I'm trying to download the well-known framerate and screen recording utility Fraps from fraps.com. When I click the download link, Webroot tells me that this link contains a known threat and blocks it. Can this be correct? Is Webroot overzealously "protecting" me from everything named "setup.exe" that isn't whitelisted?
This is my second day with Webroot. I've heard good things, but am I going to have to get used to a lot of false positives?
Page 1 / 1
I use Fraps myself, let me test the download. Webroot isnt blocking all files named setup.exe, a lot of junkware uses that name so you will see lots of setup.exe`s blocked.
The fraps setup file downloaded from the offiical fraps site is good in our database. I dont have a copy of the full version as membership details are not on this PC.
http://www.fraps.com/free/setup.exe
MD5: 7CCDB06729E2731AF9D0DFBD86B437DE
Good since 2013
I would like some scan logs from your PC to see the detection. Did you make sure you got it directly from fraps and not a 3rd party website?
http://www.fraps.com/free/setup.exe
MD5: 7CCDB06729E2731AF9D0DFBD86B437DE
Good since 2013
I would like some scan logs from your PC to see the detection. Did you make sure you got it directly from fraps and not a 3rd party website?
This afternoon I can click the link without it being intercepted. I think this is because this morning I chose to download the file despite the warning from webroot. Here is a chunk of log from this morning when I was being blocked. As you can see, I attempted to download directly from fraps.com:
Wed 2014-08-06 08:05:19.0764 Blocked website: http://www.fraps.com/free/setup.exe
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.55515 - 0100007F.55771]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.55771 - 0100007F.55515]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.56027 - 0100007F.30488]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.56539 - 19A10517.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.57563 - 702EC2AD.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.58075 - 85E17D4A.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59099 - 88E17D4A.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59355 - 772EC2AD.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59611 - 85E17D4A.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.60123 - 831C5CD8.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.62171 - 831C5CD8.20480]
Wed 2014-08-06 08:09:05.0733 Blocked website: http://fraps.com/free/setup.exe
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.43484 - 0100007F.43740]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.43740 - 0100007F.43484]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.64219 - 0100007F.64475]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.64475 - 0100007F.64219]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.6108 - 0100007F.30488]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.45788 - D3C64F17.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.46812 - 9BE17D4A.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.47836 - 94E17D4A.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.48604 - 145C1548.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.48860 - 145C1548.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.49628 - 03A5EB36.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.50140 - 8DE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.50652 - 7E2EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.51164 - 9BE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.51932 - 8DE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.52188 - 9AC17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.54492 - 8862156B.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58076 - 6E2EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58332 - 5FC17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58588 - 5FC17D4A.47873]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58844 - 89E17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.61148 - 82E27D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.61404 - D802D236.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.62428 - 772EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.63708 - 4A5BE636.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.477 - 1FC54F17.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.733 - 11E7A7D1.20480]
Wed 2014-08-06 08:09:15.0242 Begin passive write scan (1 file(s))
Wed 2014-08-06 08:09:15.0489 End passive write scan (1 file(s))
Wed 2014-08-06 08:09:41.0298 Website determination changed: http://fraps.com [Level: 00000000] [Type: 00000004]
Wed 2014-08-06 08:18:30.0049 Saved updated configuration
Wed 2014-08-06 08:25:46.0273 Blocked website: http://www.fraps.com/free/setup.exe
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.41438 - 0100007F.41694]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.41694 - 0100007F.41438]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.42206 - 0100007F.30488]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.59102 - 035BE636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.3295 - ADB5332E.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5087 - 7464F736.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5343 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5599 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5855 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.6111 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.6367 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.11999 - 831C5CD8.20480]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.12255 - 831C5CD8.20480]
Wed 2014-08-06 08:05:19.0764 Blocked website: http://www.fraps.com/free/setup.exe
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.55515 - 0100007F.55771]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.55771 - 0100007F.55515]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [0100007F.56027 - 0100007F.30488]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.56539 - 19A10517.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.57563 - 702EC2AD.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.58075 - 85E17D4A.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59099 - 88E17D4A.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59355 - 772EC2AD.47873]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.59611 - 85E17D4A.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.60123 - 831C5CD8.20480]
Wed 2014-08-06 08:05:19.0765 Closed network connection: [1C01000A.62171 - 831C5CD8.20480]
Wed 2014-08-06 08:09:05.0733 Blocked website: http://fraps.com/free/setup.exe
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.43484 - 0100007F.43740]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.43740 - 0100007F.43484]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.64219 - 0100007F.64475]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.64475 - 0100007F.64219]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [0100007F.6108 - 0100007F.30488]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.45788 - D3C64F17.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.46812 - 9BE17D4A.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.47836 - 94E17D4A.20480]
Wed 2014-08-06 08:09:05.0740 Closed network connection: [1C01000A.48604 - 145C1548.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.48860 - 145C1548.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.49628 - 03A5EB36.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.50140 - 8DE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.50652 - 7E2EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.51164 - 9BE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.51932 - 8DE17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.52188 - 9AC17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.54492 - 8862156B.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58076 - 6E2EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58332 - 5FC17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58588 - 5FC17D4A.47873]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.58844 - 89E17D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.61148 - 82E27D4A.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.61404 - D802D236.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.62428 - 772EC2AD.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.63708 - 4A5BE636.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.477 - 1FC54F17.20480]
Wed 2014-08-06 08:09:05.0741 Closed network connection: [1C01000A.733 - 11E7A7D1.20480]
Wed 2014-08-06 08:09:15.0242 Begin passive write scan (1 file(s))
Wed 2014-08-06 08:09:15.0489 End passive write scan (1 file(s))
Wed 2014-08-06 08:09:41.0298 Website determination changed: http://fraps.com [Level: 00000000] [Type: 00000004]
Wed 2014-08-06 08:18:30.0049 Saved updated configuration
Wed 2014-08-06 08:25:46.0273 Blocked website: http://www.fraps.com/free/setup.exe
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.41438 - 0100007F.41694]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.41694 - 0100007F.41438]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [0100007F.42206 - 0100007F.30488]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.59102 - 035BE636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.3295 - ADB5332E.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5087 - 7464F736.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5343 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5599 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.5855 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.6111 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.6367 - DE59E636.47873]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.11999 - 831C5CD8.20480]
Wed 2014-08-06 08:25:46.0273 Closed network connection: [1C01000A.12255 - 831C5CD8.20480]
Replying to my reply: I am in fact still getting blocked, but sort of retroactively now.
I click the download link on the fraps Download page and my browser (Firefox 31.0) prompts me to save the file. After I click "Save", then Webroot displays the "Malicious Content Blocked" image.
I click the download link on the fraps Download page and my browser (Firefox 31.0) prompts me to save the file. After I click "Save", then Webroot displays the "Malicious Content Blocked" image.
Welcome bobz to the Community Forum Great to have you here!! What version of WSA do you have by the way?@ wrote:
Replying to my reply: I am in fact still getting blocked, but sort of retroactively now.
I click the download link on the fraps Download page and my browser (Firefox 31.0) prompts me to save the file. After I click "Save", then Webroot displays the "Malicious Content Blocked" image.
We are very sorry you are having these issues. Maybe another expert member can advise here but you can always contact support by issuing a Support Ticket Here and they might want some scan logs from your PC to see the detection.
Please get back to us and let us know if this hasn't been resolved.
EDIT: Excuse me.. bobz... I just noticed you were working with
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.