dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
445
share rss forum feed


Okap1

@optonline.net

Downloaders/Clickbots & AV's

Had 3 infections by the above. Noticed PC slow to a crawl.. Svchost usage high.
The 3 infections were experienced with 3 different AV's ( not simultaneously, of course)- Norton, Avast, Windows Defender. Twice on Win 7 & once on Win 8.

Only Avast sent repeated popup warnings that pc is trying to connect to dangerous sites. Why were other AV's silent?

On a side note, I was told that Avast has been known to corrupt the registry. ANY truth to that?



Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN

1 recommendation

Sounds like perhaps you should modify your habits.

The popup warnings are simply a difference in how the software functions. You can probably stop Avast! from doing it if you wanted.

I've been using Avast for years and haven't had any registry corruption issues.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein



therube

join:2004-11-11
Randallstown, MD
reply to Okap1

> Downloaders/Clickbots

What does that mean?

Expand your moderator at work


okap1

@optonline.net

1 edit
reply to therube

Re: Downloaders/Clickbots & AV's

I mean, as a novice, the popups gave e a heads up as to what the problem was. I don't want to disable them...Why wouldn't the other AV's give me a clue?



okap1

@verizon.net
reply to therube

> Downloaders/Clickbots

What does that mean?
------------------------------------------------

From Emsisoft blog:

... A downloader is exactly what it sounds like: a program that is placed on your computer to download malicious content from the web. The Blackbeard downloader makes your computer download the malicious clickbot Pigeon. A clickbot is a program designed to turn your computer into a PPC ad clicking robot.

What's PPC? Say you have a website, and it contains ads for other companies. In a Pay-Per-Click (PPC) advertising model, you would get paid a few cents by those other companies every time someone came to your site and clicked on one of their ads.

A clickbot takes advantage of the PPC ad model by a hijacking a computer and making it click on an ad a few thousand times. People who create clickbots use them to direct computers to ads on websites they own, so they can get paid....



HA Nut
Premium
join:2004-05-13
USA

1 recommendation

reply to Okap1

Antivirus programs can't be relied on for 100% protection. None exist that can.

IMO, PC security takes a multi-layered approach. And, users must be a part of that. If they aren't, sooner or later, infections will happen.

I've used Avast a lot over the years. In general, I've been happy. But of any of the issues I've had, registry corruption was never one of them.


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
reply to Okap1

Warning about "trying to connect to dangerous sites" sounds like the responsibility of a firewall (and one that is armed with a blacklist of sites) rather than an anti-virus system.

So, you may just be suffering from expecting something that bills itself as solely anti-virus to exhibit firewall behaviour.



Chubbzie

join:2014-02-11
Greenville, NC
reply to Okap1

I've also used Avast for years and never had any registry issues. Generally speaking, infections like the one you described are best cleaned via a bootable AV (at least in my experiences). This article describes a few of the bootable rescue AVs: Five Bootable Antivirus Rescue CD's

Sometimes various AVs cannot identify an infection (or completely clean) due to how the virus/malware inter-operates within the OS/memory/filesystem. Using the bootable solutions often sidesteps this problem by completely avoiding the host OS.



okap1

@optonline.net
reply to dave

reply to Okap1

Warning about "trying to connect to dangerous sites" sounds like the responsibility of a firewall (and one that is armed with a blacklist of sites) rather than an anti-virus system.

So, you may just be suffering from expecting something that bills itself as solely anti-virus to exhibit firewall behaviour.

============================================
Funny thing is, Avast free gave warnings without a firewall but NIS did not. Why did NIS drop the ball?



DownTheShore
Mr. Putin, meet SEAL Team 6
Premium
join:2003-12-02
Beautiful NJ
kudos:13
Reviews:
·Verizon Online DSL

Because NIS's cloud community of users haven't reported those sites as in need of warnings perhaps? Or the Norton folks who create the automatic firewall rules have actually checked those sites? Avast might be using a different methodology. It's only a matter of "dropping the ball" if NIS is configured to give warnings, the site is truly dangerous to begin with, and no warning is given. Note that with NIS, actions that would fall into the "parental controls" category are not automatically enabled, which allows greater access unless changed.



TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
reply to Okap1

Sounds like you need to read the instructions here -»Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance
And post in here with the needed logs - »Security Cleanup
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010