Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: can't seem to resolve threats

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
enigma41352 can't seem to resolve threats
Member 13th Dec, 2009 21:48
Ranking: 0
Posts: 7
User Since: 27th Nov, 2009
System Score: N/A
Location: US
scan shows 4 threats:
adobe acrobat reader 5.x
adobe flash player 10.x
sun java jre 1.6.x / 6.x (requires uninstall)
symantec windows liveupdate 2.x

adobe acrobat reader 5.x ...
previous solution results said a more advanced program was already installed.
now it says it can't be installed.

adobe flash player 10.x ...
solution shows completed update but remains on list after rescanning.

sun java jre 1.6.x / 6.x ...
does not show in add/remove (shows in c:/program files)

symantec windows liveupdate 2.x ...
nothing happens when i click the solution button.

also nothing happens when i click on the forum icons.

at this point i am totally lost as to what to do. any assistance would be appreciated. thanks.

Maurice Joyce RE: can't seem to resolve threats
Handling Contributor 13th Dec, 2009 21:56
Score: 11744
Posts: 9,002
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Christmas is coming & it looks like U have a complete can of worms!

We can do these one at a time. First Adobe Flash:

UPDATING ADOBE FLASH
====================

Adobe have not mastered the art of completely removing all their files during an uninstall nor have they widely publicised the fact that they do not support removal using Control Panel>Add/Remove or other 3rd party uninstallers.

To successfully remove a vulnerability from Adobe Flash you should:

1. Download & use the Flash Uninstaller from here:

#####Before actually running the uninstaller it is a good idea to close all browsers,PSI and any other programme U think may be using Flash #####

http://kb2.adobe.com/cps/141/tn_14157.html

2. Reboot to clear out any left over ocx files.

3. Rescan using PSI - if there are any insecure Flash elements left what is the path to them? U should not proceed to stage 4 until all U clear any problems found.(The PSI overview page may look a little odd because it uses Flash for the pictorials)

Note: At this stage,if PSI finds any elements of Flash in the C:\i386 folder or on any drive other than C that is an OEM reinstallation partition (normally D drive) or a drive U use solely to backup your work U can safely create an ignore rule. It may also be in the Recycle Bin.


4. Reinstall the latest Internet Explorer Flash Player from here:

http://www.filehippo.com/download_flashplayer_ie/ (I strongly advise U not to select the Beta version unless an advanced user)

4A.If U are also using Firefox, Opera and other Gecko-based browsers U need this link as well:

http://www.filehippo.com/download_flashplayer_fire... (I strongly advise U not to select the Beta version unless an advanced user)

Security.
Adobe have a very bad habit of changing the Flash settings each time they plug vulnerabilities. To change the security settings to your liking & regain control click here:

http://www.macromedia.com/support/documentation/en...

Bloat ware.
If you used the Adobe site, rather than FileHippo to update you will also find they try or have installed an unnecessary Download Manager.

It is unnecessary bloat ware by a third party Company called NOS. I would uninstall it via Add/Remove.

20:55 13/12/2009





--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
enigma41352 RE: can't seem to resolve threats
Member 13th Dec, 2009 22:52
Score: 0
Posts: 7
User Since: 27th Nov 2009
System Score: N/A
Location: US
that seems to have taken care of adobe flash. i hope the rest is as easy. i'm pretty much a beginner. i'm ready for the rest if you are. thanks.
Was this reply relevant?
+0
-0
Maurice Joyce RE: can't seem to resolve threats
Handling Contributor 13th Dec, 2009 22:59
Score: 11744
Posts: 9,002
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Looks good to me. Now Java.
CLEARING OUT OLD JAVA DROSS
===========================

JAVA now use an Uninstaller as part of the install process.

It works very well but ONLY removes the previous version.

To ensure U have no previous dross from very old versions on your PC & to make updating easier for the future I would recommend:

1.Install or double check U have the latest JAVA version (Currently Version 6 Update 17)from here:
http://www.java.com/en/

Once the update is complete go to Control Panel>JAVA icon>Update Tab and take the tick out of box marked "Check for updates auto ....." (This will prevent a an unnecessary file from starting each time U switch on your PC - PSI is already doing this job for U)


2. Now remove all the old dross from older versions.

The tool will do the job by deleting useless files from previous installs except for the version U have just installed

http://raproducts.org/

*This link takes U to the site - select the Windows Binary (zip) option.
*This will lead U to Sourceforge.net to download it.
*Save the download to desktop.
*Activate the desktop zip icon which exposes the JAVARA EXE file. Click it
*Select RUN when asked.
*Select your language.
*The tool will now appear on the desktop - select REMOVE OLDER VERSIONS
*Once complete select ADDITIONAL TASKS - tick all boxes & activate.
*Right click on the desktop JAVARA zip file & delete it.

3. If U wish to test your JAVA is working correctly use this test link: http://java.com/en/download/help/testvm.xml

++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++

FUTURE UPDATING OF JAVA.
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Now U have cleared the dross future updating is easy & should not include the procedure outlined above. All U will need to do is:

1. Go to Start>Control Panel>click on the JAVA icon>select the Update tab>click the Update Now button.

2. Once the update is complete go to Control Panel>JAVA icon>Update Tab and take the tick out of box marked "Check for updates auto ....." (This will prevent a an unnecessary file from starting each time U switch on your PC - PSI is already doing this job for U)

3. If U prefer not to have the JAVA icon in the System Tray when in use, open the Advanced Tab>look for Miscellaneous>click the + sign & then remove the tick from clearly marked box.

4. If U wish to test your JAVA is working correctly use this test link: http://java.com/en/download/help/testvm.xml


By using this recommended method the previous version will be automatically uninstalled & U are guaranteed to get the correct version for your OS.


21:57 13/12/2009








--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
Maurice Joyce RE: can't seem to resolve threats
Handling Contributor 13th Dec, 2009 23:05
Score: 11744
Posts: 9,002
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Once U have finished JAVA it would be of interest to know:

1. Have U got a special reason to use the free Adobe Reader. I say that because it is constantly being declared vulnerable & is total bloatware against other PDF readers that can be used.

2. Symantec. U have a very old Live Update. Apart from this element do U use any Symantec (Norton) products?

I can better advise if I know this detail.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
enigma41352 RE: can't seem to resolve threats
Member 14th Dec, 2009 00:02
Score: 0
Posts: 7
User Since: 27th Nov 2009
System Score: N/A
Location: US
i don't have any special reason for using adobe reader.most everything was in this machine when i got it a year ago, including norton ghost which i think is the only norton product in this machine and i never use it because i really don't know what it is or how to use it.
would try any suggestions you may have.
Was this reply relevant?
+0
-0
Maurice Joyce RE: can't seem to resolve threats
Handling Contributor 14th Dec, 2009 01:26
Score: 11744
Posts: 9,002
User Since: 4th Jan 2009
System Score: N/A
Location: UK
In that case I would remove Adobe & Norton.


Adobe Reader.
=============

When Adobe free PDF Reader is downloaded it also installs the following programmes:

1. Adobe.com
2. Adobe Air (It has a Flash element)
3. A Google Toolbar if U do not opt out at the download stage.

These additional elements are not required to make Adobe Reader work therefore if U do not use or know what they do go to Control Panel>add/remove & uninstall them.

If U only use Adobe Reader to read web pages or email attachments U do not have to use Adobe Reader either. The Adobe Reader link splattered all over the web saying "To read this article U require Adobe Reader" is utter nonsense. U really require a suitable PDF reader.

Under these circumstance there are far faster, smaller by download size (Adobe is 35.7MB - Foxit 5.04MB) & more secure free alternatives.

If your choice is still to use Adobe Reader U should refer to this update site:

http://www.adobe.com/support/downloads/product.jsp...
This site gives the latest downloads & explains the rather odd way Adobe conduct their update business.

More details are on the Secunia blog here: http://secunia.com/blog/58/

U may also find another programme in add/remove called Adobe Download Manager. The vendor is NOS systems. It is not required to successfully download any Adobe product & can be safely removed.

++++++++++++++++++++++++++++++++++++++++++++++++++ +
ALTERNATIVE READERS
===================
The most popular appears to be Foxit - details here:
http://www.foxitsoftware.com/
If U do decide to use Foxit Reader I would strongly advise U use the CUSTOM install. Using this method gives U the opportunity to prevent the following additional "bits" being installed:

Desktop Shortcut
Quick Launch Bar
Firefox Plug In
Ask.com
Shortcut to Ebay.
Despite your best efforts U may well find a Foxit Toolbar has been installed. This can be checked & removed by a visit to Control Panel>add/remove.

More readers are available here:
http://pdfreaders.org/


00:21 14/12/2009

Norton

Remove Norton Products with this tool:

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf...






--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0
enigma41352 RE: can't seem to resolve threats
Member 14th Dec, 2009 02:41
Score: 0
Posts: 7
User Since: 27th Nov 2009
System Score: N/A
Location: US
removed adobe air.

adobe items remaining:
acrobat.com
adobe acrobat 5.0
flash player 10 activex
flash player 10 plugin
reader 9.2
shockwave player 11.5
svg viewer 3.0

will opt for alternative reader. remove adobe reader?
what about the remaining adobe items?

norton ghost info says items will be left in various folders to be manually removed.
will this link take care of all or will i have to remove manually?
it also suggests saving the product key which i know nothing about.
Was this reply relevant?
+0
-0
thedillpickl RE: can't seem to resolve threats
Contributor 14th Dec, 2009 03:38
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi enigma41352;

First, follow Maurice's instruction, he knows what he's talking about.

Second, as former Norton user, let me say that their software is hard to get rid of, or so it was in my case. I had Ghost and the antispy/av package. Ghost is a somewhat useful back-up program (there are plenty of other good ones, some are free). I had to sift through all folders (hidden ones too) and the root directory (look for hidden files also) to get rid of Norton. Also had to run a registry cleaner after re-removing the hidden files in the root months later. It kept reinstalling files that tracked what was on my computer to report back to the Norton server (legal spyware?). The new stuff may be different, I'll never try it.


good luck;

Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
enigma41352 RE: can't seem to resolve threats
Member 14th Dec, 2009 04:46
Score: 0
Posts: 7
User Since: 27th Nov 2009
System Score: N/A
Location: US
removed norton with removal tool and removed adobe reader in add/remove. scan still shows adobe acrobat reader after rescanning.
anyway, my thanks for your working with me.
Was this reply relevant?
+0
-0
Maurice Joyce RE: can't seem to resolve threats
Handling Contributor 14th Dec, 2009 11:53
Score: 11744
Posts: 9,002
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Is PSI now showing secure for Flash,Java & Symantec?

Have U got Foxit installed?

I suspect the outstanding problem is that the vulnerability is not on your C Drive.

What is the path to the problem?

FINDING A VULNERABILITY FILE PATH
=================================

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum if U are unsure what to do next.

I am away now until Tuesday PM


--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer