Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: blastercln.exe update
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Microsoft |
And, this specific program: Microsoft Removal Tool: Blaster/Nachi |
| joe schmoe | blastercln.exe update |
|---|---|
 |
14th Oct, 2012 02:12 |
|
Ranking: 37 Posts: 99 User Since: 26th Nov, 2008 System Score: 100% Location: US Last edited on 14th Oct, 2012 02:14 |
Thread I found alluding to the 99% PSI score due to due diligence by Secunia here: http://secunia.com/community/forum/thread/show/133... Re end-of-life status: Ignore rule for blastcln.exe bothered me somewhat because in a few rare cases, not many., a vulnerability could be discovered and used to run the archaic and now unsupported code of an end-of-life file in an unforeseeable way. I believe that is why Secunia has always made the effort to notify users and subscribers that end-of-life software is present on their system. It has always been a part of their mission. So, to me at least, setting ignore would allow blastcln.exe to remain on the system and would then only bring the PSI score up to 100%; but not address the real problem, that any end-of-life software, executable, dll file, etc., could be exploited and used without user consent or knowledge. So, with ignore set, I could find myself in a situation where an end-of-life item is now a known vulnerability. which to me, is worse than being irked by a lower safety score and rating by PSI. To top that off, PSI could not notify me of the known vulnerability because it was set to ignore the file, in the first place. Tho the chance that end-of-life software can be exploited is very low, the possibility still exists and the consequences could be very high. So, with that out of the way, using the link posted above, two iterations stood out for me. 1.) The warning box spoken of in the url link topic above re system damage did not mention that sfc also wanted to run immediately after blastcln.exe was removed from the system32 folder (after the backup copy in dllcache folder was removed first). That necessarily means that, should one of us ever run sfc/scannow command at a later time and date, blastcln.exe will be replaced by this process automatically when using the XP CD called for. All the discussion and work to clear/reset PSI will be then for naught, as blastcln.exe is apparently a protected system file. 2.) There was another location for blastcln.exe. Windows Search found it at: C:\WINDOWS\$NtServicePackUninstall$. I deleted that as well. No mention of this anywhere in any thread. File is not needed, is obsolete, so why not? Do not run sfc /scannow command unless you have to. If you do, this issue will come back again because it is a protected system file. -- XP Pro SP3 P4 3.2 HT 2 GB RAM Avast! 8.0.1483 AIS Win 7 Home Pro SP1 Pentium D 2.8 2 GB RAM Avast 8.0.1489 AIS Secunia PSI 2.0.0.3003 & Secunia PSI 3.0 |
| SteveSecunia14 | RE: blastercln.exe update | ||||||||
|
|
14th Oct, 2012 02:23 | ||||||||
| Score: 3 Posts: 29 User Since: 10th Oct 2012 System Score: 93% Location: US |
Cause: Microsoft has stop supporting that version of the tool. I was having the same problem on my xp sp3 home addition pc. Until I did this Fix: Reboot your pc into safemode. log on to your account. Do a search for the File: blastcln Set up the search results as follows. Click on All files and folders. where it says: (All or part of the file name) type in blastcln where it says: (Look in) select My Computer where it says: (More advanced options put a check mark in: Search system folders Search hidden files and folders Search subfolders Click on search. After the search has finished. Delete all files found. Then empty the recycle bin. Reboot You should have no more problems with MSRT Blaster/Nachi and Secunia |
||||||||
|
|||||||||
| GRBUWU | RE: blastercln.exe update | ||||||||
|
|
19th Oct, 2012 20:54 | ||||||||
| Score: 1 Posts: 1 User Since: 14th Jun 2008 System Score: N/A Location: N/A |
Hi: Steve Secunia; Followed your instructions for search in safe mode and file does not exist on my PC. Could this be a false report? I'm thinking yes. Thanks for a detailed solution! LJ(GRBUWU) |
||||||||
|
|||||||||
| SteveSecunia14 | RE: blastercln.exe update | ||||||||
|
|
20th Oct, 2012 07:29 | ||||||||
| Score: 3 Posts: 29 User Since: 10th Oct 2012 System Score: 93% Location: US |
Hi LJ, Could this be a false report? No. Removing blastcln or any other variant of this file from safe mode is completely wiped off your system. Regards, Steve |
||||||||
|
|||||||||
