Error Threat - HELP

[PattiChati]

As of today, I am constantly getting a popup from the Internet Protection Firewall Alert saying I have serious threats and I keep saying "ignore". Is this something serious? They say do you want to protect and get rid of the viruses and then they want me to buy something and I say no. But the popup still happen about every 2 minutes and it says JEMonster is found.
I did run Super anitspyware yesterday, but that is all I've done. It did remove stuff from the registry.
Can anyone help - I can't even use the comptuer

 

[PattiChati]

I use Windows 7 and Firefox

 

[Archmage]

Hi.

If you don´t have, install Microsoft Security Essentials, update it, and make a full scan.

Later, install Malwarebytes, and do the same. Post the Malwarebytes log here, so we can take a look and give more advice.

 

[Mike Connor]

As of today, I am constantly getting a popup from the Internet Protection Firewall Alert saying I have serious threats and I keep saying "ignore". Is this something serious? They say do you want to protect and get rid of the viruses and then they want me to buy something and I say no. But the popup still happen about every 2 minutes and it says JEMonster is found.
I did run Super anitspyware yesterday, but that is all I've done. It did remove stuff from the registry.
Can anyone help - I can't even use the comptuer

First, you need to make sure Malware is not affecting your system. Download this,

http://www.filehippo.com/download_malwarebytes_anti_malware/

install it, update the database and run a FULL scan.

If it finds anything, post the log here.

Regards....Mike Connor

First, you need to make sure Malware is not affecting your system. Download this,

Download Malwarebytes Anti-Malware 1.50.1 - FileHippo.com

install it, update the database and run a FULL scan.

If it finds anything, post the log here.

Regards....Mike Connor

 

[PattiChati]

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 6458

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

4/27/2011 12:54:47 PM
mbam-log-2011-04-27 (12-54-36).txt

Scan type: Quick scan
Objects scanned: 141729
Time elapsed: 1 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ed65445c-1849-45d4-9e9b-cde972b74a64 (Trojan.FakeAlertP.Gen) -> Value: ed65445c-1849-45d4-9e9b-cde972b74a64 -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Patty\downloads\couponalert.exe (Adware.FunWeb) -> No action taken.
c:\programdata\ed65445c-1849-45d4-9e9b-cde972b74a64.dat (Trojan.FakeAlertP.Gen) -> No action taken.

 

[Archmage]

Ok... this "Trojan.FakeAlertP" probably is the guy that is giving you trouble.

Use Malwarebytes to remove all the infections, and test to see if the problem go away.

And keep us informed.

 

[Britton30]

c:\programdata\ed65445c-1849-45d4-9e9b-cde972b74a64.dat (Trojan.FakeAlertP.Gen) -> No action taken.

This is what is causing your "Warning" message. Did you choose to take no action? There is a setting within Malwarebytes to automatically remove infections. Set that. This is a trojan which tells you you have an infection, which is partly true, the FakeAlertP.Gen IS the infection. It wants you to pay money for a removal tool which does nothing.

If this fails go toSystem Restore to some time before the error showed up. However the restore point may have the trojan as well. you can try to Boot Safe Mode and run the scan again to remove it. Method two is the easiest and will only effect the next boot.
Please post back with results.
Gary
EDIT: If you have a Coupon program installed remove it. From your log it should be in your Downloads folder. Many of these will install other programs without your consent or knowledge.

 

[Layback Bear]

A little read.
Adware.Funweb

 

[Britton30]

Here are the settings you should use for MalwareBytes' scanner, and check to do a FULL scan.
View attachment 151530

 

[PattiChati]

I ran malware again and that has seemed to do the trick - at least for now. Thanks.

 

[Archmage]

You´re welcome. If you have another related problems, just keep us informed.

We´re glad to help.

 

[PattiChati]

That virus threat went away, but now my computer seems slow and jerky - does that make sense?

 

[Britton30]

That virus threat went away, but now my computer seems slow and jerky - does that make sense?

Yes, you may still have some malware. did you try my previous ideas? What specifically is "slow and jerky?"

 

[PattiChati]

Do you mean starting it in safe mode? I didn't do that since the malware scan took it away.
By jerky I mean screens will pop up when I didn't want them to and then it goes to the screen I wanted. It also is slow. I go to open an email and it gives me the word "loading" which I haven't had. But besides that, I can use my computer again.

 

[Britton30]

screens popping up when you don't want them to...you may still have infection. The fake alert types are notorious for reloading and hiding frome scans. Try the Safe Mode approach, uninstall software you don't use, reboot and then defrag.
The "loading" in your email sounds more like a connection problem rather than your PC. Yahoo has the loading problem often.