Malware, Trojan Alureon and others...

Also wanted to let you know that Avira found two viruses so far:

1) TR/Vundo.Gen
2) Recognition pattern of the HTML/Crypted.Gen HTML script virus

GooredFix v1.92 by jpshortstuff
Log created at 19:25 on 27/04/2009 running Option #1 (ChristinaB)
Firefox version 3.0.9 (en-US)

=====Suspect Goored Entries=====

C:\Program Files\Mozilla Firefox\extensions\{DE4AAE25-999B-4A13-9110-72B8384E1427}

C:\Program Files\Mozilla Firefox\extensions\{B6301458-0FE2-40F1-BAC4-67DCEE0CCE51}

C:\Program Files\Mozilla Firefox\extensions\{72838649-3477-48EB-9882-AA6470701B36}

C:\Program Files\Mozilla Firefox\extensions\{1793F2AD-B6D1-4590-B4BA-D1FCBD984122}

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff"

Please double-click GooredFix.exe on your Desktop to run it. Select 2. Fix Goored by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point. Type y at the prompt and press Enter again. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).

GooredFix v1.92 by jpshortstuff
Log created at 09:52 on 28/04/2009 running Option #2 (ChristinaB)
Firefox version 3.0.9 (en-US)

=====Goored Deletions=====
C:\Program Files\Mozilla Firefox\extensions\{DE4AAE25-999B-4A13-9110-72B8384E1427}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.
C:\Program Files\Mozilla Firefox\extensions\{B6301458-0FE2-40F1-BAC4-67DCEE0CCE51}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.
C:\Program Files\Mozilla Firefox\extensions\{72838649-3477-48EB-9882-AA6470701B36}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.
C:\Program Files\Mozilla Firefox\extensions\{1793F2AD-B6D1-4590-B4BA-D1FCBD984122}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.9\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff"

Hello.
The Google redirect/hijacks should stop now.

Click Start >> Run and then copy/paste the following into the box and hit Enter:
"%userprofile%\Desktop\GooredFix.exe" /uninstall
note the space between " /
If any of your security programs query a new Registry/AutoStart value being added please allow the changes.

Ok, all done. How about those other two issues that Avira found? I put them into quarantine, should I just delete them? Thanks.

1) TR/Vundo.Gen
2) Recognition pattern of the HTML/Crypted.Gen HTML script virus

Quarantine/delete, either way, they are probably leftovers.

Remember logs won't show EVERY file of an infection, logs only check for created files within a months time. Anything later than a month won't show.