Today, I was infected with the "AV Security Suite" malware. I believe it was this evening after viewing some links on digg.com (news aggregation site) using internet explorer. On one particular site, I noticed a Java 6 splash screen come up. I have Java 6 EE installed on my computer, but the app server (Glassfish) was not running.
About one minute after the splash screen, I noticed the "AV Security Suite" notification in my taskbar, attempting me to click a link in the tool. It also hijacked my IE proxy settings. The file msvcr71.dll under my Glassfish directory was compromised and had to be deleted.
I have successfully cleared the malware, but my question is this:
How did I become infected in the first place?
I am running Windows 7 64 bit, Windows Firewall (and behind a personal firewall), Windows Defender, Ad-Aware, and AVast, all were up to date. I did not install any application in the past week, I am very careful as to what I download and run. It is not from attachments from any of my emails (I believe), and my IE security settings are fairly high, with a few settings that I had to make for Citrix to work (I can't recall exactly which settings).
My inclination is that this is due to an incorrect browser setting which I am hoping to fix to prevent this from happening again.
For most of my browsing, I do use Firefox with Ad-Block Plus and other add-ons. Occasionally, I do need to use IE for business sites that only work under IE, and this time I was unfortunate to use it to do other browsing.