|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
 Posted: Fri Aug 11, 2006 5:16 pm Post subject: AVG problems and questions |
|
|
Um i don't what else to say really besides when i get virus notifications from AVG they don't go away after i heal them i just get another AVG pop up followed by another AVG pop up followed by another. Now this really annoys me because when im using my computer i dont wanna be bothered by these pop ups that take precedence over the current program i am using, if im getting these pop ups i obviously need to clean my computer but i dont feel like dropping everything im doing booting into safe mode and then cleaning. Other than that id be fine if i could get AVG to put it's notifications in the background or if i could minimize them somehow until i feel like cleaning my computer. Is there anyway to do that?
In addition to that just what does AVG do when my 30 seconds to decide on what to do with the virus is up?
And lastly is the resident shield even worth running? It's not really a shield you know it doesn't protect you from viruses from outside, it just protects you from viruses already in your computer that are launched when other programs are launched. So basically it's just a thing that tells you when you have an infection of some sort.
Thanks id really like to learn how to use this thing
|
|
| Back to top |
|
 |
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8517
|
|
| Back to top |
|
|
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
| Posted: Fri Aug 11, 2006 8:14 pm Post subject: |
|
|
Well no my question was completely different in that last thread, and when you guys replied i replied back with another question and it wasn't answered and so i thought i should create a new topic since no ones answering and this question is different anyway, and the AVG help file and the AVG faq really didn't help me at all.
I know running an MRP is what you should do when you are infected but you see sometimes im busy and when i get these notifications i cant just drop what im doing and run an MRP and i doubt that you would to. So what im wondering is in that case where im busy at the moment and i can't run an MRP at the moment is there anyway i can just get the pop ups to not bother me. And what would you do if you cant get the pop ups to just minimize or go to the background would you just turn off the resident shield until you have the time to run an MRP. I try to clean my computer weekly right so what's the point in doing it right then and there when im busy?
And something that id really really really like to know though is what does AVG do with the detected file when my time to decide runs out?
Thanks
|
|
| Back to top |
|
|
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8517
|
| Posted: Fri Aug 11, 2006 11:18 pm Post subject: |
|
|
Hello Winxppwnz,
| Winxppwnz wrote: | | So what im wondering is in that case where im busy at the moment and i can't run an MRP at the moment is there anyway i can just get the pop ups to not bother me. |
Depends on what AVG function is triggering the alerts. If it's an AVG test, that was explained in the last thread. If the alert originated from the Resident Shield, the answer is that you can't prevent the Resident Shield alerts unless you disable the Resident Shield, which we explicitly recommend against doing.
Here is an explanation (from the AVG Help file) of your options for dealing with Resident Shield alerts:
| AVG Help file wrote: | Virus Detected By Resident Shield Dialog
The name of the infected object is given in the dialog (in the In Object: line), and also the name of the virus (on a separate line) including the detection level (e.g. suspicious / detected / identified etc.)
If the virus is detected while closing the infected file (On Close) the Keep button is displayed. If the virus is detected while opening infected file the Deny Access button is displayed.
Click on Deny access/Keep to deny access to the file/aknowledge existence of the file and close the dialog.
Click on Info to call up the dialog with information on the detected virus.
Click on Heal to heal the infected object.
Click on Delete to delete the infected object
Click on To vault to send the infected object to the AVG Virus Vault |
| Winxppwnz wrote: | | And something that id really really really like to know though is what does AVG do with the detected file when my time to decide runs out? |
Nothing. That also was explained in the previous thread.
Download the Eicar test virus and find out how AVG reacts under various scenarios.
| Winxppwnz wrote: | | And what would you do if you cant get the pop ups to just minimize or go to the background would you just turn off the resident shield until you have the time to run an MRP. |
I'm not sure exactly what you are doing but if you are typically getting multiple Resident Shield alerts per each Windows session you need to take a long, hard look at your computing practices.
The above excerpt from the AVG Help file explains how to acknowledge and close the Resident Shield alerts. I wouldn't turn off the Resident Shield - I'd want to know why I was getting infected so often and change my computing practices to avoid recurrence.
| Winxppwnz wrote: | | I try to clean my computer weekly right so what's the point in doing it right then and there when im busy? |
| k027 wrote: | | Often malware is much easier to remove before it executes and becomes established throughout your computer. |
If you are lacking other necessary security measures and run without the Resident Shield, executing a contaminated file could cause malware to become established on your computer and adversely affect performance, cause loss/theft of personal information, cause your computer to become a "zombie" spam distributor, etc. etc. etc.
T
|
|
| Back to top |
|
|
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
| Posted: Sat Aug 12, 2006 12:26 am Post subject: |
|
|
Ya sorry i shoulda said all my questions are in regard to the resident shield.
Anyway I wouldn't say that i'am typically getting alerts and such but still the fact that i can't get the alerts to subside in the background is just a pain in the ass, id love for them to subside in the background matter of fact because it's easy enough to detect when the programs i use all the time are infected but when programs i dont even know i have exist on my computer and are launching these viruses i obviously don't care much for them so i have no problem just letting the resident shield subside in the background while it provents the programs from launching.
But what i really wanna know though is why the resident shield reports alerts after i've been running a couple of programs for about 30 minutes plus with out me opening anyothers. So now im really wondering if the resident shield is a bit on the slow side or if there's somethings i don't know of running in the background that's launching these viruses, that's possible isn't it? For example lets say im only running microsoft paint and hours into me running that program AVG tells me theres a virus shouldn't AVG of told me that when i first launched ms paint unless of course something i don't know of launched the virus.
Anyway the aboves all i need to know and then ill be outta your hair thanks though.
|
|
| Back to top |
|
|
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8517
|
| Posted: Sat Aug 12, 2006 1:02 pm Post subject: |
|
|
Hello Winxppwnz,
| Quote: | | But what i really wanna know though is why the resident shield reports alerts after i've been running a couple of programs for about 30 minutes plus with out me opening anyothers. So now im really wondering if the resident shield is a bit on the slow side or if there's somethings i don't know of running in the background that's launching these viruses, that's possible isn't it? |
1)Test your Resident Shield by downloading the Eicar.com test virus. Make sure that your Resident Shield is properly configured. With no other programs running, attempt to open the test virus. Note how AVG responds. Do not heal, delete, or send the test virus to the virus vault. If AVG does not provide an alert, check your Resident Shield configuration and again try to open Eicar.com. Repeat until AVG is properly configured and responding properly. Also attempt to scan the file manually from either the context menu or the selected areas test. Note how AVG responds.
2)Repeat the above with all programs running as you described above. Note any differences in AVG's response.
3)Next time you receive a non-test-virus-related Resident Shield alert, carefully and completely record the information on the alert dialog box. After closing the alert, attempt to open the contaminated file reported in the just closed alert and note AVG's response. Also attempt to scan the file manually from either the context menu or the selected areas test.
|
|
| Back to top |
|
|
AVGuser
Trooper
Joined: Jul 12, 2006
Posts: 10
Location: UK
|
| Posted: Mon Aug 14, 2006 8:12 am Post subject: Re: AVG problems and questions |
|
|
| Winxppwnz wrote: | Um i don't what else to say really besides when i get virus notifications from AVG they don't go away after i heal them i just get another AVG pop up followed by another AVG pop up followed by another. Now this really annoys me because when im using my computer i dont wanna be bothered by these pop ups that take precedence over the current program i am using, if im getting these pop ups i obviously need to clean my computer but i dont feel like dropping everything im doing booting into safe mode and then cleaning. Other than that id be fine if i could get AVG to put it's notifications in the background or if i could minimize them somehow until i feel like cleaning my computer. Is there anyway to do that?
In addition to that just what does AVG do when my 30 seconds to decide on what to do with the virus is up?
And lastly is the resident shield even worth running? It's not really a shield you know it doesn't protect you from viruses from outside, it just protects you from viruses already in your computer that are launched when other programs are launched. So basically it's just a thing that tells you when you have an infection of some sort.
Thanks id really like to learn how to use this thing |
The resident shield prevents execution of malicious files (if heuristically or sig file detected of course)so it PREVENTS infection and should be left running.Most AVs will allow malware (especially if they are within archives) to be written to your hard disk.However they are inert and pose no threat.When you unzip and then click the executable ,the shield will then stop the infection.Some avs can be set to scan within archives (.zip.rar etc) instantaneously,however this would slow your pc down considerably and most default av settings dont do this.I suspect if you are having multiple warnings that ,that they may be caused by web page scripts.AVG does not have on the fly http scanning capability that can detect such malware on the flyi.e before its written to hard drive...some like kaspersky and avast do ,however this also impacts on system performance.Having a good browser like opera or firefox (especially with no script extension) can help greatly stopping the ability of these type of web scripts running.If its programmes allready on your computer that frequently cause AVG to pop up warnings,then id strongly suggest scanning with another av to confirm any suspicions.Kaspersky has a good online scanner here....
http://www.kaspersky.com/virusscanner
(click free online scanner button at top not file scanner).It does need to active x to run though.Also remember after cleaning any viruses to switch on and off your system restore as any malware can be saved in a restore point and an av scanner would not be able to clean that as it is a protected storage folder.
ellison
|
|
| Back to top |
|
|
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
| Posted: Tue Aug 15, 2006 2:58 am Post subject: |
|
|
Well when i downloaded the test virus avg came up asking me if id like to ignore or heal the virus before it gains access to computer from the internet, not runs itself but just gets into my computer from the internet. However that leaves me wondering if the ignore button will just allow it on my computer or if the ignore button allows it on my computer and allows it to run itself as well. Do you know?
Now after he download when i start the virus windows tells me it can not acess the specified file, device, or path, and i may not have the appropriate permission to access it. And then the AVG notification comes up again and gives me the options healing, quarentining, and ignoring. Now since the virus is on my computer at this point clicking it should get the virus to run so than that means that pressing ignore in this situation should make the virus run correct? Allthough now i can't help but wonder what the x button does, you know the close the window button. Im guessing the x button just prevents the virus from running, it would make sense. Oh btw i didnt always get the "can not access...." message and instead i just got an AVG alert but i cant recall exactly what it said, chances are it was the same though.
I dont know how the test virus was suppose to answer my question about unknown things running in the background though without my premission but what you said in step three is something ill try when i get the chance.
But look plain and simple i dont like getting these notifications at all and i especially don't like it because it takes precedence over whatever the hell it is im doing on the computer at the time, playing a game, doing some hardcore schoolwork, or watching a movie. Its great to know that im infected but i whish there was just a way to not have these things take precedence over what im doing and silently block the virus from running without bothering me at all or without bothering me to the point that id mine it. And well even more importantly is there way i can view all viruses detected by AVGs resident shield, or at least all viruses prevented to run by the resident shield.
Thank you.
|
|
| Back to top |
|
|
AVGuser
Trooper
Joined: Jul 12, 2006
Posts: 10
Location: UK
|
| Posted: Tue Aug 15, 2006 7:48 am Post subject: |
|
|
when AVG detects the eicar virus ,it first of al denys access and pops up the choice screen,If you then click the ? button ou will see what the choices are and mean...
.................................................
Virus Detected By Resident Shield
This dialog informs you that a virus infected file has been detected while opening/closing/executing a file.
The name of the infected object is given in the dialog, and also the name of the virus including the detection level.
Click on Ignore to acknowledge existence of the file and keep it on the disk without any security measures. Access to the file will be denied and the dialog closed.
Click on Info to call up the dialog with information on the detected virus.
Click on Heal to heal the infected object. (In case the file itself is a virus, healing will delete the file.) This button is present only if it is possible to heal the object.
Click on Move to Vault to move the infected object to the AVG Virus Vault (safe virus quarantine) where you can manipulate it further (try to heal, restore, remove it etc.). This is a recommended action in case you are not sure what to do.
The Enable Access button is only present if the infected file resides within the System Volume Information folder which is by default not accessible to the user. Click on Enable Access to open the Windows System Properties window where you can turn off System Restore. (The System Restore tool uses the System Volume Information folder.) This will allow you to acces the System Volume Information folder and remove the infected file.
Please note that, if you want to use System Restore, you have to turn it on again after you have removed the infection! For further instructions on how to do that, please refer to the AVG for Windows Workstation User Manual.
........................................................................
As you can see choosing ignore will not allow it to run.That would be very dangerous for an AV to do.The event history log under
service tab records all events.The x button assumes youve chosen to ignore.The problem with the resident shield blocking something without any warnings silently is that it could block/influence a legetimate file i.e a false positive,and possibly cause (in a worst case scenario) a crash.Its best (imo) to be warned of an infection and try to prevent that in future.If you are getting continuous popups you are either infected ,surfing on sites that are prone to infecting,( a good script blocking app goes a long way stopping this),or avg is false positiving.
|
|
| Back to top |
|
|
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8517
|
| Posted: Tue Aug 15, 2006 2:31 pm Post subject: |
|
|
Hello Winxppwnz,
| Quote: | | But look plain and simple i dont like getting these notifications at all and i especially don't like it because it takes precedence over whatever the hell it is im doing on the computer at the time, playing a game, doing some hardcore schoolwork, or watching a movie. Its great to know that im infected but i whish there was just a way to not have these things take precedence over what im doing and silently block the virus from running without bothering me at all or without bothering me to the point that id ine it. And well even more importantly is there way i can view all viruses detected by AVGs resident shield, or at least all viruses prevented to run by the resident shield. |
1)You need to fix the problem. A virus detection is a non-routine event that should not be ignored. When your home's smoke detector goes off, you don't remove the battries so the alarm stops bothering you - you put out the fire. It's the same with a computer virus. You shouldn't be getting many Resident Shield alerts - people often go years betwen such events.
2)Several posts ago we told you :
What progress have you made working through the MRP?
| Quote: | | I dont know how the test virus was suppose to answer my question about unknown things running in the background though without my premission |
The test virus was recommended to help you understand how your AVG anti-virus program works so among other things you can answer your question "So now im really wondering if the resident shield is a bit on the slow side". We have explained to you how your program works and pointed out the specific language in the Help file that explains the same - neither approach seems to have worked. The test virus was supposed to help you understand by doing - i.e. by running the experiment.
| Quote: | | And well even more importantly is there way i can view all viruses detected by AVGs resident shield, or at least all viruses prevented to run by the resident shield. |
No. As previously mentioned, when AVG provides a Resident Shield alert, you should write down all the information for later use.
Your biggest problem appears to be that AVG doesn't work exactly how you would like it to work. Perhaps you should investigate other Anti-Virus programs in the hope that you might find one more to your liking. A number of AV programs are available through the CastleCops "Downloads" section. You can find other users' opinions on AV software in the CastleCops "Reviews" section and in specific AV product ("Norton Anti-Virus", etc) and the "Virus-Prevention" forums.
|
|
| Back to top |
|
|
AVGuser
Trooper
Joined: Jul 12, 2006
Posts: 10
Location: UK
|
| Posted: Tue Aug 15, 2006 3:49 pm Post subject: |
|
|
Hello ko27...
I agree with all that you have said ,except i was under the impression that the event history log does record resident shield detections...
.......................................................................
Event History Log
Dialog Event History Log contains information about all important events such as successful or unsuccessful update, Resident Shield detections etc.
Every event is described in the main area of the dialog:
- Date and time – precise date and time of the event occurrence, graphical indication of the event type (red icon - virus detected, yellow icon - update, white icon - information)
- Source – source/type of the event
- User – source machine of the event
- Event description – brief description of the occurred event
Press the Export Log button to save the Event History Log as a file (LOG or TXT).
Press the Delete Log button to wipe the Event History Log.
Press the Close button to close the dialog.
........................................................
I cannot confirm this personally ,as that particular function does not work on my pc.I havent really noticed it before until i looked today.I am in correspondence with AVG technical (probably the best professional support ive personally recieved from any av vendor)who have recieved diagnostics of my setup etc ,and am waiting as tests are being done.
avguser
|
|
| Back to top |
|
|
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
| Posted: Tue Aug 15, 2006 5:06 pm Post subject: |
|
|
[quote="k027"]Hello Winxppwnz,
| Quote: | | But look plain and simple i dont like getting these notifications at all and i especially don't like it because it takes precedence over whatever the hell it is im doing on the computer at the time, playing a game, doing some hardcore schoolwork, or watching a movie. Its great to know that im infected but i whish there was just a way to not have these things take precedence over what im doing and silently block the virus from running without bothering me at all or without bothering me to the point that id ine it. And well even more importantly is there way i can view all viruses detected by AVGs resident shield, or at least all viruses prevented to run by the resident shield. |
| k027 wrote: | | 1)You need to fix the problem. A virus detection is a non-routine event that should not be ignored. When your home's smoke detector goes off, you don't remove the battries so the alarm stops bothering you - you put out the fire. It's the same with a computer virus. You shouldn't be getting many Resident Shield alerts - people often go years betwen such events. |
Ive finished the MRP as i said before but i haven't been running the resident shield because of the confusion ive had. Next time i run an MRP though ill have the resident shield up afterwards. Allthough you now tell me that people can go years without viruses with proper maintenance which is i guess something i guess i wanted to hear all along. However if im correct the case is much different with spyware and adware even with proper maintenace. Spyware and adware get through things much easier right?
| k027 wrote: | | The test virus was recommended to help you understand how your AVG anti-virus program works so among other things you can answer your question "So now im really wondering if the resident shield is a bit on the slow side". We have explained to you how your program works and pointed out the specific language in the Help file that explains the same - neither approach seems to have worked. The test virus was supposed to help you understand by doing - i.e. by running the experiment. |
If i have a virus on my computer that i know about and downloaded myself though and can only launch myself, how is it suppose to act like a virus i do not know about did not download myself and can launch itself without my premission. Maybe im just not understanding or you dont understand this specific question. But it was: When i have no programs running or programs running for awhile without anyothers running how is AVG detecting viruses, is it detecting viruses that i dont know about on my computer that are capable of launching themselves with out my premission, or in the case that ive had trusted programs running for awhile is AVG just slow in noticing those trusted programs have infections?
That questions not so important anymore though because spyware and adware do just that so why can't viruses. And if AVGuser is right....well then he's right and i dont see any reason to keep coming back.
| k027 wrote: | | No. As previously mentioned, when AVG provides a Resident Shield alert, you should write down all the information for later use. |
Well i hope AVGuser is right then.
Hold on though when i get an AVG alert pressing the x button will act in the same way as just letting the alert count down, right? In other words it'll just prevent the virus from running. I don't believe that was in the help file section you gave me or in anything ive told you.
Thanks again though even if im pissing you off (which i haven't been trying to do) you seem to help anyway
|
|
| Back to top |
|
|
AVGuser
Trooper
Joined: Jul 12, 2006
Posts: 10
Location: UK
|
| Posted: Tue Aug 15, 2006 6:58 pm Post subject: |
|
|
Can you post a pic of the popups you are getting or check in the virus vault and tell us the name of the malware? .It is very hard to understand exactly what you are experiencing and why,without knowing the malware or the site that you may be getting them from.AVG is acting as it should and wont let you get infected (assuming heuristics and sigs detect it of course).If you have adware or spyware causing the popups and use AVG free...then it may not detect it ,as sigs are limited to the pro edition.To get back to the original comment about wanting the detected files to be deleted/healed silently via the resident shield....this is not possible (for good reason imo).
avguser
|
|
| Back to top |
|
|
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8517
|
| Posted: Tue Aug 15, 2006 9:36 pm Post subject: |
|
|
Hello Winxppwnz,
| Quote: | | Ive finished the MRP as i said before but i haven't been running the resident shield |
You need to verify whether working through the MRP fixed your problem. If not, you should continue to work through the remaining MRP tools.
Also note whether any of the MRP tools are identifying as being contaminated the same files identified by the AVG Resident Shield. If these files are not being cleaned by AVG and the MRP tools, you may have to consult the various anti-malware removal programs' pest data bases for manual removal instructions.
| AVGuser wrote: | | I agree with all that you have said ,except i was under the impression that the event history log does record resident shield detections |
That particular feature is not present on the AVG anti-vrus program installed on my computer.
|
|
| Back to top |
|
|
Winxppwnz
Corporal
Joined: Aug 02, 2006
Posts: 68
Location: USA
|
| Posted: Wed Aug 16, 2006 2:23 am Post subject: |
|
|
| k027 wrote: | You need to verify whether working through the MRP fixed your problem. If not, you should continue to work through the remaining MRP tools.
Also note whether any of the MRP tools are identifying as being contaminated the same files identified by the AVG Resident Shield. If these files are not being cleaned by AVG and the MRP tools, you may have to consult the various anti-malware removal programs' pest data bases for manual removal instructions. |
Uh well AVG didn't detect anything but Ewido and Avast detected the same thing and i had it quarintened but ya ill start running the shield now and if i get alerts ill do another MRP and maybe and HJT log and some deeper research if needed.
| k027 wrote: | | That particular feature is not present on the AVG anti-vrus program installed on my computer. |
Well i'll check mine really quick.
| AVGuser wrote: |
Event History Log
Dialog Event History Log contains information about all important events such as successful or unsuccessful update, Resident Shield detections etc.
Every event is described in the main area of the dialog:
- Date and time – precise date and time of the event occurrence, graphical indication of the event type (red icon - virus detected, yellow icon - update, white icon - information)
- Source – source/type of the event
- User – source machine of the event
- Event description – brief description of the occurred event
Press the Export Log button to save the Event History Log as a file (LOG or TXT).
Press the Delete Log button to wipe the Event History Log.
Press the Close button to close the dialog.
........................................................
I cannot confirm this personally ,as that particular function does not work on my pc.I havent really noticed it before until i looked today.I am in correspondence with AVG technical (probably the best professional support ive personally recieved from any av vendor)who have recieved diagnostics of my setup etc ,and am waiting as tests are being done.
avguser |
Ahh goshdarnit i have an event history log but it's not showing anything. Maybe because nothings happened for the day, but ill check again when something does happen.
| AVGuser wrote: | Can you post a pic of the popups you are getting or check in the virus vault and tell us the name of the malware? .It is very hard to understand exactly what you are experiencing and why,without knowing the malware or the site that you may be getting them from.AVG is acting as it should and wont let you get infected (assuming heuristics and sigs detect it of course).If you have adware or spyware causing the popups and use AVG free...then it may not detect it ,as sigs are limited to the pro edition.To get back to the original comment about wanting the detected files to be deleted/healed silently via the resident shield....this is not possible (for good reason imo).
avguser |
Uh well the pop ups i got were before the MRP and i have no info on them but ill be running the shield again so if anything happens again you needn't worry cause ill probably be doing an MRP and taking it to the pros.
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
