I helped a relative get FIOS installed. The installer asked if I wanted the software installed, and then made a plug for their in-home agent software. I thought having in-home agent would be useful, so I let him install the software package. Well, it installed more than just the in-home agent. It also installed a toolbar into IE8, and adware on the machine!
At least, I think that it is adware on the machine.
One of the first tasks we did, was to go to the DOT site for our state. When at that site, there was an overlay frame for a Verizon FIOS triple-play package. I can only presume that it was injected into the page code somehow, as gov't web sites generally do not run commercial ads, and this ad was just hovering over the page.
I have seen Netzero do similar things with their client software.
So, is this machine now compromised? Should I flatten and re-build it? I am also concerned about VZ installing compromised root certs, that will allow them to sniff SSL traffic. How likely is this, given the current environment with wiretapping the internet, etc.?
Edit: On one of the pages on the DOT site, in Waterfox 18.01, I got an SSL error page. Worked fine in IE8. That's why I suspect root cert tampering.
»www.massrmv.com/rmv/titles/6dup. ··· 6dup.htm
Maybe I'm wrong about the ad injection. That page does appear to have banner ads.
I'm using Waterfox 16.01 on this laptop, and I don't get any cert/SSL errors when I click on Duplicate Title Online.