Closed Release Candidate 6

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

Just a thought, what browser are you using? It sounds like Edge since it intercepts the download. Maybe try another browser?

After some testing I managed to bugger myself up a little.

I've never had any problems with false positives with SpinRite so I looked through the Group Policy Editor (I have some custom settings for Windows update and Defender) to see how it was set. I used Edge to get a new sr61pr.exe - no problems. Firefox - no problems.
I changed some things, tried Edge again and got "Couldn't download - virus detected." Firefox - no problems.
Changed it all back and still "virus detected" with Edge.
Now with different settings than I originally had I can download sr61pr.exe with Edge without getting the virus warning.

For me it's the "Cloud-delivered protection" setting.
With it set to On I get "virus detected"
With it set to Off I get a normal download.


shrugs, maybe it's just me.
 
describe how Win11 refuses to run SR61 and immediately, unconditionally and irretrievably deletes the binary.
I really feel for your frustration. I think Microsoft's detection of malware is over keen to declare anything a problem. Microsoft would prefer you only use their failed store I presume. Steve has gone to GREAT LENGTHS to try and make MS's scanner(s) happy with his code. He signs it and that should be enough, but it appears not for everyone. (I personally have never had ANY issue but I use Firefox. I recommend you try downloading with Firefox. It's what I use, and it has never failed a download of SpinRite for me.)
 
I'm trying to come up with a reliable set of steps that will work for everyone. Since I'm unable to create these problems for myself, even using Edge, I need someone who is having these problems try this.

Here's the broad overview of the approach:
  1. Briefly disable Real-time & Cloud-delivered protection
  2. Download SpinRite
  3. Add a permanent exception for its executable file.
  4. Re-enable Real-time & Cloud-delivered protection.
Here's a step-by-step way of doing that:
  1. From the desktop, click the "Search" magnifying glass and search for "Windows Security"
  2. Open the Windows Security App.
  3. Click on: Virus & Threat Protection
  4. Under "Virus & Threat Protection Settings" click "Manage settings"
  5. Turn Real-time protection —> OFF.
    (Again, note that Windows will automatically turn it back on in case you forget to do so.)
  6. Turn Cloud-delivered protection —> OFF.
  7. Open your browser and download your copy of SpinRite.
    You may open it if you like, but we should create a permanent exclusion for it. So...
  8. Back in the "Windows Security" app, scroll down to the bottom to "Exclusions", click "Add or remove exclusions"
  9. Click "Add an exclusion" then "File" in the drop-down menu.
  10. Browse to the location where you downloaded SpinRite and select it. Windows will now leave it alone.
  11. Use the "back arrow" at the upper left to return to "Virus & threat protection settings."
  12. Re-enable Real-time protection —> ON.
  13. Re-enable Cloud-delivered protection —> ON.
You should now be able to run your downloaded copy of SpinRite without any harassment. :)
 
For me it's the "Cloud-delivered protection" setting.
With it set to On I get "virus detected"
With it set to Off I get a normal download.


shrugs, maybe it's just me.
Tazz:

Since you ARE able to get Windows to harass you, could you turn "Cloud-delivered protection" back on, then try the 11-steps I have outlined above? It looks like a lot, but it's really just:
  1. Briefly disable Real-time protection
  2. Download SpinRite
  3. Add a permanent exception for it.
  4. Re-enable Real-time protection.
(What I'm wanting to confirm with your help is that disabling Real-time protection while Cloud-delivered protection is enabled, will allow SpinRite to be downloaded.)

Thanks!!
 
(What I'm wanting to confirm with your help is that disabling Real-time protection while Cloud-delivered protection is enabled, will allow SpinRite to be downloaded.)

Umm, sort of a snag there.
I triggered "Abuse Prevention Block", presumably from too many downloads in a row (16).
 
I swear I didn't touch anything.
It's downloading normally now no matter what I do.
Real time on or off
Cloud delivered on or off
any combination allows a normal download.

Maybe it's learning?
 
I swear I didn't touch anything.
It's downloading normally now no matter what I do.
Real time on or off
Cloud delivered on or off
any combination allows a normal download.
Okay! Thanks for trying. That's the other annoyance... I also never had any trouble on a Win11 machine. And others have reported that downloading again after an initial failure, often works.

Hopefully, @dije won't give up and he'll be able to help us to find a robust protocol! (y) Thanks!!
 
  • Like
Reactions: Tazz
I manually submitted sr61pr.exe to Microsoft Security Intelligence or Defender or whatever it is and if I'm looking at it correctly it seems that it's only the online scan that has a problem.

srpr sample.PNG
 

Attachments

  • srpr sample.PNG
    srpr sample.PNG
    15.4 KB · Views: 125
Last edited:
Submitting will bnot help much, as each copy is signed with both the GRC cert, and also encoded with a unique serial number.