Ok, I wanted to watch a video. It said I had to download an addon. I downloaded it, Video still didn’t work. I Just left it on my desktop. Later I moved it to my games folder, The avast found it (Coincidence?) The exact time on Moving it. Then I pressed move to chest. It moved successfully, But when I went to my games folder, It was gone (Is it meant to that? Anyway…) Now, Whenever I open anything in my C:\ drive, The following picture (Attached) Appears and I have no idea how to get rid of it. This only started happening when Avast found it…(???) I believe this may be the effect of the virus, Or is it some computer program, When the site opened of the free scan, My WOT (Firefox Add-On, Web Of Trust) Said it was a dangerous site… I have no idea what to do, I really don’t want this message appearing. This site opened automatically, If I press yes on this message, It has the file ie-av.exe - Do I download this?, Oh just pressed no and then The dangerous site opens…
Other non related problems I have trouble with. When I Start my computer and get to the desktop, A message saying that my Java Virtual machine is corrupt or missing… I Had not modified this nor know how to, Anywhere to get this back…?
I haven’t got it yet, I was unsure of it. So I awaited responses. Now, How do I actually remove this message (Or whatever it is)? Do I delete the virus from the chest?
As you know the file which stored in Chest is safe to be there and about removing the message I have no idea or maybe you can try using combofix to remove it? Or make a hijackthis log and post here.
You can get it from filehippo http://www.filehippo.com/download_hijackthis/
Choose ‘do a scan and save a logfile’ then copy and paste the log.
If this is IE.Antivirus.exe, you could try Malwarebytes anti malware,as this is supposed to be able to get rid of it.I would post the log from that program too,and let one of the experts look at it. http://www.malwarebytes.org/mbam.php
```
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:23 PM, on 8/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
RogueRemover is a utility that can remove various rogue antispyware, antivirus and hard drive cleaning utilities. Rogue applications are applications that rather than remove spyware, provide false positives, distribute malware or spyware, advertise, or provide useless uninstallers. The main point is that rogue applications are useless and eat up system resources.
According to previx O2 - BHO: Gold Manager - {D26AAB3B-B0DD-456C-A7E5-4DA9565FD6EE} - C:\WINDOWS\system32\GOLDMA~1.DLL
is bad.http://spywaredlls.prevx.com/RRBJGI44950667/GOLDMA~1.DLL.html
Although DO NOT delete on my say so.Have you done a boot time scan with avast,or run either of the malwarebytes programs.
Avast detected it as that normal screen with the siren, It was adware - I presed Chest, Then it said it couldn’t because it was being used then I pressed retry and now it’s not appearing… :-\