blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 16, 07:46
here's the comment area for today's blog post found at
http://zabkat.com/blog/safely-examine-attachment.htm
http://zabkat.com/blog/safely-examine-attachment.htm
zabkat support forum
xplorer² Deskrule and other programs
https://forum.zabkat.com/
blog: anti-phishing attachments with xplorer2
Page 1 of 1
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 16, 14:10
I find all e-mail attachments suspicious.
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 17, 13:38
but.. several pdfs i see only the hex preview instead text.
and docs,pdfs it is "impossible for me to get malware" because macros disabled.
can you send me samples from the phishing mails,docs ,i never get this cool stuff in my mailbox!
and docs,pdfs it is "impossible for me to get malware" because macros disabled.
can you send me samples from the phishing mails,docs ,i never get this cool stuff in my mailbox!
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 18, 05:42
if you don't get attachments, you are a lucky guy 
if PDFs show as hex, perhaps they are images. Do you have xplorer2 professional or lite?
if PDFs show as hex, perhaps they are images. Do you have xplorer2 professional or lite?
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 23, 17:58
Um. Using 4.2.0.1 ULT x64 2019-05-14. My Quick viewer Draft mode has never displayed anything. This is before and after changing PDF viewers on Win8. Even the context menu does not pop up. Native mode uses PDF X-Change Shell Extensions dll 7.0.328.2 so that context menu belongs to the viewer (zoom, next page, etc). How to diagnose the config, as far as what viewer 'should' execute in Draft mode? Edit / Extract Text causes xp2 to display a spinner, progress bar at 50%, and hang.
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 24, 04:49
try using this tool and see which PDF text filter you have installed?
you can try installing Sumatra PDF that definitely works. If you want to keep your old PDF viewer you can install just the shell extensions of Sumatra: www.zabkat.com/blog/pdf-reader-shell-integration.htm
you can try installing Sumatra PDF that definitely works. If you want to keep your old PDF viewer you can install just the shell extensions of Sumatra: www.zabkat.com/blog/pdf-reader-shell-integration.htm
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 28, 21:02
Looks like what's needed is re-installing the PDF viewer, or at least updating the registry to use a real viewer instead of Windows' default / glcndFilter.dll
Code: Select all
Shell extension information for .PDF ...
1. TEXT FILTER -----------------
X64: %systemroot%\system32\glcndFilter.dll {6C337B26-3E38-4F98-813B-FBA18BAB64F5}
X32: %systemroot%\system32\glcndFilter.dll {6C337B26-3E38-4F98-813B-FBA18BAB64F5}
2. PROPERTY HANDLER ------------
(nothing registered)
3. PREVIEW HANDLER -------------
X64: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x64.dll {9B68BDF7-95F9-4A1F-851C-27D822F8E3E9}
X32: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x86.dll {9B68BDF7-95F9-4A1F-851C-27D822F8E3E9}
4. THUMBNAIL PROVIDER ----------
X64: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x64.dll {644D29FB-8692-49A6-B37D-D11A4CCC7A6D}
X32: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x86.dll {644D29FB-8692-49A6-B37D-D11A4CCC7A6D}Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 29, 01:51
As Administrator:
So ChkShXt gives:
Logged out of Windows and back in.
Also in Preview / Draft / right-click, un-checked "Text only" ... because PNGs had been displaying as text.
PDF-XChange's config program for this XCShInfoSetup.EXE finally shows all good https://postimg.cc/QHVw73WS
PDFs still display only in Native mode, and Draft mode shows "No preview available"
Code: Select all
RegSvr32 "d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x64.dll"
RegSvr32 "d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x86.dll"Code: Select all
1. TEXT FILTER -----------------
X64: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x64.dll {74F7C392-4DFA-4F71-AFCE-31CA972AC619}
X32: d:\folder\PDF-XChange\Shell Extensions\XCShInfo.x86.dll {74F7C392-4DFA-4F71-AFCE-31CA972AC619}Also in Preview / Draft / right-click, un-checked "Text only" ... because PNGs had been displaying as text.
PDF-XChange's config program for this XCShInfoSetup.EXE finally shows all good https://postimg.cc/QHVw73WS
PDFs still display only in Native mode, and Draft mode shows "No preview available"
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jun 29, 06:23
the idea with this blog post is to use plain text only, not the native preview tab. From your posts there is a text filter for PDFs on your system. Does EDIT > EXTRACT TEXT menu command work on your PDFs?
Re: blog: anti-phishing attachments with xplorer2
Posted: 2019 Jul 02, 20:35
Yes, it does now. Was kinda surprised that it did, because last time I checked, before making the changes above, it did not.