Jump to content


anyweb

Internet Explorer 7 in toolbar mayhem - Part 1

Recommended Posts

This test assumes that the user clicks 'yes/apply/accept/next' to just about anything, so security or not, how will IE7 cope ?

The test was carried out on a full install of Windows Vista Ultimate Edition version 5728 (Aero not enabled) with IE7 as shipped. I used the default user that Vista prompted me to create at the end of the install which according to Users/Groups, is a member of Administrators.

Unless otherwise mentioned, all of the software 'installed' for this test is not considered to be spyware (according to the manufacturers of said software), I'll leave you to make up your mind about that.

post-1-1159535314.jpg





Part 1 - Smiley's anyone ?

After looking at this picture from some poor noob's pwn3d Windows XP desktop, I wanted to see if IE7 in Vista 5728 could hold it's own. So I set about testing it !

post-12-1098049148.jpg



first of all here's how IE7 looks before I started the test. Pretty standard. Nothing much to write home about.

post-1-1159531014.png

ok now lets head over to a well loved hated site called smileycentral (why anyone WOULD go there voluntarily is still beyond me...).

IE7 prompted me to install Adobe Flash Player 9 as you see in this screenshot

post-1-1159531287.jpg

so I clicked on 'install' and IE7 now renders the smiley site correctly (so i believe, trust me when I say this was the FIRST and LAST time I went to that site) and still no smiley things stuck to my IE7 yet.

I decide it's time to start installing some stuff.

I click on 'download now' and I'm prompted to install an Active X script via a yellow WARNING bar at the top of IE7. Good. IE7 is trying to protect me.

Next I click on that warning bar and choose 'install Active X script', then I am prompted twice to accept some new software, the first time the details of which are listed as some cryptic {Bd......} registry class looking key, the second time it mentions 'Ask Jeeves' So I click 'install' of course !.

post-1-1159531592.jpg

Once done, another big box appears 'Internet Explorer Security'

post-1-1159531759.jpg

This one is interesting as it notes that the spyware, er program, will open OUTSIDE OF PROTECTED MODE.

Ok, I click 'Allow'.

Amazingly enough, IE7 or vista, or something seems to have caused the smileycentral program to FAIL TO INSTALL. But All is not lost, as it wants us to try a 'manual install' instead.

post-1-1159531956.jpg

After clicking on the manual install download link, i chose 'run' to install it. Vistas User Account Control popped up asking me did I want to allow the program to 'run', I clicked 'continue'.

I clicked 'accept' to the smiley EULA, and 'Finish'.

Ok, now I'm getting somewhere ! IE7 is now starting to look more 'used'.

post-1-1159532557.jpg

Next I type in http://www.live.com (IE7's default page) to see whats new. I can now see that IE7 displays the page fine but at the bottom right hand corner in IE, it says 'Internet Protected Mode OFF' whereas in the first screenshot in this post, on the very same website, it was ON.

post-1-1159532782.jpg

Hmm, ok time for the next stage, I opened up windows Task Manager to see if things look interesting, and sure enough, our smileycentral fiends have added a new process to my list - gee thanks.

post-1-1159533070.jpg

In addition to loading a new process, they have very kindly placed some registry entries on my computer, one of which is pictured below.

post-1-1159533922.jpg



Next up I closed IE7 and restarted it, this time http://www.live.com came up in protected mode, instead of smiley's search site. Interesting !.

post-1-1159533595.jpg



Part 2 - http://www.windows-noob.com/forums/index.php?showtopic=9

Share this post


Link to post
Share on other sites


Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...