I recently got infected with what I believe is called the Virtumonde trojan. 2 files get installed in C:\Program Files\Common Files\System. 1. D_4362.dll which is installed as a Browser Helper Object in IE. 2. svchost.exe (not the real one) which appends itself to the Shell value in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon after explorer.exe. The effect of these files is to redirect any Google search results to other Web Sites. NOD32 real-time file system protection and web-access protection didn't detect them being installed. A manual scan of these files also does not detect any malware. I have manually submitted these files to Eset for analysis.