In my eagerness to prep my machine for PR 1.0, I somehow ended up getting a bunch of toolbars installed, my browser homepage modified, and my antivirus permanently disabled. Fortunately, I was planning to pave over my machine anyway; unfortunately I have no clue how I ended up getting infected, and I'd like to know. Any tips are appreciated. My only leads so far are that these are the actions I performed prior to symptoms appearing:
- install Free Download Manager for torrent support and downloaded 1.0 preload, seeding overnight (never had any problems with this in the past, was featured in lifehacker hive-five)
- install and run magic jellybean for win7 key recovery (also never had problems with this, also lifehacker-endorsed)
- unzip 1.0 preload for upload to skydrive in chunks using existing 7-zip installation
- observe machine rapidly decay into chaos
After isolating the machine, the only lead I found was an "entrusted11 toolbar" application.
The only options I see are:
- FDM download page was owned and malware inserted
- MJB download page was owned and malware inserted
- PR 1.0 preload torrent was owned and malware inserted
In anticipation of likely first responses, yes, I did verify that FDM and MJB source servers were legit URLs, and yes, I got the 1.0 torrent info directly from the forum announcement.
