DO NOT DOWNLOAD FileZilla!

Post Reply
LorenAmelang
Forum Whiz
Posts: 37
Joined: Mon Oct 26, 2009 10:51 pm
My RE system: (being majorly revised...)

DO NOT DOWNLOAD FileZilla!

Post by LorenAmelang » Tue Dec 22, 2015 10:22 pm

I'm trying to get my new Win 10 machine to do FTP from my AXS Port. The only thing that has ever worked for my AXS Port is the ancient WS-FTP95, which isn't even Y2K compliant. But I thought I'd try the "FileZilla" app which is recommended in the OutBack documentation.

Huge mistake!

Despite carefully declining all "additional offers", my FileZilla install hacked my Firefox to use Yahoo search, and installed Chromium on top of my Google Chrome. Google Chrome now opens a Yahoo search tab in addition to any settings I make for other search engines or new tab pages.

See:
https://forum.filezilla-project.org/sea ... mit=Search
And:
https://forum.filezilla-project.org/vie ... &start=195

FileZilla author insists this is not malware... Dozens of users disagree! Has wasted hours for me already...

Turns out if you uninstall Chromium with the regular Control Panel tool, the uninstaller puts up a web page with detailed instructions for undoing all the browser hacks. On my system it was run from:

Directory of C:\Users\loren\AppData\Local\{1A062C5A-3EAE-40E2-5336-650A775E9992}\HowToRemove
05/17/2015 03:52 AM 36,104 chromium-min.jpg
05/17/2015 11:03 AM 69,314 control panel-min-min.JPG
08/31/2015 02:01 PM 199 down.png
11/09/2015 02:14 PM 7,740 ff menu.JPG
05/17/2015 10:50 AM 22,004 ff search engine-min.png
11/09/2015 03:24 PM 4,885 HowToRemove.html
...

Chromium was not installed in Program Files...
C:\Users\loren\AppData\Local\Chromium\Application\46.0.2480.0
12/21/2015 08:25 PM

So far, it looks like the uninstall and all the manual settings changes have restored my system, but it certainly wasted all evening!

So has anyone had any luck with FTP from an AXS Port? With something that understands that it is now 2015?


I've reported this to SourceForge, but somehow I suspect they are in on it...

<https://sourceforge.net/support>
-----
The first Download link:
http://sourceforge.net/projects/filezil ... urce=accel

Above URL led to:
http://sourceforge.straightbuildocean.c ... C7Iw%3D%3D

for the actual download. Is that supposed to happen? And then returned to:
http://sourceforge.net/projects/filezil ... source=dlp

Maybe your site didn't actually host the malware, but you certainly linked to it and it linked back to you...

OK, I just went through that again. If you touch _any_ of the links on the first SourceForge page, you go to straightbuildocean. If you wait about two minutes without clicking anything, you are automatically redirected to:
http://sourceforge.net/projects/filezil ... urce=accel

Presumably that is a clean install - but there is no clue that any action you take other than waiting _minutes_ will get you malware!
-----

User avatar
intellact
Forum Czar
Posts: 703
Joined: Mon Nov 28, 2005 3:20 am
Location: Ontario, Canada
Contact:

Re: DO NOT DOWNLOAD FileZilla!

Post by intellact » Thu Feb 04, 2016 8:34 am

I gather (from a small amount of browsing) that Source Forge is the likely culprit here. I also understand that you can install FileZilla using a ZIP file instead of an Installer, and bypass the grief - but that's just what I'm seeing out there. You may have done more research than I. :smile:
Andrew Welch, creator of WattPlot

donjuedo
Forum Member
Posts: 12
Joined: Wed Nov 18, 2015 11:49 am
My RE system: 48 Gloria 225 watt panels; 2 MidNite Solar Classic 250's; 4 FX3048T inverters; 40 NiFe cells (48 V)
Location: Pittsburgh, PA

Re: DO NOT DOWNLOAD FileZilla!

Post by donjuedo » Thu Feb 04, 2016 12:43 pm

I installed FileZilla last summer, for Windows, and have had none of these problems. I would not blame Outback, or even FileZilla. It looks like some bad guy wanted an effective way to mess with other people's machines, and chose FileZilla as a victim in the mess.

LorenAmelang
Forum Whiz
Posts: 37
Joined: Mon Oct 26, 2009 10:51 pm
My RE system: (being majorly revised...)

Re: DO NOT DOWNLOAD FileZilla!

Post by LorenAmelang » Thu Feb 04, 2016 1:09 pm

Anyone suggesting the FileZilla author is not in on this browser hack should read through this link to his own forum (which now has 223 posts!):
https://forum.filezilla-project.org/vie ... &start=210


BTW: The Cyberduck author has figured out why most FTP clients won't work with the AXS Port:

The reply to LIST is not parsed correctly due to an invalid mask for the files.
Please let the vendor know that the mask for every file entry should match the regular expression (((r|-)(w|-)([xsStTL-]))((r|-)(w|-)([xsStTL-]))((r|-)(w|-)([xsStTL-])))\+?\s+.

For example

Code: Select all

  d-------- 1 owner group 0 Dec 22 10:19 DATALOGS should be 
  d--------- 1 owner group 0 Dec 22 10:19 DATALOGS
  --------- 1 owner group 1845484 Dec 22 10:20 OPTICS.RPY should be 
  ---------- 1 owner group 1845484 Dec 22 10:20 OPTICS.RPY 
If OutBack ever fixes this glaring error, we will be free to use any FTP client.

donjuedo
Forum Member
Posts: 12
Joined: Wed Nov 18, 2015 11:49 am
My RE system: 48 Gloria 225 watt panels; 2 MidNite Solar Classic 250's; 4 FX3048T inverters; 40 NiFe cells (48 V)
Location: Pittsburgh, PA

Re: DO NOT DOWNLOAD FileZilla!

Post by donjuedo » Thu Feb 04, 2016 1:49 pm

LorenAmelang wrote:Anyone suggesting the FileZilla author is not in on this browser hack should read through this link to his own forum (which now has 223 posts!):
https://forum.filezilla-project.org/vie ... &start=210
Ah, ha! I will do more than suggest. I will say with complete confidence that the FileZilla author is not in on this browser hack. How can I be so bold? Because years ago I made the exact same mistake as you did. I went through the same steps with some other software package on the same site, got infected out the wazoo, eventually figured out what happened, and was quite, ahem, "steamed".

Source Forge has those very deceptive buttons to take visitors to some other link. Maybe it's paid. Maybe it's a cover for some conspiracy. Whatever. I don't care. It's misleading to use those "BIG BUTTON" links as deceptive links to take you off track. I have gone off track, and learned I could get some good software but must be careful to avoid those traps. My recommendation would be to avoid Source Forge altogether when you can.

I do realize the FileZilla project recommends that site for a download. Grrr. If you go there and click nothing, the download should automatically start. That first SF page is usually the "bait" page with the "BIG BUTTON" people assume they need to click. It's not always there, but if it is, ignore it. Wait for the automatic download.

Blaming FileZilla for the infection is like blaming Ford when someone plants a bomb in your Ford.

Please don't blame Outback and FileZilla for Source Forge shenanigans. Your fury is justified, but aimed in the wrong direction.

Post Reply