OS: Windows XP Pro SP3 and all current updates.
I have managed to pick up some malware that is injecting JavaScript onto the search results pages for Google and Bing in Chrome/FF/IE such that links appear correct but when clicked take me to other pages. I am able to copy the links from the search page into a new tab and get to the correct pages and I have not noticed any other evil behavior such as popups, sites blocked, or software failing to install/run.
I believe I became infected when MSE detected Win32/Pdfjsc.CV even though I removed it when I got the alert. I now wonder if the alert was a fake and clicking it opened me up to the attack, but I have verified that MSE did indeed detect and remove the trojan. I have reviewed my installed apps and services for any obvious items to remove (I found nothing). I used ccleaner to clean out all my temp files and clean my registry. I have performed complete scans with MBAM, SAS, SBSD, and AdAware. I am still infected.
Please let me know my next steps to resolve this.
Thanks.
-andre.
Back to top
