Hi! I’d just like you to see my HiJackThis log and tell me something:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:28, on 9.7.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
I used Foxit Reader some time ago and it was fine, but I missed one thing - I couldn’t open a pdf file unless I first saved it on my disk. Adobe Reader can read it directly from the web.
If Adobe Rader 7.0 in safe for use I’m not going to change it.
Can you tell me more about the Excel string please? I don’t even use IE, I use Firefox.
And what should I do with the Windows Messenger string? I don’t use it too.
We aren’t concerned with bloat but security - Acrobat 7 has a number of vulnerabilities which can be exploited, that is why security updates, etc. are deployed to close the vulnerabilities.
If your concerned by bloat then use a different pdf reader and foxit is far from bloated, it too needs to be kept up to date. Foxit has an extension where it can open pdf’s on the web, though I never do that as I prefer to download it where it will be scanned first before opening it.
Bellzemos isn’t concerned with security as witness to them stil running XP SP2 but they may have pirated XP and are unable to update and any attempts at security improvement are futile.
That accusation wasn’t nice. I got my original WinXP CD when I bought the PC, but never updated to SP3 because I never had any problems running SP2. I still have no problems, I’m just curious about the bold strings and about what David is telling me on Adobe Reader.
Please do not concern yourself,many people, automatically assume,anyone who does not update to SP3,is running a pirated windows.This is because, installation, requires, validation of windows.
However, all programs, for instance, adobe,7, have security problems. This is why they bring out, security updates, and new versions
You would be very wise to follow Yokenny’s advice, and run Secunia http://forum.avast.com/index.php?topic=46676.msg392441#msg392441
I can follow your line of thinking there, and therefore I have chosen where I could for other solutions then Adobe, because it still has unpatched vulnerabilities, and you and I know that CyberCrime and Co always go for the obvious exploits and the majority of vulnerable users are running IE6 and IE7 and Adobe and other big software players. Therefore I like to use open software alternatives like Foxit lor VLC Media Player etc. I use Secunia PSI to get all my third party software up to date and patched fully, get it from here: http://secunia.com/PSISetup.exe
So on XP update your browser to IE8 and fully patched, not to use (you can use Firefox with NoScript and ABP for instance) but have it updated fully to protect your Operational System. First upgrade to Service Pack 3 (yes it is far more secure in the light of Conficker and other specific malware). Use for your online activities Windows under normal user rights, because malware can not do what it can do as administrator running with full system rights (this is so for 92% of all known malcode for the Windows platform).
Use one resident av soltution, additionally a non-resident scanner like MBAM and SAS, just one software firewall active. Use in-browser security like blocking malware scripts, and use SafeHex in general and you are ready to go,
Thank you, Polonus. But why should I update IE6 if I only use Firefox?
I am using Avast!, SAS, MBAM, SpywareBlaster, CCleaner and common sense and I have no problems, at least for now. Maybe I will also install SP3, as you all suggest it…
“Use for your online activities Windows under normal user rights, because malware can not do what it can do as administrator running with full system rights (this is so for 92% of all known malcode for the Windows platform).”
This is interesting! I didn’t know that it is so much more dangerous to be signed in as administrator. I guess I must be signed in as administrator, because when I turn on the PC it comes straignt into Windows, without asking me to sign in at all… What should I do about that?
You should, my friend, you better do this. IE6 is obsolete and it is worse security wise than IE8, also IE7 has holes like good Swiss cheese that IE8 does not have on XP, the new DiretX hole for instance, only users with IE8 are (considerably) safe.
Consider that MS has embedded their browser deep, really deep into the Operational System, Internet Explorer equals explorer.exe in various respects, so if malcode comes riding into the browser (and yes there are cross browser exploits where you only use Firefox and can get an infection from a vulnerable broken IE browser, it comes riding full force into your OS, especially as you use full admin rights!
So that is why - do not click Blue E = IE, but keep it fully updated and patched. Windows 7 will come without a browser in Eurolandia (or as Microsoft better likes it the OEM vendor may choose the browser, and probably will come up with IE again). I give this advice as a lot of us do here, because there is a ground for it.
Trust no one, trust no code in your browser until checked, and stay secure,
By the way, running with a Limited User Account login gets really tiring when you need to switch to Administrator just to do something.
I don’t run Fast User Switching as it is a resource waster just for one user: http://forums.techarena.in/tips-tweaks/1023017.htm
OK, thank you all for info, I will upgrade IE to the latest version and probably install the SP3 too. Thanx again! Pozdrav!
Edit:
I almost forgot! So, should I fix the strings in bold (posted in the log on the first page of this topic) with Hijackthis? Or should I leave them as they are?
O8 - Extra context menu item: I&zvoz v Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 <== this is needed
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <= Part of Windows Messenger
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <= Part of Windows Messenger http://www.bleepingcomputer.com/startups/msmsgs.exe-3386.html