Forum Thread: Do not remove blastcln.exe

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:

Relating to this vendor:
And, this specific program:
Microsoft Removal Tool: Blaster/Nachi

This thread has been marked as locked.
mijcar Do not remove blastcln.exe
Member 6th Dec, 2012 21:28
Ranking: 0
Posts: 13
User Since: 17th Jan, 2008
System Score: N/A
Location: N/A
Read the following:

You will see in two places that the absence of blastcln is an indication of possible infection by the indicated worm.

It is clear from this that the ABSENCE of blastcln.exe is a red flag indicating infection. In all likelihood, various MS malware checks will look for the presence of this program as a sign of health.

I also think Secunia should check with its sources. It is apparant that blastcln.exe is an integral part of the XP package and is not out of service, despite its age.

This user no longer exists RE: Do not remove blastcln.exe
Secunia Official 7th Dec, 2012 10:33
Last edited on 7th Dec, 2012 10:34 Thank you for sharing your observations.

As for Microsoft Removal Tool: Blaster/Nachi I would like to add that it is indeed no longer supported according to Microsoft. They state so on this page.

My comment in this thread might also be of interest.
mijcar RE: Do not remove blastcln.exe
Member 7th Dec, 2012 17:54
Score: 0
Posts: 13
User Since: 17th Jan 2008
System Score: N/A
Location: N/A
I will grant you half of what you say. If blastcln was installed separately, then it can and probably should be removed.

However, if you will go back and read the last two posts on the first thread to which you directed me, you will see the relevant "other half." If blastcln was part of the XP installation package, you will not be able to install it, at least normally, and doing so might produce a series of other problems.

Moreover, the fact that blastcln is not currently supported as an application does not necessarily mean it isn't being used as a kind of touchstone to indicate an infection. An old dead tree can still be a prominent location marker and the MS article that discusses the blaster infection (which will probably never completely disappear) uses the presence of blastcln.exe as a sign of security.

Was this reply relevant?

This thread has been marked as locked.