navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PSI Bugged

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
nekollx PSI Bugged
Member 14th Aug, 2009 20:10
Ranking: 0
Posts: 12
User Since: 14th Aug, 2009
System Score: N/A
Location: N/A
I updated and ran every installer listed as a thread but im still geting a huge list of the same threats.

Adobe Flash Player 10.x (ActiveX Control)//already updated
Adobe Flash Player 9.x (General Plug-in)//cant even find it on the website out side of a debugger file
Google Gears 0.x//Chrome reports Up to date
Microsoft Office PowerPoint Viewer 2003//windows update has nothing
Microsoft Office PowerPoint Viewer 2003//duplicate?
Microsoft XML Core Services (MSXML) 6.x//windows update has nothing
Microsoft XML Core Services (MSXML) 6.x//duplicate?
Microsoft XML Core Services (MSXML) 6.x//duplicate?
Sun Java JRE 1.6.x / 6.x//already updated
Sun Java JRE 1.6.x / 6.x//duplicate?
Sun Java JRE 1.6.x / 6.x//duplicate?
Sun Java JRE 1.6.x / 6.x//duplicate?
Sun Java JRE 1.6.x / 6.x//duplicate?

Maurice Joyce RE: PSI Bugged
Handling Contributor 14th Aug, 2009 20:44
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Are U using the advanced mode?


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 14th Aug, 2009 20:52
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
simple mode
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 14th Aug, 2009 21:42
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
That will not help U identify them. Switch to the Advanced Mode - forget the warning about advanced users - it is easy.

Once switched, rescan - what programmes can U see in the Insecure Area?

Once U tell me that your problems can be easily fixed.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 14th Aug, 2009 22:57
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
so i switched to advanced mode and cleaned iout old programed redid the updates and it's still detecting updated files as out of date!

Adobe Flash Player 10.x (ActiveX Control) 10.0.22.87

Adobe Flash Player 9.x (General Plug-in) 9.0.45.0

Google Gears 0.x 0.4.24.0

Microsoft Office PowerPoint Viewer 2003 11.0.5703.0

Microsoft XML Core Services (MSXML) 6.x 6.20.1076.0

Microsoft XML Core Services (MSXML) 6.x 6.10.1200.0

Microsoft XML Core Services (MSXML) 6.x 6.10.1200.0

Sun Java JRE 1.6.x / 6.x 6.0.130.3

Sun Java JRE 1.6.x / 6.x 6.0.130.3
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 14th Aug, 2009 23:08
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
By each of these entries is a + sign - click it - it will reveal the istallation path - looks like

C;\program files\.....

Do they all start with C?

Are there any that say C:\i386?

If they are not all C what drive letter do they start with?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 15th Aug, 2009 00:15
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
on 14th Aug, 2009 23:08, Maurice Joyce wrote:
By each of these entries is a + sign - click it - it will reveal the istallation path - looks like

C;\program files\.....

Do they all start with C?

Are there any that say C:\i386?

If they are not all C what drive letter do they start with?


in order of my above list
C:\Windows\System32\Macromed\Flash\Flash10b.ocx
C:\Program Files\Adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
C:\Users\Nik\AppData\Local\Google\Chrome\Applicati on\Plugins\gears\gears.dll
C:\Program Files\Dell\MediaDirect\Kernel\Office\PPTView\PPTVI EW.EXE
D:\Windows\System32\msxml6.dll (d is my recovery partition)
the next one is in my recycle bin!
As is the 3rd instance!
C:\Windows\System32\java.exe
C:\Program Files\Java\jre6\bin\java.exe
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 15th Aug, 2009 00:36
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
We will do this a bit at a time - late here in UK so will give U some now & will do another post to finish it tomorrow.

1. Empty the recycle bin!
2. C:\Windows\System32\Macromed\Flash\Flash10b.ocx - just right click on this entry & select delete.
3. Your partition - it is safe - create an ignore rule.

Creating an IGNORE RULE

Click on the SETTINGS tab>scroll to the bottom & click on CREATE IGNORE RULE

In the RULE NAME BOX insert something like MY BACKUP DRIVE

In the RULE BOX type D:\

Click SAVE IGNORE RULE>CLOSE

The drive will continue to be scanned by default but the result will not be published.

4. JAVA
If U have not got the latest version of JAVA (Version 6 Update 15) download it from here:
http://www.filehippo.com/download_java_runtime/

Once the update is complete go to Control Panel>JAVA icon>Update Tab and take the tick out of box marked "Check for updates auto ....." (This will prevent a useless file called JUSCHED from being place in your start up menu.


Now remove all the old dross from previous versions.

The tool will remove all old versions, any useless files from previous installs except for the version U have just installed

http://raproducts.org/

*This link takes U to the site - select the Windows Binary (zip) option.
*This will lead U to Sourceforge.net to download it.
*Save the download to desktop.
*Activate the desktop zip icon which exposes the JAVARA EXE file. Click it
*Select RUN when asked.
*Select your language.
*The tool will now appear on the desktop - select REMOVE OLDER VERSIONS
*Once complete select ADDITIONAL TASKS - tick all boxes & activate.


* Right click on the desktop JAVARA zip file & delete it.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 15th Aug, 2009 01:06
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
that worked all i have left now is the powerpoint, gears, flash 9 and 10 bugs (and some stoff flagged in the insecure browsing tab bust most of those are related to these)

thanks
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 15th Aug, 2009 08:27
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Now do Flash.

To remove all versions of Flash from the C drive of your PC:


1. Download & use the flash Uninstaller from here:

#####Before actually running the uninstaller it is a good idea to close all browsers,PSI and any other programme U think may be using Flash #####

http://kb2.adobe.com/cps/141/tn_14157.html

2. Reboot to clear out any left over ocx files.

3. Rescan using PSI - if there are any insecure Flash elements left what is the path to them? U should not proceed to stage 4 until all U clear any problems found.(The PSI overview page may look a little odd because it uses Flash for the pictorials)

Note: At this stage,if PSI finds any elements of Flash in the C:\i386 folder or on any drive other than C that is an OEM reinstallation partition (normally D drive) or a drive U use solely to backup your work U can safely create an ignore rule.


4. Reinstall the latest Internet Explorer Flash Player from here:

http://www.filehippo.com/download_flashplayer_ie/

4A.If U are also using Firefox, Opera and other Gecko-based browsers U need this link as well:

http://www.filehippo.com/download_flashplayer_fire...

5. Go to add/remove & double check Adobe have not installed the useless Adobe Download Manager - if U see an entry remove it.


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 15th Aug, 2009 19:37
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
flash 10 is gone and updated but it still is mentioning flash 9 in

C:\Program Files\Adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll

and i'm not sure how you update the flash player in adobe bridge
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 15th Aug, 2009 21:51
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Just copy the NPSWF32.DLL file from the main Flash U have updated & replace the one in Adobe Bridge

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 15th Aug, 2009 21:55
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
on 15th Aug, 2009 21:51, Maurice Joyce wrote:
Just copy the NPSWF32.DLL file from the main Flash U have updated & replace the one in Adobe Bridge


ok i did that and the google gears the same way for Chrome but what about the powerpoint one?
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 15th Aug, 2009 22:00
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 16th Aug, 2009 19:01
Microsoft PowerPoint 2003 is fast becoming obsolete. I would uninstall it & install the 2007 version.

Link here:

http://www.microsoft.com/downloads/details.aspx?fa...

Edit:
Just noticed your powerpoint viewer is embedded in Media Direct so my first bit will not work unless U have PowerPoint Viewer 2003 as a standalone item in add/remove.

Media Direct have fixed this problem. I cannot find my original post only this one:
http://secunia.com/community/forum/thread/show/131...
There are 2 files. Firstly U must update the programme via Dell then the programme has an updater - once these 2 are updated the problem is solved.
This link should help:
http://support.dell.com/support/downloads/index.as...

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 17th Aug, 2009 20:03
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
Last edited on 17th Aug, 2009 20:23
i hit google and i think i found the patch

http://support.dell.com/support/downloads/download...

Well donwloaded the file but it gives a error "you need power cinema 4.7" which for the life of me Google can't find!

Oh Google! Why have you failed me?
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 17th Aug, 2009 21:56
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I would ask Dell to supply the exact link to the update U want

http://support.dell.com/support/topics/global.aspx...

I do not recall Cinema being mentioned on the help I gave to someone else. there are different versions so better to get the facts having told Dell your PC tag number.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 17th Aug, 2009 22:52
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
i checked the dell comunity forums, theirs no valid links for the cinema 4.7
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 17th Aug, 2009 23:08
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
U could be right hence my advice to email Dell from the link I gave U - give them your problem & ask for the correct download links to correct the insecurity

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
Spunner RE: PSI Bugged
Member 18th Aug, 2009 03:38
Score: 0
Posts: 10
User Since: 17th Aug 2009
System Score: N/A
Location: N/A
For Java - you have to uninstall all versions except the latest - just like Flash, it doesn't remove old versions when you install new ones.

All J2SE and Java need to be uninstalled except Java 6 Update 15/16..
Was this reply relevant?
+0
-0
Maurice Joyce RE: PSI Bugged
Handling Contributor 18th Aug, 2009 10:50
Score: 11830
Posts: 9,072
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Which is exactly what my post says above. Not sure what this post is for or to whom?

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 18th Aug, 2009 18:29
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
bah they wont help with softwere if you are out of warente
Was this reply relevant?
+0
-0
Spunner RE: PSI Bugged
Member 18th Aug, 2009 19:06
Score: 0
Posts: 10
User Since: 17th Aug 2009
System Score: N/A
Location: N/A
Sorry Maurice ... I missed that part... Maybe something I should check into!
Was this reply relevant?
+0
-0
wr RE: PSI Bugged
Contributor 18th Aug, 2009 19:12
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
Last edited on 18th Aug, 2009 19:12
@neknollx,
I found the link I think you need, however there seemed not to be a update for PowerCinema 4.7, their latest version seems to be v.6.0.2703 for 119.95-don't know if this price is USD or Euro. Enclosed is link to developer co. which has many products for sale. http://cyberlink-corp.software.informer.com/

There also appears to be some free downloads for 4.7 here: http://www.topshareware.com/power-cinema-4.7/downl...


Good luck & regards, wr


--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.2.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 18th Aug, 2009 19:25
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
on 18th Aug, 2009 19:12, wr wrote:
@neknollx,
I found the link I think you need, however there seemed not to be a update for PowerCinema 4.7, their latest version seems to be v.6.0.2703 for 119.95-don't know if this price is USD or Euro. Enclosed is link to developer co. which has many products for sale. http://cyberlink-corp.software.informer.com/

There also appears to be some free downloads for 4.7 here: http://www.topshareware.com/power-cinema-4.7/downl...


Good luck & regards, wr


i count find the free download at your second link and i'll be damned if i pay 120 bucks to get a patch from Dell to work.
Was this reply relevant?
+0
-0
wr RE: PSI Bugged
Contributor 18th Aug, 2009 19:59
Score: 308
Posts: 739
User Since: 30th Mar 2008
System Score: 100%
Location: US
sorry nekollex,
I didn't look close enough @ the 2nd link either-it's not free. The only thing I could find online was a trial download & it was for v.5-so possibly nothing free to download-this probably is a good example of Dell bloatware-someone paying them to 'bundle' their program so that later after the 'trial version' expires, the consumer will buy their product because it's already familiar to them.
Good luck on finding a replacement if you need one, I don't blame you for not paying 120. for a program either.

Regards, wr



--
HP Pavilion Slimline s3020n
Windows Vista Home Premium SP2 32 bit
AMD 64 Athlon X2
Firefox 31.2.0 ESR
The weakest link of a computer system is always sitting in front of the monitor.
Was this reply relevant?
+0
-0
nekollx RE: PSI Bugged
Member 18th Aug, 2009 20:19
Score: 0
Posts: 12
User Since: 14th Aug 2009
System Score: N/A
Location: N/A
I don't even use Media Direct, as a rule I don't like to remove OEM branded programs though (which is why i still have Dell Dock) but I'm not going to leave a vulnerability and just delete the dame thing.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+