I don't know. I have windows security essential installed and running. Using IE9. Yet I browsed to a web site via google that had the picture of a flower. Next thing I know "win 7 antivirus 2011" has taken over my PC. Could not open new tabs in IE9. It replaced ms security essentials. I am running as a user account. how does it do what it did? I got rid of it by killing a few processes. But I have not rebooted since, so probably it is going to start running again. I have Java on the PC and I think I saw something about Java when I clicked on the images in IE9. I can certainly see why people don't want to run Windows if your PC can be hijacked like that.
Java is certainly one possible way in. However if you're running as a non-admin user account it should not have been able to have global affects, even as an admin user account you should have seen the UAC prompt.
Java is certainly one possible way in.
Not without a p12 cert. You have to jarsign it. It would have asked him if he trusts the signer first.
If they jarsign it, you can track it down to the publisher through the certificate authority.
The Java JRE has the same root certificates as IE and Windows.
@beerinbelgium:Or you use one of the common java exploits to get past that anyway. Or use an old version of flash, or Reader, or a myriad of other browser plugins. Heck Adobe plugins are now being more commonly targeted than browsers themselves.
Post the flower link and let's see if it can screw-up beer's computer.
@JoshRoss: I'll get on the Mac, lets see if it can screw that up.
Can I tryt the link as well. I am kind of interested to see what will happen on my computer.
search google on "lady slipper" That is the name of the flower. Then in "images for lady slipper" I clicked on the first few images. That got the virus on my pc. I am running win7 ultimate. IE9. firewall was on. microsoft security essentials was running.
What I don't understand is why IE allows addins or plugins complete access to the PC. Can't there be some kind of tiered level of access that the user can grant the plugin to have? Even for desktop apps you load on your PC. Make it so the app cannot update the registry, cannot write to a folder outside of the one it is installed in, can't do anything the brings up a UAC prompt, ...
@SteveRichter: That's how UAC should be working. The worst an app can do without asking for permission first is screw up the user space.
My mother-in-law got hit with the same program, but she had thought it was her anti-virus so she clicked OK on the UAC prompt. It wasn't too hard to get rid of (boot in safe mode, take the entries out of HKLM\Software\Microsoft\Windows\CurrentVersion\Run\, and remove the executable), but it shows you that UAC can only do so much.
@SteveRichter:thank. If possible. Can you take a screen shot of the Google page and circle the image? I will try those image up, but, I want double check Ty.
I tried top15 results. Doesn't seems anything bad. Maybe you get the virus somewhere else?
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.