action when you double click on a screensaver file.. why is that? because an scr is essentially an executable file just like an application and many viruses use that extension to run and spread, will that mean you will no longer be able to run screensavers? absolutely not, you can still execute your actual and legit screensavers from display properties or by right clicking on it and selecting the command open from the menu.. this will only prevent viruses disguising as scr files from running behind your back.. if you find modifying with regedit too confusing, i've uploaded this registry key at this link:
http://kmeleon.swiftfree.net/scrblock.reg
you can just download it and merge it into your registry.. i also do the same thing with .pif and .cmd extensions but your scr is the one to worry about.
4-blocking risky extensions -part 2: those extensions will be scripting files.. like vbs and js(javascript) etc, this part is much easier than part 1 because we will be using a very good program called script scentry.. but unlike an antivirus; script scentry will not be running in your background, it will simply attach itself to be the default handler for scripting files..whenever a script is run, script scentry will intercept it, examine it and then tell you whether this file is safe to run or not. download it here
http://www.jasons-toolbox.com/scriptsentry.asp
5-preventing execution from data cds: very simple step.. disable autorun of cds.. download a program called tweakui from microsoft, open it and you'll find options to disable autorun on data cds and audio cds.. you can leave autorun of audio cds if you prefer.
tweakui:
http://www.filehippo.com/download_tweakui/
6- preventing execution from all removable media+temporary internet files+temp folder: those are all the locations where 99.9% of viruses are born..
any computer tech knows how to do that with restriction policies but that's too complicated, and not 100% fool-proof; fortunately there's a great program from beyondlogic called trust-no-exe. download and install it.. after that you will find a trust-no-exe entry in your control panel folder where you can add locations for DENY LIST.. once you add a location, nothing can run from there.. you can also add an allow list to folders where your programs are and you know it's safe to run from there.. by default trust-no-exe allows common known paths like your program files folder on the c partition etc, if you have other partitions where you have programs, you can always add them to the allow list.. you don't need to add locations were you have personal data files like images and mp3 songs..those will run normally , just add folders that contain your applications(exe) and now to the deny list add those locations:
c:\windows\temp
C:\Documents and Settings\(yourusername)\Local Settings\Temp
C:\Documents and Settings\(yourusername)\Temporary Internet Files
C:\Documents and Settings\(yourusername)\desktop
C:\Program Files\Outlook Express\Folders
for some windows versions, 'documents and settings' folder is replaced by a 'users' folder
now you've blocked the most important sources of viruses
the other source is removable media.. flashdrives/external hardrives etc/... those add an extra partition when connected to your pc and you nolonger have to worry about that because trust-no-exe will automatically deny any partition that isn't on the allow list.
however, trust-no-exe has some limitations.. unlike an antivirus that constantly keeps scanning your files in the background, trust-no-exe is simply a filter..and some installation programs that extract to the temp folder will not be able to run.. then you can simply open the trust-no-exe control panel and temporarily disable it until you install the program and don't worry if you forget to enable trust-no-exe again because it will automatically activate when you restart your computer; also, unlike an antivirus, trust-no-exe takes extremely little resources between 1%-2%.. that's like opening your notepad, you won't even know it's there. download trust-no-exe:
http://www.beyondlogic.org/solutions/trust-no-exe/trust-no-exe.htm
7- last but not least, always update your windows version with the latest security patches, otherwise your system can be explioted whether you have an antivirus or not.
now very importantly.. you can only apply those steps on a clean system(with absolutely no viruses) because those steps will secure you against viruses in the future but will not remove existing viruses on your system..so do that online scan at trendmicro nonetheless.
another note about trust-no-exe.. even though it will 100% secure you, it requires a smart user.. if you deliberately copy a virus from somewhere and add it to an allow path..trust-no-exe will not block it.. you just have to be wise.
follow these steps and i promise you you'll never have a virus on your system.. take it from someone who has been computing for over 18 years, 11 of them on windows machines without an antivirus.
p.s. all links are for free software
Edited 1 time(s). Last edit at 04/25/2010 01:04AM by disrupted.