secunia

Discussion in 'Software' started by peterr, Jul 7, 2010.

  1. peterr

    peterr MajorGeek

    Secunia, simple mode, for my my level, always flags FireFox as a threat.
    I update FireFox and it says it is the latest build.
    I read that Firefox considers both MSIE 8 and F.F. as threats but only flags FF.
    Is it best to disregard this F.F. flag, or is there another way to handle this redundant detection?
     
  2. oma

    oma MajorGeek

    I did use Secunia for a while and don't remember if there is a way to "exclude" FF. Strange... Perhaps uninstalling and reinstalling Secunia would do the trick?

    I jumped ship and installed "Update Checker" from FileHippo and haven't looked back. http://www.filehippo.com/ A few days ago I did get offered a Beta version of Chrome browser and I could exclude it in their little program. It worked. When there are updates shown in Update Checker, I just come to MG to download.

    If interested in Update Checker, it's located in the upper right corner of their main web page.
     
  3. mjnc

    mjnc MajorGeek

    Does it still show Firefox as Insecure after doing a new scan?
    I have seen similar issues with Adobe Flash Player being flagged as insecure
    even after uninstalling and updating that plugin. Eventually, for some reason,
    the threat flag goes away.

    If you switch to Advanced Interface mode, you can click the Secure Browsing
    tab and see exactly what it considers to be insecure.
    Sometimes there is a security threat with a browser that will be labeled as
    "Insecure, No Solution", meaning that there is not yet a patch available for that problem.
    In those cases, I think Secunia will not show the browser as a threat, even in
    simple mode.
    Just be sure to do a new scan after updating the browser or any other
    program considered to be insecure. If you have the latest version of Firefox
    installed, that is the best you can do.

    In Advanced Interface Mode, there is a way to set Ignore Rules from the Settings tab where you identify specific programs that will be Excluded from
    consideration during security scans.
    However, I would not recommend adding Firefox to the ignore rule set.

    P.S.
    Just remembered - if you have Adobe Flash Player installed and there is a
    security issue with the version you have installed, that can cause the browser
    to be flagged as Insecure.

    That will be shown in Advanced Interface -> Secure Browsing.
    If that is the case, you will need to download the Adobe Flash uninstall tool
    and run run that before installing the Flash Player update.

    Get the Windows version of uninstall_flash_player.exe

    Get the latest version here: Adobe Flash Player
     
    Last edited: Jul 7, 2010
  4. plodr

    plodr Major Geek Super Extraordinaire

    What version of windows peterr?
    I use Secunia on 5 windows partitions and FF has never been marked as a threat.
    I just now rescanned (XP Home) and the computer came up as 100% secure.
     
  5. TeeCee

    TeeCee MajorGeek

    I also use Secunia, and I also agree, to click the Advanced Interface mode. The Advanced mode is easy to use, too. ;) I think it is just flagging because it is in Simple mode, and not Advanced. Yes, it makes a difference.

    No problem on my end either. If Secunia says there is something wrong, I have found it to be true. Follow what mjnc has listed, and see if that helps, but sometimes, you just need to reboot. Not always, but for some things. Knowing what FF version you have, will help also. ;)
     
  6. peterr

    peterr MajorGeek

    >>I use Win xp home , sp3, and Secunia scanned, in the advanced mode, removed Shockwave Player as end of life.
    It patched Flashplayer 10.x
    It also repeatedly said F.F. 3.6x is an insecure browser. When I click on solution and install the latest F.F. it still says that.
    I rebooted with the same results.
    I uninstalled Flashplayer with the uninstaller then reinstalled it. I uninstalled and reinstalled Secunia.
    It sys F.F.3.6x is insecure and Shockwave player is end of life.
    Secunia is 1.5.0.2
    It patched 53 items.
    Should I remove the end of life programs?
    Sorry about the "mess" but I am trying to sort out issues until it says I am 100%.
    This is a desktop.
     
  7. peterr

    peterr MajorGeek

    I have worked all the problems out except for one.
    I have Shockwave player 11.5.7.6 in my add/remove panel yet the scan flags the 10.x program.
    I tried to upload a snapshot from desktop but it failed; I don't know why as it is JPG.
    So, the path is C:\\Win\sys32\macromed\shockwave 10\SwOnce.dll
    How can I rid the program so it won't be flagged.
    I am not skilled enough to work in the reistry.
     
  8. Earthling

    Earthling Interplanetary Geek

    There is no such path in an XP system. Might it contain typos, or is that exactly how Secunia reports it?
     
  9. peterr

    peterr MajorGeek

    >>I can get as far as Shockwave 10 when I explore windows and then there is no "Swonce.dll but there is a folder called Extras which contains
    1-autodownload
    2-mutiuser32
    3-speechx32
    4-Cbrowserx32
    5-netfilex32
    6-ineturlx32
    7-netlingox32

    I hope this helps.
     
  10. Earthling

    Earthling Interplanetary Geek

    No, that isn't what I meant.

    C:\\ does not exist

    C:\\Win does not exist, but C:\Windows does

    C:\\Win\sys32 does not exist but C:\Windows\System32 does

    See what I mean? It's always better to copy such paths by dragging your mouse over them and when they are highlighted in blue pressing Ctrl C. Then use Ctrl V to paste them in your post.

    The significance of this is that if the path you gave is actually a correct path then it is not surprising that Secunia would pounce on it, as in fact it could be a rogue.

    But because of the nature of the errors in the path I think this is actually just a case of typos.
     
  11. peterr

    peterr MajorGeek

    I created a snapshot of the path to avoid such typos but I could not get it to you.
    I did not know about copy and paste that is why i tried to copy it.
    What then would you advise?
    The Secunia forum said to right click it and delete it but I wanted the ok from this forum.
     
  12. Earthling

    Earthling Interplanetary Geek

    I don't want to advise on that as I'm not a great believer in Secunia et al as they make the simple assumption that later must be better. In my case Secunia would have me remove Thunderbird 2 and replace it with Thunderbird 3, but Thunderbird 3 has problems I'd rather not have to deal with and Thunderbird 2 is just fine. Same argument applies to four other programs on my system, so I'd just rather make my own decisions than put all my trust in a piece of software.

    Perhaps someone else can advise you about Shockwave.
     
  13. mjnc

    mjnc MajorGeek

    Here is a link for the Adobe Shockwave Uninstaller:
    Adobe Shockwave

    You can also get the latest version at the same place.
     
  14. peterr

    peterr MajorGeek

    I removed Shockwave and installed the right one.
    I removed Firefox and installed the right one
    Secunia kept saying FF was a threat. I asked FF for updates and it said none.WRONG!
    I had 3.6.3 and there was a 3.6.6
    After that, Secunia said 100%.
    I do understand the comment about newrer being better and do agree.
    Thank you all.
     
  15. TeeCee

    TeeCee MajorGeek

    Hi peterr, that is good to hear. Always want to strive for 100% ;) I always use my Secunia in the Advanced mode, and it hasn't failed me yet. When it says something needs an update, I have found it does. Glad it worked out for you too ;)
     
  16. peterr

    peterr MajorGeek

    >>I'm happy with it. The problem was that the programs it flagged were in the path besides the newly installed program. Like Flash, there was the new one but also part of an old one.
    I even used Revo to uninstall.
    I went into the path and removed the old ones. I know it is dangerous but there was no choice.
    F..F was a problem b/c when I asked it for updates it said none so I figured it was the latest build. After looking around I found 3.6.3 was not the latest build so I removed it and installed 3.6.6.
    Again this had some residual items that were bothersome but Revo got them.
    I appreciate your the note.
     
  17. mjnc

    mjnc MajorGeek

    So are you saying that the Adobe Flash Uninstaller did not remove all of
    the left over flash components? That stuff was still there after running the
    uninstaller? It did not detect all of the locations and remove what was there?

    I'd like to know, because that means this type of problem could happen again,
    not necessarily to you, but to anyone.
     
  18. Earthling

    Earthling Interplanetary Geek

    This thread prompted me to reload Secunia, but as previously I find it just too intrusive. Ideally I would like to run it manually about once a month as an easy way of establishing which of my softwares have updates available, but that doesn't seem to be possible. I can stop it from autostarting, but whenever it is started manually the autostart flag gets reset.

    Anyone know the secret or must I offload it again?
     
  19. TeeCee

    TeeCee MajorGeek

    Hi Earthling! What do you have checked in settings? Just tick "enable program monitoring," and just that one. I have both that and start on boot, but I prefer it that way. You can also create a rule at the bottom of that same screen. Or, you can just tick the very top one, "Show only easy to Patch Programs". I haven't had any issues with mine, and I like it. I don't find it too intrusive, either. May be because I am on dial up, I don't know, but it has been quite good to me. ;)

    Like I said, I do prefer it do the monitoring, and let me know when something is needed. You can check their forum, for more info. :) Hope this helps you.
     
  20. solaris89

    solaris89 First Sergeant

    I too found the installed version a bit too much. Secunia has an online scanner that is just as thorough and I use it instead. You can sign up for weekly email reminders to run it.

    http://secunia.com/vulnerability_scanning/online/
     
  21. mjnc

    mjnc MajorGeek

    First you have to set Interface mode to advanced,
    then open Settings tab.
    In the PSI Settings group, uncheck Start the Secunia PSI on boot.

    After you have done your scan, right click the system tray icon and Exit
    the program.

    That's how I have always used it and it does not load at Boot time.

    If you are already doing that, you can check the psi.inf file in the program
    directory. The settings in mine look like this:

    [PSI.Service]
    ServiceType = 2 ;SERVICE_FILE_SYSTEM_DRIVER
    StartType = 3 ;SERVICE_DEMAND_START

    Thats not the whole group, but I think StartType is the key.
     
  22. Earthling

    Earthling Interplanetary Geek

    Thanks for those suggestions. Today is gonna be hectic, but I'll try your ideas when I get time. :)
     
  23. Earthling

    Earthling Interplanetary Geek

    That's sorted it. Just ticking Enable Program Monitoring and nothing else gives me exactly what I want. Thanks again. :)
     
  24. mjnc

    mjnc MajorGeek

    You're welcome.

    Since you're now using advanced mode, you should also look at the Ignore rules.
    For example, I added Media Player Classic 6 and Regcleaner, since I'm not going
    to remove them. It just means that they will not be flagged as End of Life so
    you get a higher score. Whoopee Dooo! :)
     
  25. Earthling

    Earthling Interplanetary Geek

    Nah, it can nag as much as it likes about my end-of-lifers, water off a duck's back ;)
     
  26. peterr

    peterr MajorGeek

    ??I went to your link and could not find "update checker".
     
  27. mjnc

    mjnc MajorGeek

    The upper right corner of the FileHippo main page is only for recent most popular
    downloads, so the list changes over time.

    Here is a link for FileHippo's Update Checker

    The Checker scans for (checks) software that is available for download at FileHippo.
    Other installed software may not be scanned.
     
    Last edited: Jul 13, 2010
  28. oma

    oma MajorGeek

    As I said above. Guess one has to look a bit closer to see it. Below is the pic to prove it.

     

    Attached Files:

  29. peterr

    peterr MajorGeek

    I found it and will investigate.
     
  30. mjnc

    mjnc MajorGeek

    Sorry about that.
    That's what I get for just 'scanning'.

    Proof accepted!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds