Forum Thread: Removed WinZip threat still shown

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
WinZip
And, this specific program:
WinZip 9.x

This thread has been marked as resolved.
IanClements Removed WinZip threat still shown
Member 15th Mar, 2010 18:06
Ranking: 0
Posts: 4
User Since: 15th Mar, 2010
System Score: N/A
Location: UK
When I initially ran PSI, several threats were identified, one of which was WinZip9.

I dealt with all of them, and that of WinZip by uninstalling it (and running a couple of clean-up programs to be sure of getting rid of all (I hope) traces of WinZip.

However, each time I run PSI, it 'finds' this one threat still supposedly on my machine.

Anyone know whether this is a bug in PSI or that I need to do something else (what?) to remove WinZip totally?

Thanks, Ian

Post "RE: Removed WinZip threat still shown" has been selected as an answer.
Maurice Joyce RE: Removed WinZip threat still shown
Handling Contributor 15th Mar, 2010 18:13
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 15th Mar, 2010 18:14
Ian,
Where is the vulnerability showing?

FINDING A VULNERABILITY FILE PATH
=================================

To locate the exact file that the Secunia PSI has detected, use or switch to the ADVANCED interface, then :

1 Click on the + sign of the programme to "expand' it.
2 Click on Technical Details in the Toolbox to see the installation path of the detected file. (Copy (CTRL+C) & paste (CTRL+V) the Installation Path of the file back to the Forum if U are unsure what to do next.

If U solve the problem & do not require further help can U please click the Accept option. This will lock the thread & prevent U & I from receiving unnecessary update emails





























--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+6
-0
IanClements RE: Removed WinZip threat still shown
Member 16th Mar, 2010 00:04
Score: 0
Posts: 4
User Since: 15th Mar 2010
System Score: N/A
Location: UK
Thanks for that quick response.

I hadn't looked at the Advanced option. But now I have, I am both gratified by its comprehensiveness and dismayed that this shows even more programs that no longer are on my system - as well as WinZip also WinDVD Gold 5.

I've also found that when I do the seemingly very good Download solution - very impressive - and run Scan again, it shows the same programs needing updating. Including Microsoft ones (which has its own checking, showing nothing needs updating). (I did check the paths - nothing there).

So thank you for a great program in principle; but my experience is that it doesn't deliver a correct identification of threats or of solutions.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Removed WinZip threat still shown
Handling Contributor 16th Mar, 2010 00:33
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Believe me odd remnants are on your PC. If U follow my previous instuctions it tells U exactly where they are by giving U the path & the option to open the folder they are in for U to see them.

The path is important. The vulnerability could be on a back up drive/OEM partition drive or the recycle bin.





--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
This user no longer exists Moved
Secunia Official 16th Mar, 2010 09:22
Last edited on 16th Mar, 2010 09:22 Moved to appropriate forum
IanClements RE: Removed WinZip threat still shown
Member 16th Mar, 2010 13:23
Score: 0
Posts: 4
User Since: 15th Mar 2010
System Score: N/A
Location: UK
Thanks Maurice. I stand corrected; my apologies.

I did find WinZip files still there; removed them; and that alert has now gone.

The other Insecure Items listed don't seem to ever be solved.

Macromedia Shockwave Player 8.x was updated via the Download Solution, but still remains a threat. So I don't know what I'm supposed to do with this.

Repeatedly downloading the solution to the Adobe Flash Player ActiveX threat (which appears twice in Insecure) doesn't remove the threat alert (I ran both listings).

The Updating Microsoft Office PowerPoint Viewer 2007 alert: neither the Download Solution nor the Solution Wizard seem to work. I have previously run this Download Solution, seemingly successfully, however, the alert keeps popping up.

Microsoft XML Core Services (MSXML) 4.x (another double entried alert) Download Solution (which I have also previously run 'successfully') goes to MS's Update site; where it checks for updates for my computer, and finds nothing under either Express or Custom. So it is not clear what I should then do.

Sun Java JRE 1.5.x/5.x (Requires uninstall) has previously been alerted, a Download Solution activated, but still appears as an alert.
Was this reply relevant?
+0
-0
This user no longer exists RE: Removed WinZip threat still shown
Member 16th Mar, 2010 13:58
Hi,

It would really help if you could specify the program path's. You can get these by expanding each insecure entry (by clicking "+") and pasting the "installation path" field for each entry here.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Removed WinZip threat still shown
Handling Contributor 16th Mar, 2010 14:53
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Ian,
All the programmes U mention could be described as hassle. Solutions are already posted on the Forum but I am happy to reproduce them one at a time (some are lengthy).

Firstly Flash.

UPDATING ADOBE FLASH
====================
Works with Windows XP,Vista & Windows 7 - 32 & 64 Bit systems.

Adobe have not fully mastered(unlike many other vendors) the art of stopping elements of a programme (Flash in this instance) from working prior to an install of a new version. The result is that an "in use" flash ocx file will not be uninstalled. Nor, have they widely publicised the fact that they do not support removal of older versions by using Control Panel>Add/Remove or other 3rd party uninstallers.

Advanced users just need to install the new version(s),then find the old OCX file(s) & zap it/them.

Others may wish to take a longer route to successfully remove a vulnerability from Adobe Flash you should:

1. Download & use the Flash Uninstaller from here:

#####Before actually running the uninstaller it is a good idea to close all browsers,PSI and any other programme U think may be using Flash #####

http://kb2.adobe.com/cps/141/tn_14157.html

2. Reboot to clear out any left over ocx files.

3. Rescan using PSI - if there are any insecure Flash elements left what is the path to them? U should not proceed to stage 4 until all U clear any problems found.(The PSI overview page may look a little odd because it uses Flash for the pictorials)

Note: At this stage,if PSI finds any elements of Flash in the C:\i386 folder or on any drive other than C that is an OEM reinstallation partition (normally D drive) or a drive U use solely to backup your work U can safely create an ignore rule. It may also be in the Recycle Bin.


4. Reinstall the latest Internet Explorer Flash Player from here:

http://www.filehippo.com/download_flashplayer_ie/ (I strongly advise U not to select the Beta version unless an advanced user). The latest stable & secure version is: 10.0.45.2

4A.If U are also using Firefox, Opera and other Gecko-based browsers U need this link as well:

http://www.filehippo.com/download_flashplayer_fire... (Again, I strongly advise U select the stable & secure version: 10.0.45.2)

Security.
Adobe also have a very bad habit of changing your Flash settings each time they plug vulnerabilities. To change the security settings to your liking & regain control of your PC click here:

http://www.macromedia.com/support/documentation/en...

Bloat ware.
If you used the Adobe site, rather than FileHippo to update you will also find they try or have installed an unnecessary Download Manager.

It is bloat ware by a third party Company called NOS. If found I would uninstall it via Add/Remove.

Revised by MJJ March 2010
































--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+7
-0
IanClements RE: Removed WinZip threat still shown
Member 16th Mar, 2010 17:28
Score: 0
Posts: 4
User Since: 15th Mar 2010
System Score: N/A
Location: UK
Thanks Maurice. Sorry that as I newbie I am not aware of all the options/solutions. Grateful for your forbearance and help.

I should be OK now.

Kind regards, Ian
Was this reply relevant?
+0
-0
Maurice Joyce RE: Removed WinZip threat still shown
Handling Contributor 16th Mar, 2010 19:29
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Ian,

Good news - just to repeat, there is a solution to all the vulnerabilities U have found on your system on this Forum.

For the future, PSI will find any vulnerabilities which is their core business.
They have kindly offered a toolbox in the advanced mode that does give a general solution but it does not (as U have found)remove the responsibility of a programme vendor from fixing their own problems.

If U are now totally happy could I ask U to activate the accept option. This will lock this thread & prevent U & I from receiving update emails.

U can always create a new thread if U get stuck & someone will always help U.









--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0

This thread has been marked as locked.