I have my browser set to view new posts and I am amazed at how many of you have posted your "Hijack this" report and how many have reoccurring problems - almost seems like a losing battle!

What I have noticed is 100% of you are using IE. That is part of the problem. I am on my PC 15 hours a day 6/7 days a week and my pc is never shut off. I see an occasional spyware come in but it's rare. I probably picked it up using IE. I very rarely use IE, but some sites require it


Why not try one of the alternative browsers out there? Firefox, Mozilla, Opera - I guarantee you will see much less of what you see now (spyware, etc) and will be able to relax a little.

This statement comes straight from an MCSE (Microsoft Certified Systems Engineer) Dated 06.15.2004 @ 11:22 PM PT -
source:
http://channels.lockergnome.com/news/archives/20040615_why_you_should_dump_internet_explorer.phtml

-{ Quote: "What most people don’t realize, however, is that there is a very simple and powerful way to defend your system (and/or the systems of your loved ones) in one fell swoop. Don't use internet explorer" }-

Reasons to switch to Firefox (http://www.mozilla.org/products/firefox/why/)

Firefox 9+ (http://www.mozilla.org/products/firefox/)

Opera (http://www.opera.com//)

Wish it were that simple - or maybe I am wrong.

The malware makewrs target IE because it has the largest client base. If it was Firefox would they not start targeting that instead.

What I am saying is that they target IE because everyone uses it, if they all used something else they would target that.

But as I say maybe I am wrong.

My main browser is IE and so far so good on the spyware front, I have had no problems with any nasties and have IE set up as secure as possible and I cannot deny that there is problems on the secure front with IE, but I for one will be staying with It for a while.
I do have programmes in place to help protect me, but nothing is 100% but as I said, so far so good and I hope It continues.




The MUL :)

-{ Quote: "Wish it were that simple - or maybe I am wrong.

The malware makewrs target IE because it has the largest client base. If it was Firefox would they not start targeting that instead.

What I am saying is that they target IE because everyone uses it, if they all used something else they would target that.

But as I say maybe I am wrong." }-

Sorry but that is not entirely correct -


-{ Quote: "What makes other browsers better than IE at protecting vs. spyware and other attacks? Well, it’s simple really - most other browsers don’t make it so easy to install malicious software on your system without you knowing about it. IE makes it relatively trivial through two features called ActiveX and Active Scripting. These technologies were designed specifically for the purpose of giving websites more control over a user’s computer. Unfortunately, as we have seen with exploit after exploit - that’s not always a good thing.

In addition to the spyware issues, IE in general has had a terrible track record when it comes to all types of serious security issues. For years now, it’s seemed like every time you turn around there is a new way to have your computer taken over via Internet Explorer. Put “internet explorer” and “allow an attacker to execute commands” (with the quotes) into Google and you’ll see what I mean." }-

-{ Quote: "IE makes it relatively trivial through two features called ActiveX and Active Scripting

In addition to the spyware issues, IE in general has had a terrible track record when it comes to all types of serious security issues." }-

What other type of security issues are you speaking of IF Active script is disabled ?

Bubba, I'm not a security expert (far from it) what I do know is I don't get nearly the amount of adware, spyware, etc that I used to get using IE.

I gave you guys the url to the article from the "Microsoft Certified Systems Engineer". I would think he would be much more qualified than many of us. If you can't accept what he said then maybe you are not willing to listen or accept the fact that IE is not as great as you think it is.

Ultimately, use what you want. I am not here to argue the merits of any browser - I don't want to. I'm just posting information that I believe to be true. If you benefit from it, great. If not, it's your decision.

I'm just trying to offer suggestions for those who are, seemingly, at their wits end. There are many posts here with desperate sounding people pleading to get help - and they are getting hit repeadedly.

Meanwhile, I use Firefox and rarely have problems of that type.

As they say, "If you aren't using firefox*, you aren't surfing the web - you are suffering it" - something like that - I don't remember exactly how it goes.

*(or any IE alternative without IE engine)

-{ Quote: "I gave you guys the url to the article from the "Microsoft Certified Systems Engineer". I would think he would be much more qualified than many of us. If you can't accept what he said then maybe you are not willing to listen or accept the fact that IE is not as great as you think it is." }-Sorry....but I was simply asking a question concerning all types of serious security issues you mentioned. As for the article....it's made by an individual who has his thoughts and opinons about what he feels is a better alternative when it comes to a browser. Daniel is an aquantance at another Forum I frequent and some of what he wrote in that article is based on fact....just like some of it is based on personal opinion.

As far as the "Microsoft Certified Systems Engineer" tag goes....that in no way in itself makes an individual more qualified. Perhaps a better understanding of how one can receive an MCSE needs to be looked at. If your going to debate the merits of alternative browsers....I would suggest you bring more to the table than....I have noticed is 100% of you are using IE.

IE for all practical purposes is NOT for the less knowledgeable, users that have no desire to learn or users that state I probably picked it up using IE. Internet Explorer is not much different from a firewall where the user needs to learn it's capabilities or much differnet from say Adware\Malware cleaning programs where the user needs to learn what to delete and what not to delete. While I will agree IE is not for the masses....it is used and will continue to be used by many surfers that do learn how to safely Secure their surfing by using IE.

-{ Quote: " If you're going to debate the merits of alternative browsers....I would suggest you bring more to the table than....I have noticed is 100% of you are using IE.
" }-

I already said and I repeat
-{ Quote: "I am not here to argue the merits of any browser - I don't want to. I'm just posting information that I believe to be true. If you benefit from it, great. If not, it's your decision.

I'm just trying to offer suggestions for those who are, seemingly, at their wits end. There are many posts here with desperate sounding people pleading to get help - and they are getting hit repeadedly - USING IE!" }-

Sorry but, can you not understand? I'm just offering suggestions and my experience - not an argument - which appears you are trying to start without comprehending or reading what I have already stated. I don't want to have any "fan-boy" arguments please - if that is what this is - I don't know but it seems like it. Have a good day! :) = cool avatar by the way.

-{ Quote: "Meanwhile, since i've swtiched to Firefox I rarely have problems of that type anymore(spyware, hijacking, etc)" }- - that is my experience. Do you want to argue my experience and say it isn't true?

-{ Quote: "
I'm just offering suggestions and my experience - not an argument " }-You'll get no arguing from me....only debating. You offer your suggestions\experience and likewise I did the same. Hopefully now you can understand that civil point\counter point is a part of public Forums....whether it be the merits\likeness of a browser OR an avatar. :)

I'll leave ya to your sales pitch....have a nice day.

I am new, what do you guys think of crazy browser?

Isnt crazy browser still internet explorer?

~amber

Not a sales pitch - I would not be suggesting Opera now would I? - for a global you seem immature with your attitude "I'll leave ya to your sales pitch" Please work on your public relations it's important as a moderator.

I made, in a way, a news posting. In fact LowWaterMark moved it to the news section with a link to this section (he PMed me). I did not post to argue - only to post news. Please stop arguing - it is not my wish.

amber lynn, please forgive the bickering - crazy browser is an IE "wrapper"

I'm checking out of this thread. it's all yours. Peace Bubba? :)

Well, let's call this an experiment that went wrong. :-\ My bad!

I'd like to remind everyone that it is very easy for this type of thing to happen. People have different posting styles that frequently come from environmental or cultural background differences. (And I don't necessarily mean people from different countries even - just any type of mindset differences.) It is easy for people to end up at odds because a term used in posting is interpreted by them differently than was intended by the other person. It is best in such circumstances to focus strickly on the specifics of the topic rather than assuming anything in the other person's motives.

See this thread for more on these thoughts:

Sticky: No offense?! Yes, really!! (http://www.wilderssecurity.com/showthread.php?t=11108)

As for the topic here, there are some truths about Internet Explorer, as I see it. It is neither "the devil", in that it will always result in a user always being infected no matter what they do. Indeed, many people use IE safely. I use IE exclusively myself. But, on the other side, the default security settings for IE can easily allow all kinds of malware infections to occur that may not have occurred if another browser was used in the same circumstances.

IE is the most widely used browser, so it stands to reason that more people being infected will be running IE. However, it is also true that many of the spyware items infecting people today are counting on people using IE, with default settings, so they can exploit holes in it and get their spyware installed.

In any case, that was the area I was hoping we'd explore with this thread in case there was something here of value, and how it relates to the massive number of repeatedly hijack systems we're seeing in the log review forum.

-{ Quote: "

As for the topic here, there are some truths about Internet Explorer, as I see it. It is neither "the devil", in that it will always result in a user always being infected no matter what they do. Indeed, many people use IE safely. I use IE exclusively myself. But, on the other side, the default security settings for IE can easily allow all kinds of malware infections to occur that may not have occurred if another browser was used in the same circumstances.

IE is the most widely used browser, so it stands to reason that more people being infected will be running IE. However, it is also true that many of the spyware items infecting people today are counting on people using IE, with default settings, so they can exploit holes in it and get their spyware installed.

In any case, that was the area I was hoping we'd explore with this thread in case there was something here of value, and how it relates to the massive number of repeatedly hijack systems we're seeing in the log review forum." }-

Hi LWM, ;)

Hmmm ... actually your post could be a great start to a new sticky experiment! ...

Just a side note ... with the impending release of SP2 ... and it's expected resulting chaos for inexperience users ... M$ and most PC manufactor's are already preparing for the on slaught of support questions ... Anyway to have a dedicated section for SP2 here? Maybe even a beta sticky thread for advance screen shots, noted experiences and observations of those that have tested it.

dog - *puppy*

Excellent post LowWaterMark.

As I stated, i'm not an expert - far from it. I could not answer questions that I did not know. It seemed like I was being badgered to come up with an argument which angered me because that was not my purpose to post - only to offer some kind of help to those who were posting their Hijackthis results..It was a post of compassion because I feel their frustration - been there.

Sorry Bubba, if I misinterpreted your posts.

Hi All, ;)

-{ Quote: "What I have noticed is 100% of you are using IE." }-

Just wondering how you have assumed this? These entries will be on every HJT log ... it's set to look up these reg keys regardless to what someone has set their their default browser to be? or which browser they typically use? So how exactly do you support your statement?

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v4.windowsupdate.microsoft.com/en/default.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Protected

The only entry that would give it away would be ... and only if the browser is open at the time of the scan is ... my examples; others will differ depending on the directory.

C:\Mozilla Firefox\firefox.exe
C:\Program Files\Opera75\opera.exe
C:\Program Files\Internet Explorer\iexplore.exe

Intended to be enlightening! ;)

Ps. Any thoughts on my above post LWM?

dog - *puppy*

I could be wrong but it SEEMED like every thread I opened (that night and there were a lot) contained C:\Program Files\Internet Explorer\iexplore.exe - in "running". This was only a span of several hours so......my post was relating to those hours then - hehe.

About half of all HijackThis logs posted here actually show a running copy of Internet Explorer. I'm sure that many of the others are from people who do indeed use IE, at least some of the time, and just didn't happen to be running it when they ran their HJT scan. (The numbers from a database query show 3435 hijack logs with a visible version of Internet Explorer running out of a total of 7080 logs.)

Edit: 76 logs showed a running version of firefox.

Hi LWM, ;)

I wasn't disputing the fact that most (not 100%) ...was the result of using the default security settings in IE and/or IE itself. I would agree with that, as the novice user is probably unaware of the proper security settings and it's implication, they would also be far less likely to be aware of alternative, never mind using one. Or the fact that the Hijacker's take aim at IE because of it's popularity, it's known vulnerbilities, and the fact that "most" user leave IE with it's unsecure default settings.

I was wondering if lynchknot was aware of the reason for the result of those reg entries ... and pointing out that the only way to determind what browser the member was using, was seeing the running process, only if the browser was open at the time of the scan. It is probably safe to assume that the browser used in the HJT log is also their main browser ... but there is no way of knowing/determining what their default browser is, or if they use more than one ....

It was meerly trying to enlighten. ;)

ps. thanks for the interesting stat's LWM.

dog - *puppy*

Dog, i'm not that new. Come on! Anyway with stats like 3435 to 78, there's a good chance that I did witness 100% - but I was not trying to be accurate
when I viewed them - I just did not see any other browser indicated - so I assumed they were all IE. Yes, I know ass-u-me.

-{ Quote: "ps. thanks for the interesting stat's LWM." }-
Actually, I was in the middle of doing additional queries for other browsers when my ISP network dropped. :(

I'd never really thought to do these types of queries before, and it is quite interesting. I'll do some more once I'm sure my connection here is stable. :-\

Edit: Opera looks like 39 logs.

In any case, it's pretty well known that the majority of people run Internet Explorer as their main browser, and that they run it as it was configured out of the box, with very little added security software, as well.

If only there was a way to truly reach people and get them to learn about these issues and tighten their security. :-\ But that's not really likely to happen anytime soon.

OMG I'm so embarrased LowWaterMark. There are 341 views on this thread. All those people saw me get into a bicker - maybe we can clean up this thread?

-{ Quote: "
In any case, it's pretty well known that the majority of people run Internet Explorer as their main browser, and that they run it as it was configured out of the box, with very little added security software, as well.

If only there was a way to truly reach people and get them to learn about these issues and tighten their security. :-\ But that's not really likely to happen anytime soon." }-

Well, I think the few hundred regulars here defintely have that under control ... and the How did I get infected in the first (http://www.wilderssecurity.com/showthread.php?t=27971) given out to Hijack victims by Wilders' Experts seems to help ... there only seems to be a few repeat offenders. ;) Overall I think this topic is covered extremely well here ... lots of great links to resources ... like Eric Howes site ... the Javacool forums ... etc. etc. I think Wilders' makes a big difference LWM ... who really knows how many guests and members have learn and utilized that knowledge ...

The Media is also pushing the Warnings ... and SP2 ... will in the end force the average user to learn a little more about security.

Cheer up LWM, you seem a little down about this ... think about the positives I mentioned.

Steve - *puppy*

-{ Quote: "OMG I'm so embarrased LowWaterMark. There are 341 views on this thread. All those people saw me get into a bicker - maybe we can clean up this thread?" }-
Well, some threads just go this way. They show us how easy it is for things to go bad, which teaches us better ways to post and reply so that it doesn't again. (Actually, it always happens again, but we hope these kinds of things are few and far between.) So, let's just move forward from here. ;)


-{ Quote: "Cheer up LWM, you seem a little down about this ... think about all the positives I mentioned." }-
I'm only down because of all the trouble I just had with my ISP connection. :D ;D

-{ Quote: "Well, some threads just go this way. So, let's just move forward from here. ;)
" }-

OK, shall we open up a new can or worms? \/\/ EB STANDARDS!- :P - now that's a hot debate.

-{ Quote: "Wish it were that simple - or maybe I am wrong.

The malware makewrs target IE because it has the largest client base. If it was Firefox would they not start targeting that instead.

What I am saying is that they target IE because everyone uses it, if they all used something else they would target that.

But as I say maybe I am wrong." }-

Maybe you are wrong. In the web server world, MS's IIS is still less popular than Apache, yet the former servers are hacked more by far (the latest js.scoob threat for example is due to exploits attacking IIS servers). Why?
The more popular, hence more targetted excuse doesn't work here.

-{ Quote: "Well, I think the few hundred regulars here defintely have that under control ... and the How did I get infected in the first (http://www.wilderssecurity.com/showthread.php?t=27971) given out to Hijack victims by Wilders' Experts seems to help ... there only seems to be a few repeat offenders. ;)


Steve - *puppy*" }-

I think a few hundred is a drop in the bucket really. Heck even firefox has more users, and their users are as protected if not more than these people you are talking about.

I don't think it's really realistic to expect the average user to secure IE sufficiently. Sure you can say just disable active scripting, java , activex etc etc, but many many sites will be totally disfunctiona (not to mention the rare odd exploit that ignores that)l. And you can talk all you like about trusted zones, but in the end most users in my experience just don't borther, and keep asking for a easier solution.

Firefox in some ways is the easier solution. Except that many bank sites just don't support them.

-{ Quote: "I am new, what do you guys think of crazy browser?

Isnt crazy browser still internet explorer?

~amber" }-

I think it's as good or bad as Internet explorer in terms of security. Yes it's still IE.

-{ Quote: "My main browser is IE and so far so good on the spyware front, I have had no problems with any nasties and have IE set up as secure as possible and I cannot deny that there is problems on the secure front with IE, but I for one will be staying with It for a while.
I do have programmes in place to help protect me, but nothing is 100% but as I said, so far so good and I hope It continues. The MUL :)" }-

Ditto ;D

The only things 100% guaranteed are: Death and Taxes.

TAS

-{ Quote: "Bubba, I'm not a security expert (far from it) what I do know is I don't get nearly the amount of adware, spyware, etc that I used to get using IE. " }-

Never had *any* myself and still using IE...... soooo... that must have meant you simply were not as secured as you thought while running IE?

TAS

PS: Sorry, I don't count the occasional 'tracking' cookie I *used* to get until I deployed measures in that regard...

AND I run ActiveX, Scripting, etc.... yep ;D

-{ Quote: "I am new, what do you guys think of crazy browser?

Isnt crazy browser still internet explorer?

~amber" }-


One browser that uses IE for a base claims to be free of safety concerns.

Netcaptor (http://www.netcaptor.com/)

-{ Quote: "Maybe you are wrong. In the web server world, MS's IIS is still less popular than Apache, yet the former servers are hacked more by far (the latest js.scoob threat for example is due to exploits attacking IIS servers). Why?
The more popular, hence more targetted excuse doesn't work here." }-

I agree - I don't think so much the popular target but rather the easier target. However, when it comes to OS......... :)

-{ Quote: "I agree - I don't think so much the popular target but rather the easier target. However, when it comes to OS......... :)" }-

FOR OS it's the easier target too of course.

If it's good enough for business and government it's good enough for you and me

http://www.faronics.com/