Fab's AutoBackup 7 Pro - a must have tool for techs

[britechguy]

Defender will block it.

It makes me insane that Windows Defender (and at least some other similar utilities) will not whitelist NirSoft utilities. They're not an unknown quantity. They are well-known to be legitimate tools. They are easily identified as being them, and not some facsimile of them. I just don't get why legitimate technician tools that have been in use for literally decades are not whitelisted!

Rant over.

 

[fabs]

It makes me insane that Windows Defender (and at least some other similar utilities) will not whitelist NirSoft utilities. They're not an unknown quantity. They are well-known to be legitimate tools. They are easily identified as being them, and not some facsimile of them. I just don't get why legitimate technician tools that have been in use for literally decades are not whitelisted!

Rant over.

Just because of the power those tools could have between bad hands I guess

 

[britechguy]

Just because of the power those tools could have between bad hands I guess

But that's not what any antivirus should be checking. Perfectly legitimate tools can be used for illegitimate purposes. That's always been the case. But the problem does NOT lie with the tool itself.

Technician tools are always going to be "digging under the hood" in ways that malware does, too, but it's not difficult to distinguish between a well-known and respected tool and some other process/program, or it shouldn't be.

 

[fabs]

But that's not what any antivirus should be checking. Perfectly legitimate tools can be used for illegitimate purposes. That's always been the case. But the problem does NOT lie with the tool itself.

Technician tools are always going to be "digging under the hood" in ways that malware does, too, but it's not difficult to distinguish between a well-known and respected tool and some other process/program, or it shouldn't be.

I know that, you don't need to convince me. This was just a possible explanation, fair or not. That's a pain for techs and that's also why I always have to fight this the way I can.

 

[britechguy]

I know that, you don't need to convince me.

OK. I took what you said, and the way you said it, as a justification for what's happening rather than a neutral observation about why it might be happening.

 

[sapphirescales]

@fabs Isn't there a way you could write the functionality into your software itself instead of relying on nirsoft's utilities? Maybe you could do a collab with him or come to an agreement to integrate his software into yours so you don't have to write it from scratch.

 

[britechguy]

Isn't there a way you could write the functionality into your software itself instead of relying on nirsoft's utilities?

The problem being that it's the functionality, and how it's written, that's what's being flagged. Lots of NirSoft Utilities "look like malware" to security suites, because, if you're not paying attention to the source, it is structurally similar to malware. But that's true of anyone using said functionality, so were what you to propose be done, then Fabs would be picked up as possibly malicious.

In the end, the fix for this is whitelisting by the scanners. It would be crazy to ignore the structural hallmarks of malware in general, but it's dirt simple to review, when those hallmarks are observed, what the actual source is. Some sources are not malicious, nor is the code when being used by those sources.

 

[sapphirescales]

The problem being that it's the functionality, and how it's written, that's what's being flagged.

True but I'm assuming @fabs can get his software whitelisted by Microsoft since nirsoft doesn't seem to give a crap whether his tools are detected as malware or not. Unless Defender doesn't take whitelisting into account when a program does something "suspicious."

 

[fabs]

@fabs Isn't there a way you could write the functionality into your software itself instead of relying on nirsoft's utilities? Maybe you could do a collab with him or come to an agreement to integrate his software into yours so you don't have to write it from scratch.

I already had some contacts with him to just be allowed to distribute his tools with Fab's but that's it.

True but I'm assuming @fabs can get his software whitelisted by Microsoft since nirsoft doesn't seem to give a crap whether his tools are detected as malware or not. Unless Defender doesn't take whitelisting into account when a program does something "suspicious."

I will not go further as I definitely do not want to integrate such code that WILL be flagged .There's no possible whitelist for that kind of behavior, even if I DO give a ... about my code. Integrating those tools like they are today is clearly the less worst solution.

 

[britechguy]

since nirsoft doesn't seem to give a crap whether his tools are detected as malware or not.

You have no idea whether Nir Sofer has ever requested these to be whitelisted or not. Nor, for that matter, do I.

I can say, with assurance, that I have made that request through the Feedback Hub (which Microsoft definitely monitors, I've had several issues resolved as a direct result of putting in feedback there). I don't know for certain that it has been ignored entirely, but no useful action has been taken, either.

If anyone feels the urge to read that feedback and either comment on it, upvote it, or both: https://aka.ms/AAkup43

 

[sapphirescales]

There's no possible whitelist for that kind of behavior

Well that sucks. You can't get a certificate from Microsoft that would allow your software to do the same things that nirsoft utilities do?

 

[fabs]

Well that sucks. You can't get a certificate from Microsoft that would allow your software to do the same things that nirsoft utilities do?

I don't think that's even possible. I've never heard about such a "certificate from microsoft" thing.
The only certificate (not from micrsoft though) I have is my code signing certificate but nothing else.

There are some others developers here, so, perhaps one of them will correct me if I'm wrong.

 

[britechguy]

@fabs,

What follows is probably "a stupid question" but I know I can get a much faster answer by asking than by digging through documentation.

I have just purchased a new laptop and, as part of the process, have become a subscriber to M365 Family. So, on the new machine, all of the "classic libraries" like Documents, Music, etc., are actually located on OneDrive, not the computer itself. The machine which I will be backing up for restoration on the new machine uses the same Microsoft Account linked Windows user account, but everything is stored on local storage on this source machine.

Will Fabs Autobackup handle this gracefully, without my having to do anything specific, or do I need to take certain precautions/make certain tweaks, when doing the restore?

Thanks again for this tool. It is, truly, *fab*!

 

[fabs]

@fabs,

What follows is probably "a stupid question" but I know I can get a much faster answer by asking than by digging through documentation.

I have just purchased a new laptop and, as part of the process, have become a subscriber to M365 Family. So, on the new machine, all of the "classic libraries" like Documents, Music, etc., are actually located on OneDrive, not the computer itself. The machine which I will be backing up for restoration on the new machine uses the same Microsoft Account linked Windows user account, but everything is stored on local storage on this source machine.

Will Fabs Autobackup handle this gracefully, without my having to do anything specific, or do I need to take certain precautions/make certain tweaks, when doing the restore?

Thanks again for this tool. It is, truly, *fab*!

To make it work the best, you need to be logged on as the user account that has its folders redirected to OneDrive. It must be administrator and connected to the internet so the files that are only online will be downloaded and copied.

Then, you'll be able to restore the files as usual on the new machine.

 

[britechguy]

@fabs,

Thanks for your reply. But I want to be clear about a couple of things:

1. I will be logged in using the same MS linked Windows user accounts on both machines. Both are administrators (I always "run myself" as an admin - standard accounts are too much of a PITA for the kinds of stuff I need to do routinely).

2. The source machine has all its user data files stored locally. So using Fabs Autobackup to back them up is not a problem.

3. The destination machine will have all its user data folders/libraries now associated with OneDrive space in the cloud. I would be restoring from a backup taken on a machine where that was not the case to one where it is.

The only reason I have added the above is your comment, "connected to the internet so the files that are only online will be downloaded and copied," since there will be no files copied from online from the source machine, and that small bit confuses me.

 

[fabs]

Sorry, I understood that files were on OneDrive on the old machine.
There should not be any trouble doing such a migration since you set up your accounts as administrators.

Anyway, I recommend that you set back Windows folders to their defaults (locally). That's what I would do if I were in this case (personal preference).

 

[JoelM]

Anyway, I recommend that you set back Windows folders to their defaults (locally). That's what I would do if I were in this case (personal preference).

This is my process. If the old machine was set to local folders then I have the new machine set to local folders. Once the FABs restore is done then I switch it to the OneDrive folders and let it start syncing to the cloud for backup. It works cleaner this way.

 

[britechguy]

This is my process.

Anyone care to describe the process, step-by-step, or point to a nice resource for "disconnecting then reconnecting" OneDrive in this way?

 

[JoelM]

Anyone care to describe the process, step-by-step, or point to a nice resource for "disconnecting then reconnecting" OneDrive in this way?

In the OneDrive settings look at the Sync and backup section. The top option on mine is backup important PC folders to OneDrive. There is a button there to Manage Backup. This is where you can choose the desktop, documents & pictures folders. It will redirect the system folders to the onedrive folder and then move all the files there for automatic cloud sync.

 

[fincoder]

I can't see why it would be a problem transferring using Fabs into linked to OneDrive. Wouldn't it be the same as manually copying files into the OneDrive folder? That's what OneDrive is for. I've transferred using Fabs into relocated folders (data stored on a larger secondary drive), worked fine, should be no different if the folders are relocated to OneDrive.

@britechguy if you've already setup OneDrive on the new machine, I wouldn't bother changing that setup, just go ahead and do the transfer.