Categories

  • Announcements regarding the VulnDetect project

    Archived
    14 Topics
    123 Posts
    T

    Version 3.4.0.0 is the latest Stable release.

    It can be downloaded from here:
    https://vulndetect.com/dl/agents/secteerSetup-3.4.0.0.exe
    https://vulndetect.com/dl/agents/secteerSetup-3.4.0.0.msi

  • Post requests for apps that are missing

    Added App Requests
    345 Topics
    2k Posts
    OLLI_SO

    Name of the app:
    LocalSend

    Developer:
    Tien Do Nam

    Website:
    https://localsend.org/

    Download Site:
    https://github.com/localsend/localsend

    Version number displayed in the app:
    1.16.1 (56)

    App-Icon:
    localsend_app_Icon.png

    Here the information extracted from the EXE file:

    File name and path: C:\Users\olive\AppData\Local\Programs\LocalSend\localsend_app.exe Product Name: LocalSend Internal Name: localsend_app Original Filename: localsend_app.exe File Description: LocalSend Company: Tien Do Nam Legal Copyright: Copyright (C) 2022-2024 Tien Do Nam. All rights reserved. Legal Trademarks: Comments: File Version String: 1.16.1+56 File Version: 1.16.1.56 Product Version String: 1.16.1+56 Product Version: 1.16.1.56

  • Post requests for apps that you wish to see updated automatically

    22 Topics
    35 Posts
    OLLI_SO

    Please add Keeper Password Manager to the Auto-Patching process, so it is automatically updated (when I select it).
    I post one app in one topic, so we can keep the topics smaller.

    For Keeper Password Manager there is a Choko package available:
    https://community.chocolatey.org/packages/keeper

  • Announcements regarding the VulnDetect project

    39 Topics
    39 Posts
    T

    Can I uninstall the Agent using the Agent and Custom Software?

    Yes, that is doable, although you won't be able to see the correct state in the Job Activity, because the system won't be able to report back to the backend.

    Here is a PowerShell script that does that:

    # Set environment variables for 32-bit and 64-bit Windows $ProgramData = $env:ProgramData $SecTeer = "SecTeer VulnDetect" $myTaskPath = "\$SecTeer\" if ($env:PROCESSOR_ARCHITECTURE -eq "x86") { $agentRegPath = 'Registry::HKLM\Software\SecTeer\Agent' $appRegPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" $ProgramFiles = "${env:ProgramFiles}" } else { $agentRegPath = 'Registry::HKLM\Software\WOW6432Node\SecTeer\Agent' $appRegPath = "SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" $ProgramFiles = "${env:ProgramFiles(x86)}" } $SecTeerPath = Join-Path -Path $ProgramFiles -ChildPath $SecTeer # Determine the uninstall method - prefer EXE uninstaller if available $command = if (Test-Path -Path "$SecTeerPath\unins000.exe") { Join-Path -Path $SecTeerPath -ChildPath "unins000.exe" } elseif (Test-Path -Path "$SecTeerPath\unins001.exe") { Join-Path -Path $SecTeerPath -ChildPath "unins001.exe" } else { $null } # Launch the uninstaller if found, attempt MSI removal otherwise if ($command) { try { $processSpecs = New-Object System.Diagnostics.ProcessStartInfo $processSpecs.FileName = $command $processSpecs.RedirectStandardError = $True $processSpecs.RedirectStandardOutput = $True $processSpecs.UseShellExecute = $False $processSpecs.Arguments = "/VERYSILENT /SUPPRESSMSGBOXES /FORCECLOSEAPPLICATIONS /NOCANCEL" $process = [System.Diagnostics.Process]::Start($processSpecs) $process.WaitForExit() } catch { Write-Warning "Failed to start the uninstaller process: $_" } } else { try { Uninstall-Package -Name "$SecTeer" -Force -ErrorAction SilentlyContinue } catch { Write-Warning "Failed to uninstall the package: $_" } } # Remove all scheduled tasks related to SecTeer VulnDetect $scheduleTasks = @( "SecTeer VulnDetect*", "SecTeerVulnDetectAgentStateMonitoring", "SecTeerVulnDetectMaintenance*" ) foreach ($taskName in $scheduleTasks) { try { Get-ScheduledTask -TaskName $taskName -TaskPath "\" -ErrorAction SilentlyContinue | Unregister-ScheduledTask -Confirm:$false } catch { Write-Warning "Failed to unregister task $taskName: $_" } } # Clear registry remnants in Add/Remove Programs try { Get-ItemProperty "HKLM:\$appRegPath" | Where-Object { $_.DisplayName -like "$SecTeer*" } | Remove-Item -Force -ErrorAction SilentlyContinue } catch { Write-Warning "Failed to remove registry remnants: $_" } # Purge leftover files and folders try { $folderToRemove = Join-Path -Path $ProgramData -ChildPath $SecTeer Remove-Item -Path $folderToRemove -Recurse -Force -ErrorAction SilentlyContinue } catch { Write-Warning "Failed to remove folder $folderToRemove: $_" } Write-Output "$SecTeer has been successfully removed."

  • Detection errors and issues should be posted here

    Solved Detection Issues
    430 Topics
    2k Posts
    A

    Hi, OLLI!

    Thank you for reporting this.
    It has been fixed.

  • Detection errors and issues should be posted here

    Solved Bundling Issues
    44 Topics
    145 Posts
    G

    GeForce is now more supported.
    Users should have migrated to Nvidia App before end of 2024: https://www.nvidia.com/en-us/geforce/news/nvidia-app-beta-update-g-sync-controls-rtx-hdr-multi-monitor/ (last chapter).
    I suggest to move this subject to solved as no more needed.
    Hope this helps.

  • This category will be used to keep track of user contributed suggestions

    Implemented Feature Requests
    143 Topics
    472 Posts
    OLLI_SO

    I am using the CSV export on a daily base, it is really very useful.
    But sone things should really be improved.

    Recommended Version
    For some tools (like “MiTeC Icon Explorer") the recommended version (5.2.0) is older, than the installed version (5.3.0). In the list of applications you do not show a recommended version.
    In my CSV export I have 15 applications, where the recommended version is different, but only for 3 entries the recommended version is newer.
    Therefore, the recommended version should not be exported, when it is older or equal to the installed version.

    Export Tool Collections
    All tools from "Sysinternals" are bundled as "Sysinternals Suite".
    The whole suite including all apps is not exported.
    You should export the package headline ("Sysinternals Suite") and also all included tools.
    I do not know if it causes trouble when the package headline ("Sysinternals Suite") has an empty column "File".

    Identical naming for Apps in Tool Collections
    All tools from Sysinternals begin with the text "Sysinternals" (like "Sysinternals DebugView" or "Sysinternals Process Explorer") what is great, when you sort the exported CSV.
    Also all tools from MiTeC begin with the text "MiTeC".
    But only some tools from NirSoft begin with the text "NirSoft" and none of the tools from Nenad Hrg begin with "Nenad Hrg".

    Export status "Patch" and "Update"
    In the UAT instance you show the status "Patch" and "Update".
    This status is not yet exported, but it is really very helpful!

    Please consider these suggestions for the CSV export.

  • This category will be used to keep track of bugs reported by users

    Solved Bugs and Issues
    47 Topics
    278 Posts
    G

    This issue is fixed for quite a long time.

  • Feel free to discuss what was good or bad in Secunia PSI and what you expect from VulnDetect

    18 Topics
    70 Posts
    T

    During testing of the Google Chrome 131.0.6778.109 MSI package, we found that it was broken, resulting in Exit Code 1603 after attempting to spawn a UAC prompt as the SYSTEM user.

    This issue occurs both when upgrading via VulnDetect and Intune. In some cases, it even breaks the existing installation during rollback of the failed update.

    As a result, we pulled the update before releasing it to customers.

    Once Google has fixed the Enterprise "ready" MSI installer, we will update the package and make it available after thorough testing.

    Please "upvote" the following post by Mikhail Gurin if you are affected by this and have a Google account. Hopefully, this will help make Google prioritize the fix: https://support.google.com/chrome/thread/311347547

    For reference, we use the following installers:

    https://dl.google.com/tag/s/dl/chrome/install/googlechromestandaloneenterprise.msi https://dl.google.com/tag/s/dl/chrome/install/googlechromestandaloneenterprise64.msi

    We also tested the EXE-based installers for offline deployment but found that these are incompatible with MSI-based installations.

    It should be noted that the MSI works if launched interactively as a regular user who can approve the UAC prompt.