Secunia PSI

Chip Fossa · From: Monson, MA, USA (deceased)

Wiz,

I tried to relocate the post you chimed in on with the Secunia link, but alas, gave up, and so here I are.

I've been using Secunia for the past few days. I like it. It works very well.
On my 1st scan it caught 5 problems: 2 INSECURES and 3 END-OF-LIFES. I was able to fix 4 out of 5, but one is giving me the gout:

Adobe Flash Player 9.x - it's not listed in Add/Remove (I have 10.x installed).

It's a wee folder found in WINDOWS\system32\macromed\flash\flash9e.ocx, with only 2 files in it.

Well, it was!!! I just rechecked WINDOWS\system32. All that's listed in the folder,now, is related to activeX10. The flash9e.ocx is gone.

BUT...Secunia says "this program still appears to be insecure".

And a point I was going to make about all this, is when I tried to delete 'flash9e.ocx, I had to get permission.
So I went to 'properties/security' and tried to make it so users/monsonman would have 'full control', but got bogged down in the name listing popups - this is what's confusing. HOW DO I MAKE MYSELF THE ADMINISTRATOR? My account, MONSONMAN, is the auto-administrator. No? I guess not. It works for other things that say you need to be the administrator to do this or that. What was so different here?

So to try and get rid of FLASH9 another way, I uninstalled Adobe 10 and reinstalled it; and here is where I are at this time.

Thanks Wiz, or anyone else, too.

Chipper

Confused

Wiz Feinberg · From: Mid-Michigan, USA

Chip;
Breath deep and fly high!

It used to be that in previous versions of Flash Player, the new edition was installed and the old versions were left alone. After being informed of attack vectors that took advantage of previous versions left in place, Adobe, the new Flash Tsar, has begun uninstalling previous versions from Adobe (but not necessarily those from Macromedia). This happens as you watch the installation progress. Following this upgrade you should reboot! This will remove the Registry entries related to the previous version, plus the components that were in use in your browser when you performed the download and upgrade.

You are confused by Windows Vista's definition of Administrator. So are most Vista users! You think you are the Administrator because you have an Administrator level account. But, looks can be deceiving. You are and aren't the Administrator in Windows Vista. When you are allowed to be the Administrator it is not the same kind of Administrator you were in Windows XP. In that and Windows 2000 operating systems, once an Administrator, always an Administrator.

In Windows Vista you have some Administrator privileges and some Limited User+ privileges. In order to perform system changes you must answer a challenge box and elevate to become "The Administrator" or answer "yes" to allow an action to occur (UAC prompts). Vista identifies this type of account as a "Standard User." The equivalent user in Windows NT, 2000 and XP Professional is called a Power User.

Something Power Users have always been allowed to do is use the Windows "Run As" command to elevate their privileges to an Administrator level. I myself am a Power User under both Windows 2000 and XP Professional, on three computers. I do this for my own protection against Internet threats that require Administrator level privileges to install their malware components. Vista enforces the same restrictions on its Standard User accounts, via UAC and "Run As Administrator" elevation boxes. This is for your good and the good of the Internet.

Despite the built-in restrictions on account types in Vista, it is possible to log into a true Administrator level account and operate from it. You can turn off the UAC prompts entirely and operate just like a Windows XP Administrator. I don't recommend this because you will be much more exposed to malware threats.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Chip Fossa · From: Monson, MA, USA (deceased)

Well Wiz,

That was a very lucid explanation. I even got most of it, except terms like "elevation" and "UAC".

I don't know what UAC stands for and if I were able to turn it off, it would only be for a short note, so as to satisfy Secunia. Then turn it back on.

I'm just trying to figure out how to get rid of this UNSECURE notice/problem as picked up by Secunia.

There were actually 60 other problems that Secunia picked up and fixed, pronto, but the 5 "hard" ones that it found recommended that you be an advanced PCer before attempting any actions towards these 5 problems.

So, what the hey, I gave it a shot, and all went according to Garp, except for that stubborn Flash9.

So, Wizzer, how can I get rid of it? Is it that serious enough to lose sleep over? Let sleeping dogs lie?
I mean, the dang folder/file can't even be found now.

I hate unrequitted stuff like this.

Wiz Feinberg · From: Mid-Michigan, USA

Chip;
Reboot into safe mode, navigate to the %System32%\Macromed\Flash directory and see if any files ending in 9 remain. If so, delete them. Don't open any browsers, just use My Computer to navigate.

You can also update the ActiveX Flash Control, used by Internet Exploder, by going to that directory and running the file: FlashUtil(version).exe, as an Administrator, then reboot. The actual file prefix will have the version number and a letter at the end. You must be connected to the Interwebs to do this ;-)

After you have the latest and greatest version of Flash installed, and the previous version gone, reboot into normal Windows (Yeah, I know; what is normal?) and run the online Secunia Software Inspector Clouseau, but don't trifle with it, because it is from the Suerte!
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Chip Fossa · From: Monson, MA, USA (deceased)

Hi Wiz,

Here's what happened. I went to Safe Mode and to Macromed\Flash.

Nothing with #9 attached to it. However there were 3 outdated files, all from 2003 or 2004. One was a .ocx; another was 'getflash.exe' and the third was 'getflash.exe.manifest'.

I deleted those 3, but Secunia did not change.

Then i tried to accomplish your 'flashutil.exe' in IE, but once again, I don't quite understand where to type this in or look for it. "Where do you run the file"? I have 'flashutil10a.exe' in the FLASH folder.

I did a general system search for flash9e.ocx and came up empty.

How Secunia find something that apparently isn't there? Oh yeah, I looked around in the Registry, also, to no avail.

I've been getting KNOWN SPAM emails urging me to upgrade to Adobe v.10, which I already have installed. Mailwasher Pro picked that up.

Something Picsecous is going on here.
Confused

Wiz Feinberg · From: Mid-Michigan, USA

Chip Fossa · From: Monson, MA, USA (deceased)

The flash version is the same 10.a

When I double click on it, nothing happens.

NOW - after tweaking settings in manage add-ons in Program Tabs and I go to IE a pop-up flag now pops up asking me if i want to allow ActiveX Controls and plug-ins? This does it twice. I hit yes each time.

Digging that hole deeper now. Sad

Wiz Feinberg · From: Mid-Michigan, USA

Try uninstalling Flash Player 10a, rebooting, downloading and installing Flash Player 10a afresh, clearing out your IE Temporary Internet Files, then scanning with the PSI again.

This entire problem may be due to your browser's cache; a.k.a. Temporary Internet Files.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Chip Fossa · From: Monson, MA, USA (deceased)

OK - sorry Wiz. My mistakes. I also went into SECURITY/Custom Level and started changing anything to do with ActiveX from DISABLE to ENABLE and/or PROMPT.

Then when i opened up IE, it immediately notified me not to go surfing, as my PC was at high risk, and would I like to have it auto-set to a secure mode? I clicked on that option and so everything is sort of normal, except the damn FLASH9e.ocx is still there in Secunia.

Forget that link I sent to Wizcrafts. I found it scouting FORUMS on the Adobe website. It had to do with getting rid of F9e.ocx - and other problems associated with that file. Many fixes were so involved and not that 100%, according to other members, that I just gave up. Too much for me; and most everyone was talking about it messing up their PCs and that they actually wanted to continue using it, instead of upgrading to version 10x. Also, they were mostly XP users. Didn't see one post about Vista. I moved on.

Chip Fossa · From: Monson, MA, USA (deceased)

Whoops, our posts crossed. Should I still do as you just mentioned?

Some of those Adobe forum posters mentioned clearing out the temp and cache files, also.

Wiz Feinberg · From: Mid-Michigan, USA

Yes, to the Plank with those unruly Temporary Internet Files! Place em in yard irons and send em to the bottom of the sea!
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Chip Fossa · From: Monson, MA, USA (deceased)

Aye!!! Capn'. Your wish is our command.

But Capn'; if I may, speak for me-self and me-mates.

"To push forth, upon these dreadful seas, and to risk unbridled chaos upon one's body and mind; we therefore demand complete access to the focsle's rum larder, hitherto, without bravado."

ahhh....gick-gick-gick-gick-gick... Very Happy

Chip Fossa · From: Monson, MA, USA (deceased)

Well, Wiz...

I cleaned out the Temp files and caches, rebooted and reinstalled Adobe Player ActiveX Installer, version 10.0.12.36, file size 1.79MB.

But something isn't right. First off, this installer was free. To install Adobe Flasher 10 from the Adobe sight, they want you to pay. I don't ever recall paying for Adobe Flasher or it's updates. Maybe we're talking about 2 different horses, here.

That Flash9.e in Secunia is still there, and Adobe Installer is listed in ADD/REMOVE, but does not show 1.79MB in the file size column. Nothing is shown; Also, it's no where to be found in PROGRAM FILES.

So...something is definitely far afield, here. I'm sure I goofed up the
gear box, again.

Chip Fossa · From: Monson, MA, USA (deceased)

Wiz Feinberg · From: Mid-Michigan, USA

Chip Fossa · From: Monson, MA, USA (deceased)

Thanks Wiz,

I'll give it all another go.

Chip Fossa · From: Monson, MA, USA (deceased)

Didn't work.

Did it twice. Once for for FF and once for IE.

In ADD/REMOVE 2 different Adobes are listed, again with NO MBs listed.

One is AFP 10 PLUGIN (FF)

The other is AFP 10 ActiveX (IE)

And Secunia, now, has no graphics.

I followed your simple instructions.

Confused

Wiz Feinberg · From: Mid-Michigan, USA

Chip Fossa · From: Monson, MA, USA (deceased)

Thanks Wiz. I'll try those directives.

Chip Fossa · From: Monson, MA, USA (deceased)

Oh, the graphics. It wasn't on a browser. I only use FF and IE. It was actually on Secunia's main page.

BUT..it came back. Secunia is a bit slow, sometimes. It picked up something wrong with the latest FF 3.0 version, and I had to reinstall it (according to Secunia's 'solution'). After I did reinstall FF, Secunia didn't pick it up for about an hour.

So, still, the only trouble that still persists, according to Secunia, is Flash9e.

Chip Fossa · From: Monson, MA, USA (deceased)

I was able to locate 'delete cache on closing Firefox browser' in Tools/Options/Private Data;
but couldn't find where to clear the IE cache.

I looked up 'cache' on the web, and immediately got cornfused, because there are many different types of caches.

So maybe you can tell me how to set IE to eliminate it's cache upon closing.

Thanks again, Wiz.

Wiz Feinberg · From: Mid-Michigan, USA

Chip;
Internet Explorer calls its cache by the handle: "Temporary Internet Files." You can direct the browser to clear these files every time it shuts down, by going to Tools > Internet Options > "Advanced" tab > "Security" section > find "Empty Temporary Internet Files folder when browser is closed" and check that option. Click Apply, then OK, to exit the Options window.

You can change the way Internet Explorer caches files from pages you visit by going to Tools > Internet Options > General tab > "Browsing History" section > "Settings" button. When the Options page for Temporary Internet Files opens select one of these options:

"Every time I visit the web page"
or
"Every time I start Internet Explorer"

Click Apply then OK twice to exit the Option window.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog

Forum Index > Computers		Next oldest topic :: Next newest topic