- I'm trying to install the Secunia PSI, but I get the error that the PSI.EXE file is "not a valid Win32 application". What does that mean?
This error can occur if the PSI.EXE file has been corrupted or damaged in the download process. To remedy this, please perform the following:
- Delete all copies of PSI.EXE on your computer.
- Open Windows Explorer.
- Go to Tools>Folder Options (in Windows XP) or Organize>Folder and Search options (in Windows Vista).
- In the View tab, select "Show hidden files and folders" and select OK.
- In the Windows Explorer address, go to "C:\Documents and Settings\\Local Settings" (in Windows XP) or "C:\Users\\AppData\Local Settings" (in Windows Vista).
- Delete the Temp subfolder.
- Restart your computer.
- Try to download the PSI.EXE file again.
- I'm trying to upgrade the Secunia PSI from one version to another, but the upgrade failed. What can I do?
If the upgrade failed as a result of the previous version not being uninstalled, please refer to 3) for instructions on manually uninstalling the Secunia PSI. Once you've completed this, try installing the latest version of the PSI again.
- I'm trying to uninstall the Secunia PSI on Windows 2000, but the uninstall failed. What can I do?
Secunia is aware of this issue, and wishes to sincerely apologise to anyone who was inconvenienced. Secunia wishes to also thank everyone who reported the issue, and appreciates your willingness and patience in working with us to improve the quality of the Secunia PSI.
The problem is due to the Secunia PSI requiring the Windows service utility SC.EXE. This file is not installed by default on Windows 2000 systems. A resolution is available starting with Secunia PSI v.0.1.0.2.
Please refer to the following instructions in order to manually uninstall the Secunia PSI. You can either use the Windows Installer Cleanup Utility Tool from Microsoft, or edit your System Registry manually:
Using the Windows Installer Cleanup Utility Tool
===
- Download and install the Windows Installer Cleanup Utility tool from the Microsoft website.
- Run the Windows Installer Cleanup tool.
- Select Secunia PSI (BETA) from the list of programs and press Remove.
Manual System Registry Modification
===
NOTE: The following solution requires that you manually edit the system registry. Incorrectly modifying the system registry MAY result in unpredictable behaviour for your system. We recommend that you thoroughly and carefully read the following article before attempting to do the changes.
How to back up, edit, and restore the registry in Windows 2000
How to back up, edit, and restore the registry in Windows XP and Vista
If you feel uncomfortable doing these changes yourself, we recommend that you consult a professional.
===
- Remove the PSI Service. This will prevent the Secunia PSI from starting up in the future:
- Open Registry Editor by clicking on Start>Run and typing REGEDIT.
- In the left panel, go to the following registry key:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services>PSI
- Still in the left panel, right click on the PSI folder and press Delete.
- Remove the PSI from the "Add and Remove Programs" list:
- Still in the left panel of the Registry Editor, go to the following registry key:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>
CurrentVersion>Uninstall>
- Go to Edit>Find and enter the search string "Secunia". Select the "Look at" options Keys, Values, and Data, and press Enter.
- The first found registry data should be the following in the right panel:
DisplayName = "Secunia PSI(BETA)"
- If the above entry exists, in the left panel, locate the subfolder under which the above entry is stored. This should be a subfolder of the registry key:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>
CurrentVersion>Uninstall>
- Right-click on the registry key and select Delete.
- Close the Registry Editor.
- Manually remove the PSI files:
- Locate and delete the entire Secunia PSI installation folder. By default, this is:
C:\Program Files\Secunia
(note that the location of the folder may vary from system to system, depending on the settings you chose when you installed the PSI)
- Locate and delete the following file:
C:\WINNT\system32\drivers\psi_mf.sys
- Restart your system to ensure that the Secunia PSI service does not start.
- I'm trying to install/uninstall the Secunia PSI, but I get the error "Error 2753. File PSI.EXE is not marked for installation". What does that mean?
If you encounter this error, this may be due to the fact that either you have recently reinstalled Windows in your computer, or you have previously installed and uninstalled the Secunia PSI in your computer.
To continue with your new installation of the Secunia PSI, you first have to remove all current traces of the Secunia PSI in your computer. Refer to 3) for instructions on manually uninstalling the Secunia PSI. Once you've completed this, try installing the latest version of the PSI again.
- I'm trying to install/unistall the Secunia PSI, but I get Error 1721. What does that mean?
This is a known issue that seems to be confined to Windows Vista Ultimate systems for Secunia PSI versions prior to v0.1.0.2. This issue has been resolved starting with v0.1.0.2 of the Secunia PSI. For more information you can also refer to this Microsoft Support article.
- I'm trying to install/uninstall the Secunia PSI, but I get the error "Error 1722. There is a problem with this Windows Installer package". What does that mean?
This is a known problem in Windows XP. Please refer to this Microsoft Support article for instructions on how you can remedy this problem.
Alternatively, you can also use the Microsoft Installer Cleanup Utility tool as discussed in 3) for instructions on manually uninstalling the Secunia PSI. Once you've completed this, try installing the latest version of the PSI again.
- Do I need to register to be able to use the Secunia PSI?
You do not need to register to be able to use the Secunia PSI. However, registering allows you to be able to see your Historic Development progress, as well as be informed when new scan rules are available for the Secunia PSI.
- What happens when I cancel my registration?
All the information removes you from the Secunia mailing lists, so you are not automatically informed when there are new scan rules and versions of the Secunia PSI. It also means that all data collected and sent to Secunia about the installed programs in your computer is immediately deleted. However, you will still be able to use the Secunia PSI.
- I have more than one home computer. How do I register each one?
You can register more than one computer by using different user names with the same email address.
- I've tried to register but nothing happens. What can I do?
Make sure that you can access https://psi.secunia.com, and that no firewall or security solution is blocking your access to it.
- How do I configure the Secunia PSI not to scan certain folders?
As of Secunia PSI v.0.1.0.1, there has been an "Ignore Directories & Paths" feature that allows you to tell the Secunia PSI not to include certain folders in the scan. This is especially useful for installation folders or archives that may contain older, insecure versions of your software.
As of Secunia PSI v0.9.0.0 (RC-1), there has been an "Ignore Application" option available in the Toolbox section of every detected application. This allows you to create ignore rules for specific applications only. The previous functionality of creating ignore rules for an entire drive or folder still exists under "Settings>Ignore Rules".
However, please consider that configuring the Secunia PSI not to scan certain folders may have implications for the security in your system. Malware and exploit code may still affect your system if the applications in the excluded folder are insecure. It is therefore recommended that you use the "Ignore Directories" function responsibly.
- Why am I'm experiencing 100% CPU utilisation when it comes to the "Checking for Windows Updates" part of the inspection?
To inspect for missing Windows updates, the Secunia PSI runs the Automatic Update service, which causes an instance of the svchost.exe file to execute. Under some circumstances, such as if you have a certain Windows hotfix installed, this can lead the svchost.exe file to stop responding.
This is a known Windows issue that has a resolution. You can read more about it in this Microsoft Support article.
- Why do I get an error that says, "FindFirstFile failed in..." when I view the error log?
By default, Windows has a 256-character limitation to the number of characters that compose the path to a file. This means that if the complete path to your file, including folders and subfolders, is something like "C:\{250+ characters or so}\file.exe", then the Secunia PSI cannot scan the file. To ensure that all installed software in your system is identified, you can temporarily copy the file(s) into a folder with a shorter path (such as "C:\Program Files\{Software name}").
In addition, you may also receive this error if you have directory or file names that contain non-English or European characters. This is a known limitation. Please note that one of the Secunia PSI requirements is that your operating system be in "US or European languages".
- Why do I get an error in the Secunia PSI Status that says, "PSI File System monitoring unavailable"?
This error can occur if the Secunia PSI encountered an error in the install or uninstall process. To resolve this error, uninstall and reinstall the Secunia PSI, or open the PSISetup.exe file and use the "Repair" functionality.
- I get the error "CRIT: E_WU_..." after using the Secunia PSI. What does this error mean?
These are errors concerning the Windows Update Agent. For any error starting with "CRIT: E_WU....", please refer to these Microsoft Support articles:
- I'm running Windows Vista as an administrator, but I can't get the Secunia PSI to run automatically. What should I do?
Windows Vista implemented more security into the operating system in the form of User Access Controls (UAC), which is enabled by default. This means that even if you are running as a system administrator, you will not be able to configure certain programs, including the Secunia PSI, to run automatically. This is a known limitation.
Because disabling the UAC is not recommended by Microsoft, a workaround available to users of the Secunia PSI in Vista is to manually run the PSI by right-clicking on the icon and choosing "Run as Administrator". An additional workaround is to create a scheduled task that executes at every system startup using the Microsoft Task Scheduler. Make sure that you enable the PSI task to run with "highest privileges".
- The Secunia PSI Status is stuck at "Please wait", and I still don't have scan results. What happened?
The Secunia PSI needs to be able to connect to Secunia servers to complete its scanning. However, if you have configured the security settings of your Internet Explorer, the Secunia PSI may be prevented from getting the scan results. To receive your scan results, you need to do some changes to your Internet options.
To do this:
- Open Internet Explorer.
- Go to Tools>Internet Options>Security tab.
- Select the Internet zone and click on the Custom Level button.
- In Security Settings, go to the Scripting>Active Scripting option.
- Make sure that Active Scripting is Enabled (rather than Disabled or Prompted).
- Press OK then Yes.
- Back in the Security tab, select the Trusted sites zone and click on the Sites button.
- Type in the following and press the Add button to add them to the Trusted Sites list:
http://*.secunia.com
https://*.secunia.com
- Press Close, then OK.
- Run the Secunia PSI again to view the scan results.
To read more on how to do this for other browsers, you can read more about it in this Microsoft Support article.
- For the items marked as "INSECURE", how do I upgrade to the new, secure versions?
Please contact the vendor, or visit the vendor website, for information on how to install, upgrade, or alter third-party software.
The purpose of the Secunia PSI is to identify insecure software versions, and recommend secure versions for upgrade or installation purposes. However, the actual information on maintainance and remediation of the software is the responsibility of the vendor.
- For the items marked as "INSECURE", do I need to uninstall the old version before updating?
Upgrading rules are very much based on vendor specifications. It is recommended that you read the product documentation or contact vendor support to determine the best course of action.
- How do I uninstall items that are not in the "Add or Remove Programs" section?
For programs that are not included in the programs list in the "Add or Remove Programs" section, you should contact the vendor, or refer to the software documentation, for instructions on how to remove the item. In addition, please note that some applications detected by the Secunia PSI may be components of, or bundled with, other applications. In this case, you should refer to support and documentation of the main application.
- Why do I have so many versions of Flash/Java/Program X?
Flash, Java, and other web-based applications may be downloaded onto your system as plug-ins whenever you visit a website that requires it. For example, to play online games your browser may require a certain version of the Flash Player. If the website that you are trying to access sees that you are not running Flash Player, or running an older version, it installs the current version in your computer but does not remove older versions. Hence, older versions can accumulate in your computer, leading to the Secunia PSI detecting multiple installations of these applications.
If you have multiple versions of Adobe Flash Player in your system, the Adobe Knowledge Base has provided this article to help you remove old/insecure versions of Flash.
- Windows Update says my Windows files are up to date, but the Secunia PSI is still reporting my software as insecure. What should I do?
Please check the "Installation path on your computer" value of the detected insecure application. If the installation path begins with "C:\Windows\...", please send all relevant details (including screenshots, whenever possible) to support@secunia.com.
However, please note that some Windows systems may have an "installation backup" folder located in your computer, which can be used to reinstall your copy of Windows programs in the absence of an installation disc. For example, a common "installation backup" folder is "C:\i386".
The Secunia PSI may detect certain Windows programs in these "installation backup" folders as insecure. This may be because Windows Update installs patches only in the default installation folder of Windows, and not in "installation backup" folders. As a result, while your usable Windows files are patched, your backup Windows files may not be.
Another possible explanation is that Microsoft develops files that can be used by third-party vendors (such as .DLL or Framework files). If a vulnerability is patched by Microsoft in the original file, third-party vendors should follow suit by providing updates for their products. However, this is sometimes not the case, and as a result, Microsoft-developed vulnerable files in third-party applications may be detected by the Secunia PSI as insecure if the non-Microsoft vendor fails to supply an update.
You can check if the detected vulnerable file is in a third-party application by checking the "Installation path on your computer". If the value is not "C:\Windows\..." or "C:\WINNT\...", then the vulnerable file is likely used by a third-party application, and should be addressed by the appropriate vendor.
- I've already updated my software version, but the Secunia PSI is still reporting my software as insecure. What should I do?
There is a slight delay between the time you update your software and the time that your Secunia PSI installation checks the Secunia database for updated scanning rules. If you would like to update the scanning results immediately after updating your system, scan your entire computer rather than just a particular software.
If you verify that you are running the recommended latest secure version, but the Secunia PSI still marks it as "Insecure", please see the Answer for 25) below.
- My software has an Automatic Update feature but the Secunia PSI is reporting the version as "Insecure". What should I do?
In this case, Secunia recommends that you update your software manually even if your program has an Auto Updating feature. If you verify that you are running the recommended latest secure version, but the Secunia PSI still marks it as "Insecure", please see the Answer for 25) below.
- I've done all you recommended in 23) and 24), but the Secunia PSI is still reporting my software as insecure. What should I do now?
First, verify that you are referring to the same product in the same location detected by the Secunia PSI. To do this, look for the "Installation path" value for the application detected by the Secunia PSI as insecure.
For PSI BETA, this value is available when you click on the application name from the Overview section. For PSI RC-1, this value is available in the Technical Details toolbox when you click on the application name, or by clicking on the Folder icon in the application list.
Please verify that the application detected as insecure is in the proper location (for example, the Program Files folder) and not in a backup location (for example, in an archived folder). As the Secunia PSI detects all application regardless of whether or not they are currently being used, it may detect applications that are not currently used and thus are not updated.
Second, verify with the vendor if the product version that you have is indeed the latest. If the vendor agrees that you have the latest version, please send all relevant details (including screenshots, whenever possible) to support@secunia.com.
Please take note that due to the large volume of emails, you will likely not receive a response. However, all reported issues are tracked, and detection rules are updated accordingly to resolve all false positives.
- What can happen if I choose not to upgrade or update my insecure or end-of-life software?
The Secunia PSI recommends that you upgrade or update your insecure or end-of-life software to ensure that your system is protected against vulnerabilities located in these software. However, it is of course your prerogative not to upgrade or update as you see fit. In this case, it is important that you understand possible consequences of not performing the update. These include the possibility that your system may experience various malicious attacks (phishing and hacking attacks, automatic installation of malware and spyware in your system) and, in the case of end-of-life software, the discontinued support of the vendor.
- The PSI detects my software as secure, but I know that there is a more recent version of the software. Does this mean that I am really secure?
Software can be detected by the Secunia PSI as secure, even if the vendor has released a more recent version. This is because vendors release software updates not just to patch vulnerabilities, but also to fix software bugs or introduce software enhancements. These fixes and enhancements may be non-security related (for example, adding new functionality or features). Therefore, prior versions of software can be secure even if they are not the most recent ones, as long as no known vulnerabilities are reported in them.
In these cases, Secunia recommends that you read the vendor release notes to determine if you prefer to intall the update or not.
- I recently updated my vulnerable software to a BETA version, and now the Secunia PSI doesn't detect it anymore. What happened?
The Secunia PSI does not monitor and detect BETA versions of software. However, the next stable release after the BETA version will, of course, be detected by the Secunia PSI.
- I keep getting the error message "Unable to locate an appropriate web browser for the requested URL" when I want to update software. What does that mean?
This may be an indication that your system does not have a default browser. To address this error, you have to set your preferred browser as the default application to use when opening certain links.
- To choose Internet Explorer as your default browser, refer to this Microsoft Support article and follow the instructions under the heading "Set Internet Explorer as the default browser".
- To choose Firefox as your default browser, refer to this Mozilla Support article and follow the instructions.
- To choose Opera as your default browser, refer to this Opera Support article and follow the instructions.
- To choose Netscape Navigator as your default browser, refer to this documentation and follow the instructions.
To set other browsers as the default, refer to that browser's documentation.
- My default browser is not IE, but the links in the Secunia PSI keep opening in IE. Why is that?
Some links are set by the Secunia PSI to open in IE. This is because some Windows Update downloads and websites fail to resolve properly when opened by a browser other than IE.
- I can't update Flash no matter how many times I download the solution. What should I do?
In certain instances, the Adobe Flash Player does not successfully update itself when there are open browser windows. To successfully apply the update, please try restarting your system for all file changes to take place.
- What's the difference between the Secunia PSI and the Secunia Software Inspector (the online version)?
The Secunia Software Inspector identifies a few dozen of the most common applications, while the Secunia PSI can identify thousands. In addition, the Software Inspector is run using the web browser, while the Secunia PSI is downloaded and installed.
- What's the difference between the Secunia PSI and the Secunia CSI (for enterprise networks)?
The Secunia CSI is a commercial product designed to allow you to scan other computers within a network (such as in an office environment), making it ideal for corporate users. For sales and pricing inquiries please contact sales@secunia.com or visit this page.
In contrast, the Secunia PSI is a free program designed for private users, and only scans the computer in which it is installed. However, both the CSI and PSI identify the same number of applications.
- The Secunia PSI and the Secunia Software Inspector give different or conflicting results. What does that mean?
If you think you have different or conflicting results after trying out both scans, we suggest that you take notice of the application name, version number, and installation path. Even though an application only has one name, different versions of it may be installed in your system; some of these versions may be secure while others are not.
Since the Secunia PSI identifies thousands of applications, while the Secunia Software Inspector identifies a few dozen, it is recommended that you refer to the Secunia PSI for the most thorough results.
- How often do you update detection rules?
Secunia Research develops new detection rules every time a vendor releases a security patch for any vulnerability in a product detected by the Secunia PSI. For example, new detection rules are created after every Microsoft Tuesday patch cycle, as this allows the Secunia PSI to check if your Windows systems patches are up to date or not.
- Should I scan my computer every time I receive a reminder about new detection rules?
It is recommended that you perform a manual scan on your computer every time you receive a reminder that new detection rules are available for the Secunia PSI. Since new detection rules are created every time a vendor patches a known vulnerability in any of the products monitored by the Secunia PSI, scanning your computer ensures that you are made aware of these new security releases and patches if any of your software is affected.
- Where can I get more information on the security patches that the Secunia PSI tells me I need?
More information on the detected software is available in the Online References section of the Toolbox available for each of your detected programs. For insecure programs, this includes the Secunia Advisory, which contains details on the vulnerability affecting your software, as well as patch information and links.
- Can I use the Secunia PSI even when I'm not connected to the Internet?
The Secunia PSI is able to identify what software you have installed by getting File Signatures from the Secunia Database. To check which software are vulnerable and which ones aren't, it uploads the information from your computer to the Secunia server. Because of these dependencies, you cannot use the Secunia offline, as it requires an Internet connection to both identify the software and give you the results.
- How can I suggest a feature or report an error in the Secunia PSI?
For all feature requests or error inquiries, please submit all suggestions to support@secunia.com, or click on the "Tell us what you think" task (in PSI BETA) or "Feedback" tab (in PSI RC-1) to submit your suggestion via online form. In addition, for error inquiries, please send all relevant details (including screenshots, whenever possible) to support@secunia.com.
Please take note that due to the large volume of emails, you will likely not receive a response. However, all suggested features are tracked, and those that are accepted will be reflected on subsequent versions of the Secunia PSI.
- I have some software that the PSI doesn't detect. What can I do to add them?
For all software suggestions, please click on the "Missing software?" task (in PSI BETA) or in the "Feedback>Then please do it here" tab (in PSI RC-1) to submit your suggestion via online form.
Please take note that due to the large volume of emails, you will likely not receive a response. However, all suggested software are tracked, and those that are accepted will be reflected on subsequent versions of the Secunia PSI.
