According to Webroot threat manager Andrew Brandt, back in September, he posted an item about a dropper known as Trojan-Dropper-Headshot.
This malware, he says, delivers everything including the kitchen sink when it infects your system, and has a large number of payloads, any of which on their own constitute a serious problem.
"All together, they're a nightmare", he says, adding that, amongst the payloads, his research team has seen the malware drop downloaders (Trojan-Agent-TDSS and Trojan-Downloader-Ncahp, aka Bubnix), adware (Virtumonde, Street-Ads, and Sky-banners), keyloggers (Zbot and LDpinch), clickfraud Trojans (Trojan-Clicker-Vesloruki and at least three other generic clickers), and a Rogue AV called Antivir Solution Pro.
"So this is one nasty beast that has no qualms about using the shotgun approach to malware infections", he explained in his security blog.
Brandt went on to say that his research team has also noticed that the malware has added yet another intriguing installer to its panoply of pests: a small executable named seupd.exe (search engine updater?) that makes two minor (but obnoxious) modifications to Firefox.
"The result of these modifications changes the behaviour of Firefox's search bar, the small box that lets you send queries directly to search engines, located to the right of the Address Bar", he says.
Brandt adds that the new modifications are not immediately apparent unless you try to search Google for something, using either the Search Box or the Address Bar.
Instead of sending your search to Google, the browser submits search queries to one of six different domains not owned by Google, but which appear to use the Google API to provide results.
"And, presumably, earn a little ad revenue on the side," he says.