I often use VirusTotal.com to checkout files I download.

There are two methods of entry, one is by entering the URL of an exe,
and the other is to upload the file you would have downloaded yourself.

If I enter:
https://www.freefilesync.org/downloa...dows_Setup.exe

I get 0/66 on VirusTotal

If I upload the same file I get 6/66.

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

On Sat, 24 Feb 2018 15:19:37 +0000, Fredxx wrote:

If I enter:
https://www.freefilesync.org/download/
FreeFileSync_9.8_Windows_Setup.exe

Ah! I see where you went wrong there. Should be using Linux. Or BSD.




--
This message may be freely reproduced without limit or charge only via
the Usenet protocol. Reproduction in whole or part through other
protocols, whether for profit or not, is conditional upon a charge of
GBP10.00 per reproduction. Publication in this manner via non-Usenet
protocols constitutes acceptance of this condition.

Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

Does virustotal give an MD5/SHA1 so you can tell if the version it
previously checked is the same as the one you have?

On 24/02/2018 15:36, Andy Burns wrote:
Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

Does virustotal give an MD5/SHA1 so you can tell if the version it
previously checked is the same as the one you have?

Only for the one you upload yourself.

The URL doesn't even say how big the file is.

I regard these failings as very big flaws.

I've never heard of it, perhaps it is itself a scam?
I notice looking in the registry huge numbers of server addresses in the
malicious software removal tool list, which seems to be ever growing. I do
wonder sometimes if anyone is policing the web at all for con artists.
Brian

--
----- -
This newsgroup posting comes to you directly from...
The Sofa of Brian Gaff...

Blind user, so no pictures please!
"Fredxx" wrote in message
news
On 24/02/2018 15:36, Andy Burns wrote:
Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

Does virustotal give an MD5/SHA1 so you can tell if the version it
previously checked is the same as the one you have?

Only for the one you upload yourself.

The URL doesn't even say how big the file is.

I regard these failings as very big flaws.

On Sun, 25 Feb 2018 09:00:04 -0000
"Brian Gaff" wrote:

I've never heard of it, perhaps it is itself a scam?

Never heard of Virus Total? It's a legitimate (and useful) service that
has been running for quite a few years now.

On Sat, 24 Feb 2018 16:30:41 +0000
Fredxx wrote:

On 24/02/2018 15:36, Andy Burns wrote:

Does virustotal give an MD5/SHA1 so you can tell if the version it
previously checked is the same as the one you have?

Only for the one you upload yourself.

The URL doesn't even say how big the file is.

I regard these failings as very big flaws.

The obvious simple workaround is to only use Virus Total to examine
files that you've downloaded. Just pretend they don't offer to scan
URLs.

On 24/02/2018 15:19, Fredxx wrote:
I often use VirusTotal.com to checkout files I download.

There are two methods of entry, one is by entering the URL of an exe,
and the other is to upload the file you would have downloaded yourself.

If I enter:
https://www.freefilesync.org/downloa...dows_Setup.exe

I get 0/66 on VirusTotal

If I upload the same file I get 6/66.

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

I have a suspicion you might be expecting rather more from the site than
its intended to deliver....

If you upload a file, it will indeed scan the file for malicious content.

If you scan a URL however it will scan the site/page for malicious web
based content - i.e. attempting drive by downloads, serving malicious
javascript etc.

It seeems unlikely its going to follow every link on a page, then
download every binary linked, scan every one, and and then report back.

On a site listing thousands (millions) of links that would require a
ridiculous amount of bandwidth.


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/

On 24/02/2018 15:19, Fredxx wrote:
I often use VirusTotal.com to checkout files I download.

There are two methods of entry, one is by entering the URL of an exe,
and the other is to upload the file you would have downloaded yourself.

If I enter:
https://www.freefilesync.org/downloa...dows_Setup.exe

I get 0/66 on VirusTotal

If I upload the same file I get 6/66.

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.


The free version contains OpenCandy, which many antivirus flag as malware.


https://en.wikipedia.org/wiki/OpenCandy

On 24/02/2018 17:29, Lancer wrote:
On 24/02/2018 15:19, Fredxx wrote:
I often use VirusTotal.com to checkout files I download.

There are two methods of entry, one is by entering the URL of an exe,
and the other is to upload the file you would have downloaded yourself.

If I enter:

https://www.freefilesync.org/downloa...dows_Setup.exe

I get 0/66 on VirusTotal

If I upload the same file I get 6/66.

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.


The free version contains OpenCandy, which many antivirus flag as malware.


https://en.wikipedia.org/wiki/OpenCandy

I'm very aware of that, but it is sharp practice to supply to VirusTotal
a version of the installer that doesn't have OpenCandy, when the version
you download has.

It's also a shortcoming of VirusTotal not to think a disreputable player
would circumvent their tests.

On 24/02/18 15:19, Fredxx wrote:
I often use VirusTotal.com to checkout files I download.

There are two methods of entry, one is by entering the URL of an exe,
and the other is to upload the file you would have downloaded yourself.

If I enter:
Â* https://www.freefilesync.org/downloa...dows_Setup.exe

I get 0/66 on VirusTotal

If I upload the same file I get 6/66.

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.


Before putting Linux on my system, I used Dsynchronize
http://dimio.altervista.org/eng/

Standalone, no installation. Did everything I wanted without problem.
Haven't yet found anything like it for Linux

On 25/02/18 09:43, Richard wrote:
On 24/02/18 15:19, Fredxx wrote:

Before putting Linux on my system, I used Dsynchronize
http://dimio.altervista.org/eng/

Standalone, no installation. Did everything I wanted without problem.
Haven't yet found anything like it for Linux

Rsync. I enter commands in a script file, and run that with cron.

If you want things invisibly sync'd and backed up without that palaver -
use a synched folder from dropbox, google, owncloud etc....

--
Adrian C

On 25/02/18 10:31, Adrian Caspersz wrote:
On 25/02/18 09:43, Richard wrote:
On 24/02/18 15:19, Fredxx wrote:

Before putting Linux on my system, I used Dsynchronize
http://dimio.altervista.org/eng/

Standalone, no installation. Did everything I wanted without problem.
Haven't yet found anything like it for Linux

Rsync. I enter commands in a script file, and run that with cron.

If you want things invisibly sync'd and backed up without that palaver -
use a synched folder from dropbox, google, owncloud etc....


Thanks.
Installed, had a rummage. Way too many command line options for my needs.

On 25/02/18 11:38, Richard wrote:
On 25/02/18 10:31, Adrian Caspersz wrote:
On 25/02/18 09:43, Richard wrote:
On 24/02/18 15:19, Fredxx wrote:

Before putting Linux on my system, I used Dsynchronize
http://dimio.altervista.org/eng/

Standalone, no installation. Did everything I wanted without problem.
Haven't yet found anything like it for Linux

Rsync. I enter commands in a script file, and run that with cron.

If you want things invisibly sync'd and backed up without that palaver
- use a synched folder from dropbox, google, owncloud etc....


Thanks.
Installed, had a rummage. Way too many command line options for my needs.


so write a script with multiple lines like

rsync -avx --delete --one-file-system /home /backup
Backup (verbose, archive, don't imnclude other mounted volumes and
remove files from backup which have been deleted in the master the
directory tree starting at /home and place the result in the directory
/backup/home )

Really thats all you need to do. Crib. Check result. If not what you
want delve into manual or online and ajust the crib.




Power to do what you want and only what you want comes at the price of
knowing what you want and taking the trouble to learn how to give the
instructions that will make it happen.,

Or simply be content with what microsoft/apple/google decided that they
think you want, and pay for it.




--
"When one man dies it's a tragedy. When thousands die it's statistics."

Josef Stalin

On 25/02/18 12:19, The Natural Philosopher wrote:
On 25/02/18 11:38, Richard wrote:
On 25/02/18 10:31, Adrian Caspersz wrote:
On 25/02/18 09:43, Richard wrote:
On 24/02/18 15:19, Fredxx wrote:

Before putting Linux on my system, I used Dsynchronize
http://dimio.altervista.org/eng/

Standalone, no installation. Did everything I wanted without
problem. Haven't yet found anything like it for Linux

Rsync. I enter commands in a script file, and run that with cron.

If you want things invisibly sync'd and backed up without that
palaver - use a synched folder from dropbox, google, owncloud etc....


Thanks.
Installed, had a rummage. Way too many command line options for my needs.


so write a script with multiple lines like

rsync -avx --delete --one-file-systemÂ* /home /backup
Backup (verbose, archive, don't imnclude other mounted volumes and
remove files from backup which have been deleted in the master the
directory tree starting at /home and place the result in the directory
/backup/home )

Really thats all you need to do. Crib. Check result. If not what you
want delve into manual or online and ajust the crib.




Power to do what you want and only what you want comes at the price of
knowing what you want and taking the trouble to learn how to give the
instructions that will make it happen.,

Or simply be content with what microsoft/apple/google decided that they
think you want, and pay for it.

If you have the opportunity to install (oh, you don't need to install
it) DSynchronize on a windows system, give it a whirl. No fee. No fuss.
Can run as a service to do real-time synchronisation.

On Sun, 25 Feb 2018 11:38:56 +0000
Richard wrote:

On 25/02/18 10:31, Adrian Caspersz wrote:

Rsync. I enter commands in a script file, and run that with cron.

Thanks.
Installed, had a rummage. Way too many command line options for my
needs.

Many programs have many options that many users will never use - read
the manpage, find the relevant switches, write the command in a text
file so you can run it without taking the time to check it all again.
Either run that as a script or just use it to jog your memory if you
need some variation in the arguments.

On Sat, 24 Feb 2018 15:19:37 +0000, Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

IME, it's more likely to be basing its decision on the user agent
supplied by virustotal. You could find that out by asking virustotal
to scan something on a webserver you control, and then looking in the
logs.

Quite a few sites behave differently to certain user agents. Google's
web spidering bot is often treated differently.

Caecilius wrote:
On Sat, 24 Feb 2018 15:19:37 +0000, Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their software
can fudge the results, presumably from knowing the IP addresses used by
VirusTotal.

IME, it's more likely to be basing its decision on the user agent
supplied by virustotal. You could find that out by asking virustotal
to scan something on a webserver you control, and then looking in the
logs.

Quite a few sites behave differently to certain user agents. Google's
web spidering bot is often treated differently.


IME FreeFileSync itself is clean (GPL, source available etc) but is
monetised with Open Candy offering to install unwanted (but generally
not too evil) 'extras'. Malware detection products differ on whether
they regard OC as a reportable threat.

It can be controlled safely *providing you pay attention*. Read all the
screens before clicking yes - if you accept the GPL but unclick the box
saying 'agree to install this unwanted extra cr*p' nothing undesirable
will be installed.

Other than that, you can make a donation to get a clean installer - or
build it afresh from source :-)

OC is quite widely used but it is easy to avoid its 'offers' if you are
awake/careful - thus far.

ChrisK

On Sat, 24 Feb 2018 15:19:37 +0000
Fredxx wrote:

Just be warned, scammers and those pedalling viruses in their
software

"peddling"