Frequently Asked Questions (PSI)

Secunia Personal Software Inspector (PSI) 3.0

Answers to all frequently Asked Questions for the Secunia PSI security software. From Scanning and updating advice to security information and technical support.

Permalink

To function correctly the Secunia PSI needs to be able to connect to Secunia's servers. If you experience any issues where the Secunia PSI cannot complete scanning or where the interface will not load and show you the detected programs, then please do the following.

1. Open the control panel.
2. Open Internet Options > Security tab. In Windows7/Vista you may need to click Network and Internet to access the Internet Options.
3. Select the Internet zone and click Custom Level.
4. In Security Settings, go to the Scripting > Active Scripting option.
5. Make sure that Active Scripting is enabled (rather than Disabled or Prompted).
6. Click OK then Yes.
7. Back in the Security tab, select the Trusted Sites zone and click Sites.
8. Type in the following and click Add to add it to the Trusted Sites list: https://*.secunia.com.
9. Click Close then OK.
10. Run the Secunia PSI again to view the scan results.

Please note that some Internet Security Suites (Kaspersky Internet Security is currently an example) have their own settings for trusted sites. In case you are using such a program, you need to allow “https://*.secunia.com” as a trusted site in this program as well as in Internet Explorer. If you experience any difficulty doing this, please contact the vendor of the program.

If you are still having problems with the Secunia PSI, the services on which the Secunia PSI depends may have been disabled. To verify that they are running, type “Administrative tools” in the start menu search bar or open Administrative tools from the Control Panel.

Now click the Services tool, and verify that both the “Secunia Update Agent” and “Secunia PSI Agent” are listed and have their “Startup type” set to “Automatic”.

Windows XP users can also try the following: Navigate to the folder where you installed the PSI (usually C:\Program Files\Secunia\PSI). Right-click the file “psi” and choose “Properties”. Go to the Compatibility tab and place a check at “Turn off advanced text services for this program”. Click OK.

Permalink

The Secunia PSI interface will show you all detected insecure programs on your machine. Many commonly used programs can be automatically updated, and the only necessary action when it comes to them will be to select which language should be installed. For auto-updatable programs without localisation options, no actions are required.

For programs that cannot be auto-updated, use the "Click to update" button (or "Install Solution" in PSI 2.x or the blue download arrow in PSI 1.x). With most popular programs, this will silently install a Secunia SPS package. For more information on SPS, please see this section of our FAQ. For programs that do not yet have an SPS installer, you can proceed with the installation as usual.

If you do not wish any automatic updates to be performed, you can simply disable it during the install of the Secunia PSI. It can also be enabled and disabled in the settings of the Secunia PSI.

Permalink

When you send us a software suggestion, it is critical to select a file that matches the programs actual version number. Typically, the real program number can be found in the programs "About" tab.

To suggest a new program in the Secunia PSI 3.x you can click the "Add program" button in the upper right corner. You can then select an appropriate file to suggest.

To suggest new software from the Secunia PSI 2.x, go to the Scan Results page and click the "Are you missing a program?" button. Then select the file to be used for the software suggestion.

In order to do this from the Secunia PSI 1.x, click "Program missing? Suggest it here!" at the bottom of the Insecure, End-of-Life or Patched tab in Advanced interface mode, then select a file.

Secunia usually process software suggestions within 24 hours on weekdays, although exceptions may apply. If you provide an email address when suggesting software from the 2.x and 3.x branch, we can inform you when the software has been added, or explain why your suggestion was not processed if that is the case.

Permalink

When upgrading Windows you will frequently be required to reboot, or the updates may be installed over several turns. To ensure you are really up to date, try following this procedure:

1. Check Microsoft Update, install all critical updates
2. Reboot your system
3. Repeat step 1, and go to step 2 if anything was installed at this step (repeat as needed)
4. Run a full rescan with the Secunia PSI

Permalink

Vendors release new versions of a program for many reasons, and many newer releases don't contain security fixes. It is important to understand that the Secunia PSI is not a general update checker, but rather a security patch checker.

The implication of this is that whenever the Secunia PSI offers you an update, that update will fix a specific, known security vulnerability.

In these cases, Secunia recommend that you read the vendor release notes to determine if you prefer to install the update or not.

Permalink

This error occurs because the registry key specifying your default browser is not properly set. To solve it, try setting your preferred browser as default again.

If this has not resolved the problem, you can examine the registry key the Secunia PSI uses to determine your default browser. To see this key, open the Registry Editor by typing "regedit" in the box that appears by clicking "Run" in the start menu on Windows XP, or in the start menu search field for newer versions of Windows.

Then navigate with regedit to "HKEY_CLASSES_ROOT\HTTP\shell\open\command". This registry key configures your systems default browser, and the program specified here is what the Secunia PSI is having problems executing. Verify that the path points to your preferred browser, and that the browser indicated has not been removed and is still functional.

These are some typical registry keys from the most used browsers known to work with the Secunia PSI as an example. Please note that these examples are provided only as a courtesy, and Secunia does not officially recommend changing your registry key to any of these values.

1. Internet Explorer
   "C:\Program Files\Internet Explorer\IEXPLORE.EXE" –nohome
2. Internet Explorer 32-bit on Windows 64-bit
   "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
3. Mozilla Firefox
   "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url
4. Mozilla Firefox on Windows 64-bit
   "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
5. Opera
   "C:\Program Files\Opera\Opera.exe" "%1"
6. Opera 32-bit on 64-bit Windows
   "C:\Program Files (x86)\Opera\Opera.exe" "%1"
7. Google Chrome
   "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" -- "%1""Administrator" should be replaced with your username for this to work
8. Apple Safari
   "C:\Program Files\Safari\Safari.exe" -url "%1"
9. Apple Safari 32-bit on 64-bit Windows
   "C:\Program Files (x86)\Safari\Safari.exe" -url "%1"

Please be aware that modifying or deleting the wrong registry key can effectively break your system. If you are not comfortable working with the registry, it is recommended that you request assistance on our community forum.

Permalink

The Secunia OSI identifies a few of the most common programs, while the Secunia PSI can identify thousands. In addition, the OSI is run in a web browser and requires Java to be installed, while the Secunia PSI is downloaded and installed on your computer.

Furthermore, the Secunia PSI has a range of features not found in the OSI, such as automatically updating your programs and automatically scanning on a weekly basis.

Permalink

The Secunia CSI is a commercial product allowing you to scan other computers within a network (such as in an office environment), making it ideal for corporate users. For sales and pricing inquiries please contact sales@secunia.com or visit the Secunia CSI page.

In contrast, the Secunia PSI is a free program designed for private users that only scans the computer in which it is installed. However, both the Secunia CSI and Secunia PSI identify the same number of applications.

Permalink

Secunia’s version rules are updated whenever a vendor releases a security patch for a vulnerability in a program detected by the Secunia Scan Engine.

The version numbers shown as secure by the Secunia PSI are based on Secunia Advisories and our internal tests.

Permalink

In order to determine which programs you have installed, the scan results from the Secunia PSI are matched against the Secunia Files Signatures database.

To check which programs may be vulnerable and which aren't, the Secunia PSI uses your internet connection to send the information from your files to Secunia servers. Since the Secunia PSI depends on this, you cannot use the Secunia PSI offline.

Permalink

For all feature requests or error inquiries, please submit your suggestions or error reports to support@secunia.com (including screenshots, whenever possible).

You can also post to our community forum, found at http://secunia.com/community/forum/

Permalink

Some programs leave behind the older version when updating to a new one. Some vendors do this deliberatively by policy, and some vendors by mistake. An example of a vendor deliberatively leaving behind the old version is Google, who do not remove old versions when installing updates for Google Chrome. This is an intentional policy on Google's behalf, and is done to prevent developers using Chrome from losing any of their work.

How you wish to deal with such older versions is entirely up to you. For assistance, please contact the vendor. You can also post to our community forum: http://secunia.com/community/forum/

Permalink

To locate a detected program via the Secunia PSI, please do the following.

Secunia PSI 3.x
Right-click on the software you want to check. Select "Show details". Double-click the file location.

Secunia PSI 2.x
Go to "Scan Results" and click the “+” character next to the relevant program. Then click the yellow “Open folder” icon.

Secunia PSI 1.x
In the upper right corner click "Advanced" and "Ok" to the message box. Go to the tab where the relevant program is currently showing up. Click the “+” character next to the relevant program and then click “Open Folder”.

If you have followed the steps above you should now see the folder on your computer where the detected program is located. The Secunia PSI has also showed you the exact installation path and the name of the detected file. To examine the file you can right-click on it and choose Properties. The tabs should now show you the same information that the PSI is detecting including product name, product version etc.

Permalink

For the Secunia PSI 2.x, when making support requests on our community forum or by directly contacting Secunia Support, please provide the troubleshoot report for the program in question.
In order to generate this report, you can double-click the programs entry on the Scan Results page. A pop-up window will open, and from here you can click "Troubleshoot Report". You can then copy-paste this report using Ctrl+C and Ctrl+V. This report contains information which is helpful for troubleshooting.

For the Secunia PSI 1.x, enable the Advanced Interface mode, expand the relevant program entry by clicking the “+”, and then click "Technical details". You can then copy-paste this information and provide it as a troubleshoot report.

Be sure to inform the community or Secunia Support which version of the Secunia PSI you are currently using.

Permalink

The Secunia PSI does not officially support proxies, and Secunia do not offer support for using the Secunia PSI on platforms with proxies.

Permalink

The Secunia PSI works by examining files on your computer (primarily .exe, .dll, and .ocx files). These files contain non-specific meta information provided by the software vendor. This data is the same for all users and originates from the installed programs on your computer.

After examining all the files on your local hard drive(s), the collected data is sent to Secunia's servers, which match the data against the Secunia File Signatures engine to determine the exact applications installed on your system. This information can then be used to provide you with a detailed report of the missing security related updates for your system.

Permalink

The Secunia packaging system, from a Secunia PSI user perspective, is a new approach to silent installation and general ease of use. Secunia have been repackaging vendor installers with the intent of making updating, and in particular silent installations and automatic updating, easier to use. Secunia does not in any way alter contents of the file, nor do we add any sort of "extra" installers. Secunia will never add anything to a package that is not installed by the vendor by default, and we strive to disable toolbars and third-party programs bundled along with the installer by the vendors.

The SPS serves as a wrapper around the normal installer, forcing it to install silently.