What to do when Secunia PSI goes crazy?

Topic

New Reply

For several weeks now, booting the PC brings a pop-up saying ‘You have a program that requires a manual update’

Details as follows:
Microsoft Removal Tool:Blaster/Nachi v. 1.5.1.2600.5512 Product Discontinued. End of Life. Click to update.

Updating a discontinued product seems pointless, but I have tried it a few times and get Malicious Software Removal Tool (KB890830). Once I even ran the 2 – 3 hour scan, which raises the question of whether one is supposed to do that every month – I’ve always assumed this tool was like all the other Patch Tuesday updates, to be installed and left to get on with it.

Finding the continual pop-ups and the red Secunia icon irritating, I eventually deleted the exe. file manually from Windows/System 32 and run Secunia every week as usual, but it still insists the non-existent file needs to be removed.

Do I just ignore the pop-ups until such time as Secunia sort themselves out, or do I need also to remove something from the registry?
Windows XP SP3
TIA

Reply | Quote

Replies

Don’t let Secunia run at startup. Then the pop up will not be there. Run Secunia manually when you wish to.

Reply | Quote

You can just configure Secunia to ignore that program and you won’t get any further notifications about it.

Reply | Quote

… or delete the file AND its backup copy:

A similar question about the obsolete tool was asked in the XP forum here 10 days ago. Windows File Protection in XP SP3 replaces some files when deleted. But as the last post in this thread points out, you can probably find and delete the backup copy which will overcome the replacement: EOL Microsoft Windows Blaster Worm Removal Tool Uninstall

Bruce

Reply | Quote

Thanks for all three suggestions.

@ ruirib
Seemed like the easiest solution, but PSI 3 doesn’t offer this choice in ‘settings’

@ Bruce
I spent quite a lot of time on this, without success. The only reference to Microsoft in ServicePackFiles/i386 was for a TrueType font, and the closest I could find in the 2500+ files in System 32 was dllhost.exe which I thought was best left alone.

I notice that the instructions said to delete the backup before the actual file, so that may be the reason for not finding it.

@ Ted
I am undecided at the moment between your proposal and putting up with the popup. My concern is that removing Secunia at startup may mean missing updates as they become available, leading to the need for a lengthy scan every few days. I’ll probably give it a try.

Reply | Quote

Seemed like the easiest solution, but PSI 3 doesn’t offer this choice in ‘settings’

Right click on the program, then “Ignore updates to this program”.

Bruce

Reply | Quote

Right click on the program, then “Ignore updates to this program”.

Bruce

That’s brilliant!. Thanks a lot.

George

Reply | Quote

@ ruirib
Seemed like the easiest solution, but PSI 3 doesn’t offer this choice in ‘settings’

Have you tried right clicking the problematic app?

Reply | Quote

Thanks for all three suggestions.

@ ruirib
Seemed like the easiest solution, but PSI 3 doesn’t offer this choice in ‘settings’

Right click on the entry for the program and you’ll see the ignore choice, as well as a way to get details such as where the program actually is.

Reply | Quote

I used a few older programs as well. When PSI alerts you that a program is no longer supported, and keeps bugging you with that popup, the fix is easy. You right-click on the program which PSI says needs to be updated manually. PSI will then show you an option, something like, “Do not track this program in the future.” Next time you run a scan, PSI will ignore that program.

Reply | Quote

I learned this trick when my Secunia v.2 popped up with the blaster alert: go into safe mode then run search for blastcln in all system folders and subfolders. I got 3 instances of its location, deleted them all and bingo!

Reply | Quote

George, I do not miss Secunia at all. I got rid of it when V3 was released. These type apps are personal preference. I do use FileHippo.com on a manual basis. I prefer never letting anything run automatically like that, but that is my personal preference. I do everything manually from WU and all else. I am security conscious enough that I manually check things regularly. I do not like anything not necessary running at startup or in the background.

Reply | Quote

George, I do not miss Secunia at all. I got rid of it when V3 was released. These type apps are personal preference. I do use FileHippo.com on a manual basis. I prefer never letting anything run automatically like that, but that is my personal preference. I do everything manually from WU and all else. I am security conscious enough that I manually check things regularly. I do not like anything not necessary running at startup or in the background.

That’s given me something to consider. Would probably speed up start-up. Must look into FileHippo, as with three PCs to maintain I don’t want to be everlastingly checking if everything is up to date.

Thanks a lot

George

Reply | Quote

FileHippo.comwill not catch everything, and does different things than Secunia, but it has done what I want it to do. The link for the update checker is in the upper right of the web page. FileHippo also likes to load itself in the Startup folder so I use What’s In Startupto delete it from startup.

Reply | Quote

Hi,
I got the same msg from Secunia. This is an old Microsoft tool that’s either been installed with a monthly update or with Windows itself (I’ve found a copy on my SP2 installation CD) and has since been replaced by the “Microsoft Windows Malicious Software Removal Tool”. There is a KB article about it, which also contains instructions for uninstalling it.
HTH

Reply | Quote

I agree that the new Secunia PSI v3 sucks. Fortunately, v2 is still available and works perfectly 😀 (I use it). If you are careful about specifying options during installation, as well as going to the options in the program GUI after you run it and immediately setting exactly what you want, the v2 program neither runs automatically on system startup nor installs any update to the programs it scans automatically.

The v2 installer is available at the Secunia site here (better get it while the going is good!). Look for the link in the rightmost column under PSI 2.0 . If you have v3 installed, I would uninstall it first.

This is just one more of innumerable examples of why one should always carefully file the last couple of installers for every program one uses (also OS upgrades & reinstallations consequently become massively easier, no need to surf to 200 webpages to find installers 🙁 only to find that half the new versions suck :mad:!).

I love Secunia v2.0 because it only lists programs with security issues, like most people with a lot of software as well as a life I have no interest whatever in having all my programs up to the latest versions, hence having to relearn redesigned GUI’s and features umpty times, and copping usually at least one annoying new bug with every release. I’m used to the bugs my old programs have, if I get hungry for more features for a program that’s when I check out the manufacturer’s page, if I haven’t updated it recently via Secunia.

Asus N53SM & N53SN 64-bit laptops (Win7 Pro & Win10 Pro 64-bit multiboots), venerable HP Pavilion t760 32-bit desktop (XP & Win7 Pro multiboot), Oracle VirtualBox VM's: XP & Win7 32-bit, XP Mode, aged Samsung Galaxy S4, Samsung Galaxy Tab A 2019s (8" & 10.1"), Blu-ray burners, digital cameras, ext. HDDs (latest 5TB!), AnyDVD, Easeus ToDo Backup Home, Waterfox, more. Me: Aussie card-carrying Windows geek.

Reply | Quote

I agree with Bigbadsteve – Fortunately, v2 is still available and works perfectly.

Much as I like PSI, I prefer the manual control allowed in 2.0, so uninstalled 3 and went back to 2. Other reason is that I travel, and often do not have a fast internet connection. Maybe Secunia can provide an option to use a similar interface in 3.1.

Reply | Quote

I agree that the new Secunia PSI v3 sucks. Fortunately, v2 is still available and works perfectly 😀 (I use it). If you are careful about specifying options during installation, as well as going to the options in the program GUI after you run it and immediately setting exactly what you want, the v2 program neither runs automatically on system startup nor installs any update to the programs it scans automatically.

The v2 installer is available at the Secunia site here (better get it while the going is good!). Look for the link in the rightmost column under PSI 2.0 . If you have v3 installed, I would uninstall it first.

This is just one more of innumerable examples of why one should always carefully file the last couple of installers for every program one uses (also OS upgrades & reinstallations consequently become massively easier, no need to surf to 200 webpages to find installers 🙁 only to find that half the new versions suck :mad:!).

I love Secunia v2.0 because it only lists programs with security issues, like most people with a lot of software as well as a life I have no interest whatever in having all my programs up to the latest versions, hence having to relearn redesigned GUI’s and features umpty times, and copping usually at least one annoying new bug with every release. I’m used to the bugs my old programs have, if I get hungry for more features for a program that’s when I check out the manufacturer’s page, if I haven’t updated it recently via Secunia.

I just installed 3.0 and then saw your post. I couldn’t find the link to v2.0.

I went into the settings for 3.0 and set it to “don’t run on startup” and “don’t automatically update the software”. Would I still be better off to uninstall 3.0 and load 2.0?

Reply | Quote

I couldn’t find the link to v2.0.

Instructions for finding v.2 are in what you just quoted. But there’s nothing wrong with v.3.

Bruce

Reply | Quote

oh, forgot the link to the KB article: http://support.microsoft.com/kb/833330/EN-US

Reply | Quote

Get rid of it. It caused me grief, so I uninstalled it.

Reply | Quote

The problem is a program called blastcln.exe, which apparently is no longer supported. If you just delete it from WindowsSystem32, it wwill be restored from backup, which is why it keeps coming back. Do a comprehensive search, looking for ALL occurrences of this file, and delete them all.

Reply | Quote