Hi malware experts,
A couple of weeks ago my machine managed to contract Virtumonde. Spybot found it, and I thought it had fixed it, but things got messed up and I ended up re-installing Windows XP (not re-formatting the drive, just re-installing Windows over the existing installation).
Firefox is now still re-directing links, though Spybot seems not to be detecting any malware.
On the advice of several other threads here I DLed and ran Goored.exe, which gives the following log file:
GooredFix v1.92 by jpshortstuff
Log created at 21:34 on 27/04/2009 running Option #1 (Jordan)
Firefox version 3.0.10 (en-US)
=====Suspect Goored Entries=====
C:\Program Files\Mozilla Firefox\extensions\{FC3F3D2E-3D12-4B1B-ABA6-1C8D147538F4}
C:\Program Files\Mozilla Firefox\extensions\{F4B69F1A-E106-4E65-9EAC-87EB6F4B9E55}
C:\Program Files\Mozilla Firefox\extensions\{BAA8552A-EF5B-48B1-AE59-875512122F00}
C:\Program Files\Mozilla Firefox\extensions\{B8558E8C-872E-4CAD-B882-7657AB551B9A}
C:\Program Files\Mozilla Firefox\extensions\{A313C5BF-1E66-48DD-AB09-412E65A9E0BD}
C:\Program Files\Mozilla Firefox\extensions\{A1E3E976-79AD-484C-B7E7-5A57FC31E75B}
C:\Program Files\Mozilla Firefox\extensions\{96EC986A-43B1-4688-91A5-BA8366552E31}
C:\Program Files\Mozilla Firefox\extensions\{6A1A26F3-E35A-4D4D-9963-4AA1D16A4AF4}
C:\Program Files\Mozilla Firefox\extensions\{65B977A9-9E41-4BC0-B58D-529BB5C8E930}
C:\Program Files\Mozilla Firefox\extensions\{46E12999-66C5-43BB-8C60-867FE4AE9CA0}
C:\Program Files\Mozilla Firefox\extensions\{3EF098FD-9332-4B09-B99C-CC3E4A52A823}
C:\Program Files\Mozilla Firefox\extensions\{3E4308E2-495B-4D82-9FA8-E7B71F4CC431}
C:\Program Files\Mozilla Firefox\extensions\{1E12D67B-D47B-446E-993B-E4F58A97D499}
C:\Program Files\Mozilla Firefox\extensions\{16C9BA60-A6A4-4522-AF8A-3AED15DBB96E}
C:\Program Files\Mozilla Firefox\extensions\{0980978C-8D90-41D5-9D3D-11C76D7BA576}
=====Dumping Registry Values=====
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.10\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.10\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{3f963a5b-e555-4543-90e2-c3908898db71}"="C:\Program Files\AVG\AVG8\Firefox"
Thanks very much in advance for your assistance...
JordanW