Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FRST NOT SAFE


  • Please log in to reply
5 replies to this topic

#1 Pete777

Pete777

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 11 August 2015 - 11:47 AM

I attempted to download FRST 64-bit to run on my computer and my Norton 360 program said it was not a safe file and removed it. Is there a problem here? Does the EXE file itself contain a virus? Please advise.


Edited by xXToffeeXx, 11 August 2015 - 12:09 PM.
Moved from MRL~


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:47 PM

Posted 11 August 2015 - 12:43 PM

Hi there,

It is a false positive - the tools created and available for download here at BC are safe.

#3 Pete777

Pete777
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 11 August 2015 - 12:47 PM

Good to know. However N360 deletes the file before I have a chance to execute it. Can you give me a workaround?

 

Edit:

I just tried to use RUN rather than SAVE and it got blocked by Windows Smartscreen and N360. Is there a way for you to make this program appear to be safe to all programs that see it as invasive? Not really sure to trust it frankly.


Edited by Pete777, 11 August 2015 - 12:53 PM.


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:47 PM

Posted 11 August 2015 - 12:49 PM

You can turn off Norton 360 before downloading FRST.

#5 Pete777

Pete777
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:47 AM

Posted 11 August 2015 - 01:10 PM

OK, Here's my dilemma: I was referred to this board by the Symantec community blog. So I figure you guys are trustworthy. And I really think you can help with this issue. However, I am VERY dubious about this FRST program triggering my Norton 360 protection. How do I really know it's safe? Just because you tell me it is? Sorry, but with all due respect, I don't know any of you. For all I know, I bypass Norton, launch the program, then I'm off to my local repair shop with my now crippled-beyond-repair laptop to pay them $300.00 to fix it.

 

Can you create a SAFE application that will do what this one is supposed to do? We end users need to feel comfortable about what we're downloading from a site that is purportedly there to help us.  

 

Submitted with respect.


Edited by Pete777, 11 August 2015 - 01:59 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,471 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:47 AM

Posted 11 August 2015 - 02:56 PM

Bleeping Computer's hosted programs for download are trustworthy, safe and malware-free. However depending on the product some anti-virus software and other security scanners may flag certain programs as a threat for a variety of reasons when that is not the case.

Let me explain why....certain embedded files that are part of legitimate programs and specialized fix tools (like FRST), may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.

When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In these cases the detection is a "false positive" and can be ignored.

Most of the well known specialized tools we use against malware are written by experts/Security Colleagues at various security forums like Bleeping Computer, TechSupport, GeeksToGo, SypwareInfo and other similar sites so they can be trusted...again this includes any program hosted by BC for download. FRST was created by Farbar, a Security Developer who has also created a number of other tools used by malware removal experts. Unfortunately, many of these tools are repeatedly falsely detected by various anti-virus programs from time to time for the reasons noted above.

The problem is really with the anti-virus vendors who keep targeting these embedded files and NOT with the tools themselves. We can inform the developers but they have encountered this issue many times before and in most cases there isn't much they can do about it. Once the detection is reported to the anti-virus vendor, they are usually quick to fix it by releasing an updated definition database.

Either have your anti-virus ignore the detection or temporarily disable it until you download and run the tool.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users