Still have malware

By Martini
Jan 10, 2009
  1. Last week I started this thread and Bobbye was nice enough to help rid junk from my PC. I have been very careful to only visit trusted sites and not open unknown emails since then, but my Google searches have been hi-jacked. For instance, I Googled "USAA" and the first hit was for the USAA web-site, but when clicking on it I was re-directed to the following site:
    Once I hit hit back button and clicked the link again, I was directed to the real USAA site.

    I ran Avira to see if I was infected with anything and I had two infections.

    I then completed the rest of the 8 steps and the Google re-direct is still occurring (Malwarebytes' Anti-Malware and SuperAntiSpyware came back clean).. Below are my logs. Any help would be appreciated.
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Automated removal tool for this:

    Instructions for this tool are:
    - Double-click GooredFix.exe on your Desktop (Note: If you are using Vista right-click GooredFix and select Run As Administrator...)
    - Select Option#1 - Find Goored (no fix), by typing 1 and pressing Enter
    - A logfile should popup shortly.

    - Take a look at the section "Suspect Goored Entries". There should be an entry there with a random string of numbers and letters enclosed in {} (example: {ABB56C42-1843-46EF-A93E-482DE0F5B5AA}), that shows a folder in C:\Documents and Settings\<your name>\Local Settings\Application Data\{the same random numbers and letters}.

    - If this entry is present, and if there are no other entries in the "Suspect Goored Entries" section, then do the following:
    - Close all Windows and Browsers, especially any Firefox Windows.
    - Double-click GooredFix.exe on your Desktop (Note: If you are using Vista right-click GooredFix and select Run As Administrator...)
    - Select Option#2 - Fix Goored by typing 2 and pressing Enter.
    - At the prompt, type y and press Enter.
    - GooredFix will now remove the infection, and a new log will popup. Please proceed to Step 2.

    Step 2 is just to post a HJT log to ensure nothing else has cropped up on the system now that you have removed the main source of the infection.
  3. Martini

    Martini TS Rookie Topic Starter Posts: 18

    Thanks, kimsland. There was one entry and I removed it. New HJT log attached.
  4. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    A quick look
    I cannot see any malware ;)
  5. britbrat87

    britbrat87 TS Rookie Posts: 16 still not removed

    Im having the same problem( I followed the instructions posted , but when i opened the first log, there was nothing under "Suspect Goored Entries" so STILL ,everytime I click on a link in google, im redirected to several different search engines (including What other options do i have?
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...