invaded by frethog

The virus is not limited to infecting your computer from online gaming sites; fortunately, there are several different tools available that will get rid of it if you do not get help from the AV site.
Windows software, while certainly not above reproach for many reasons glutted code as it is, suffers also from its dominant presence on the internet that makes it the first target for anyone with malicious purposes.

well i guess my question is, how did it get past avira in the first place? and i had the superspy thing too, and its malfunction was what got me into action.

what was happening was that in sites i frequent most, which have signons, like this forum, i was unable to log out because i would get the screen telling me 'firefox cant locate the server'. and then yahoo wouldnt let me sign into email, and i got thrown out over and over, etc. i thought it was a browser issue at first. and of course everything started going really slow, which isnt that uncommon for me either with the mickey mouse connection i have.

so i uninstalled the superspy, then avira said it was misconfigured and to uninstall and reinstall which didnt work, so that is how i got into the forum. it was only on a chance remark that i made about thinking i was invaded by malware that they told me to download Malwarbytes, and that is what found it.

i am hoping to be rid of it soon, but the issue remains where did it come from and why did avira not stop it-i had been updating regularly. it isnt a new thing anyway.

and what should i do now, change all my passwords? yes, i know i am a real dummy, i kept my logins on my pc in a spreadsheet doc. but i figured that they could pick them up anyway if anybody wanted them. are they going to set up a new bank account using my info and transfer all my money into it?

i suppose i shouldnt have any important personal information in the computer at all, but it would be real inconvenient to have to always get out a flash drive or cd to access those things. identity theft...hehehe, i always used to laugh at that. good thing i dont need credit any more and good thing i dont have any credit cards.

so if salima posts on this forum and sounds really out of character, it might not be me!

edit note: it is me if i start typing u instead of i and o instead of i because the letters on my keyboard are wearing off ...also b n and m are really faint. the whole top line is almost gone! i never did learn to type by touch, i always look at the keys...

---------- Post added 04-25-2010 at 07:41 PM ----------

you know i know people who use macs and linux and they dont even use any antivirus software-they never had any problems!

Without knowing precisely what "superspy" refers to, that could be the cause of the problem, because there are malware using variations of the name. Many Anti-viruses do not catch "spyware" because they do not look for it (the definition of spyware is very subjective, whilst viruses is not).
Your first step is to make sure your computer is completely clean,
then change your passwords if you think the original ones are compromised.
As you perhaps remember, I help moderate a very well-respected computer information site that specialises in helping its Members rid themselves of malware without any kind of charge. It has a well-trained volunteer malware removal team that uses certain logs to find infections and then help the user to remove everything found in them.
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

thanks john, no i didnt know about that site, i will add it to my bookmarks.

at the moment, the clean uninstall finally worked, so i am trying to download avira to reinstall. this whole thing is a little scary, doing what someone advises from a forum-
but at least the only deadly looking things i used were called avira.

superspy was a malware spyware detection thing which you recommended before. i had installed it when i installed avira in the first place, and it must have gotten corrupted by the frethog because it wouldnt run when i tried to use it as i have been doing periodically, then i had to delete it, and that is when avira gave me a message that it couldnt run because it was misconfigured, and the whole nightmare began.

but i was very happy with the help i got from their support forum. so far, anyway...

but even though things moved faster since i used their malware removal tool, the one the fellow suggested (Malwarebytes Anti-Malware) there are strange things-like how did my clock change by itself? if i look at the date time setting, it is set to show 12 hour time, but on the bar on the bottom of my browser it shows 24 hour time.

also as of now i see i cant download the avira, something is stuck. so try again...

SuperAntispyware is a recognised tool for protecting your computer, but it might not find 100 percent of the malware residing on your hard drive.
I know that many of BC's Malware team regularly use Malwarebytes as a tool in helping disinfect computers, so you might want to give it a shot.

From what you are telling me, though, about some of the other problems that are happening, it might be the result of more than one infection, or of a mistake you made in trying to fix it (I know from my own experience that sometimes one makes tiny mistakes that lead to major problems). It would not hurt to have a very experienced person help you get everything right again.

i can only hope the person on the avira forum is very experienced! i dont do anything on my own, but taking advice from an idiot would be just as bad. taking it to a shop here would be even worse though. there is always the option of getting the whole thing emptied out and start over.

yes, it was the malwarebytes that they told me to use which detected the frethog and quarantined it. only after that was i able to properly uninstall the whole antivir program.

by the way, is philforum running really really slow right now for you?

hi john-
finally got avira downloaded and installed properly, but the updater doesnt work. i saw a lot of threads that showed other people were having problems with it, and they have a manual update which requires another download, so i guess i will be up until 1 a.m. again tonight trying that. otherwise, i have to find someone to do it for me on a speedy machine.

ever heard of comodo firewall? they recommend me to get that. they also had me copy and post logs before they told me what to do.

---------- Post added 04-27-2010 at 04:25 PM ----------

i was looking over that site you mentioned, and i am going to look into other reasons for the computer to run slow-i can do as much of that as possible before having anyone clean it professionally. they mentioned using ccleaner, which is one of the things i downloaded to use in the frethog nightmare.

I have used Comodo in the past, and found it very good; there are many free firewalls that are better than the one provided by Microsoft, since they will check outgoing as well as incoming packets, while MS will check only incoming.

Computer cleaners, such as CC are very powerful applications, and unless you are relatively knowledgeable about computers and willing to investigate every item they recommend for deletion, you can mistakenly delete things essential to operating your computer or needed applications. The supposed benefits in speed they provide are far outweighed by the potential for harm they can do. AVOID THEM LIKE THE PLAGUE!

You will find a basic slow computer checklist pinned in several topics there (written by a very clever person who shall remain anonymous); some of the steps you most likely have done, but there are others you might not know about. Having a layered software protection and doing routine file maintenance are essential to keeping your computer running well.

Professionals will usually ask that people they are helping provide various logs as diagnostic tools; these allow a review of everything that could be potentially harmful on your hard drive. Remember, though, that if you do elect to provide logs, that some patience is required since the number of people needing assistance is always far greater than the number of people qualified to provide it.

i think there is a backup of what cc did to the registry, so if there comes a problem it can be looked into. the other thing they had me using was hijack, which i am not sure what it does. then they have their own avira registry cleaner which as far as i could tell was finding and removing only its own leftover pieces after the uninstall. altogether very interesting, really.

yes, i saw the page about the slow browser, i am going to check that out. some of it looks too complicated for me, but i will do what i can.

HijackThis! is a diagnostic tool that produces a log of malware entries, but is somewhat outdated. I am not sure that CC automatically backs up the registry beforehand, so be sure to do so before using it, although I urge you not to muck around with registry changes, especially if you are not using specialised applications or foreign applications (it will not be able to handle their entries correctly).

If you have questions about the steps in my "slow computer checklist" please don't hesitate to PM me.

well, at last the update works. strangely enough, i had to change something in antivir about proxy settings-i dont know yet if it will autoupdate now, but it ran once at least.

the other thing is it was giving me a warning about using an administrator account-and yet there was nothing checked off in the configuration. i thought that was odd.

do you feel it is unsafe to work in admin account? there are two accounts, and i could make one admin and one not, and use the one that is not all the time where all my folders are stored. then if i have to play around with stuff like removing malware and spyware i can sign in on the admin account, though i wont have access to anything in the other account. i think i would have access to anything i would need, right?

i am so relieved now that thing is gone and antivir is back-but a little paranoid that there still might be something in there somewhere. i will look into the steps for speeding up the browser in a day or two-and thanks for the offer of help, i will probably need it. the funny thing is, i remember now that antivir used to have a slideup telling me when updates were done, and it stopped a loooong time ago-i didnt realize that until now. so that must be how the frethog got in-even though it is an old thing, maybe it can rewrite itself and still get a foothold.

i am convinced the next war will not be nuclear or biological, it will be fought in cyberspace. imagine disabling the computers of a whole country, includes the military of course, economy and transportation, i should think everything could come to a standstill real fast.