Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
What freeware site do you trust most to find the last known good freeware version?
59 views
Skip to first unread message
Gronk
Apr 7, 2022, 3:08:59 PM4/7/22
to
What freeware site do you trust most to find the last known good freeware
version?
I want to install a certain well known Windows freeware which is no longer
located at the original site where it used to be (as it went payware).
Even though I'm looking for the last known free version of a certain Windows
application, my question is more generic in that I want to know better how
YOU choose between the secondary sites when the primary site no longer has
it.
When you are looking for Windows freeware that no longer exists on the
original site (because it went payware), which freeware site do you trust?
This specific Windows software is called "Carbon" from ClockworkMod which is
found inside the Windows freeware called "Helium Desktop" which is a
companion app to the Android freeware for backup/restore called "Helium
Backup" (but the question I'm asking is more general for all freeware).
[https://nerdschalk.com/how-to-backup-apps-and-data-without-root-using-helium-android-app/]
The ClockworkMod web site no longer has the Helium Desktop freeware.
[https://www.clockworkmod.com/carbon]
Even though the Android "Helium Backup" freeware is no longer on Google Play
[https://play.google.com/store/apps/details?id=com.koushikdutta.backup]
It seems they went the payware route instead, which is the problem to solve.
[https://play.google.com/store/apps/details?id=com.koushikdutta.backup.license]
I picked up the Android "Helium Backup Free" from the Evozi web site.
[https://apps.evozi.com/apk-downloader/?id=com.koushikdutta.backup]
But now I need to find which is the "better" site for the PC freeware.
[https://duckduckgo.com/?q=helium+carbon+download+windows]
That lists many sites for the last known good version of Helium Desktop.
https://helium-backup.en.softonic.com/
https://en.freedownloadmanager.org/Windows-PC/Helium-FREE.html
https://www.malavida.com/en/soft/helium-desktop/
https://carbon.en.uptodown.com/android/download
https://www.softpedia.com/get/Mobile-Phone-Tools/Others/Carbon-Desktop.shtml
The question isn't specific to Helium Desktop freeware but to all freeware.
How do you choose the secondary site when the primary no longer has it?
version?
I want to install a certain well known Windows freeware which is no longer
located at the original site where it used to be (as it went payware).
Even though I'm looking for the last known free version of a certain Windows
application, my question is more generic in that I want to know better how
YOU choose between the secondary sites when the primary site no longer has
it.
When you are looking for Windows freeware that no longer exists on the
original site (because it went payware), which freeware site do you trust?
This specific Windows software is called "Carbon" from ClockworkMod which is
found inside the Windows freeware called "Helium Desktop" which is a
companion app to the Android freeware for backup/restore called "Helium
Backup" (but the question I'm asking is more general for all freeware).
[https://nerdschalk.com/how-to-backup-apps-and-data-without-root-using-helium-android-app/]
The ClockworkMod web site no longer has the Helium Desktop freeware.
[https://www.clockworkmod.com/carbon]
Even though the Android "Helium Backup" freeware is no longer on Google Play
[https://play.google.com/store/apps/details?id=com.koushikdutta.backup]
It seems they went the payware route instead, which is the problem to solve.
[https://play.google.com/store/apps/details?id=com.koushikdutta.backup.license]
I picked up the Android "Helium Backup Free" from the Evozi web site.
[https://apps.evozi.com/apk-downloader/?id=com.koushikdutta.backup]
But now I need to find which is the "better" site for the PC freeware.
[https://duckduckgo.com/?q=helium+carbon+download+windows]
That lists many sites for the last known good version of Helium Desktop.
https://helium-backup.en.softonic.com/
https://en.freedownloadmanager.org/Windows-PC/Helium-FREE.html
https://www.malavida.com/en/soft/helium-desktop/
https://carbon.en.uptodown.com/android/download
https://www.softpedia.com/get/Mobile-Phone-Tools/Others/Carbon-Desktop.shtml
The question isn't specific to Helium Desktop freeware but to all freeware.
How do you choose the secondary site when the primary no longer has it?
Mayayana
Apr 7, 2022, 3:31:46 PM4/7/22
to
"Gronk" <inv...@invalid.invalid> wrote
| That lists many sites for the last known good version of Helium Desktop.
| https://helium-backup.en.softonic.com/
| https://en.freedownloadmanager.org/Windows-PC/Helium-FREE.html
| https://www.malavida.com/en/soft/helium-desktop/
| https://carbon.en.uptodown.com/android/download
|
https://www.softpedia.com/get/Mobile-Phone-Tools/Others/Carbon-Desktop.shtml
|
| The question isn't specific to Helium Desktop freeware but to all
freeware.
| How do you choose the secondary site when the primary no longer has it?
|
That's complicated. Softonic and Softpedia are the only
two names I recognize. But those sites generally don't host files.
The so-called downlad libraries are nearly all just linking to
the author's site. So even when you find an older version it
may not be available. You might click the download link for
Acme's v. 1.2.3 free program and end up at Acme's homepage
for v. 8, which now costs $60.
I once wrote a fairly popular tweaking program that I
discontinued with XP. I removed it from my site. But someone
in Russia listed it from their link. I tried to warn people that
it was not legit and that I had no idea what the Russian source
was offering. But it's not easy for people to understand such
things. You go to a download site, click the link, and get the
software. How many people notice the originating URL? The
sites themselves don't make much money, so it's not worth it
to them to deal with it. Like so many sites now, it's all automated.
If you actually want old versions, that's different. A site like
oldversion.com is offering legit copies of outdated software
from their own server. It's a great place to get formerly
free software like Paint Shop Pro, PDF XChange Viewer,
firewalls, etc.
I've never heard of Carbon, so I can't tell you anything
about that.
| That lists many sites for the last known good version of Helium Desktop.
| https://helium-backup.en.softonic.com/
| https://en.freedownloadmanager.org/Windows-PC/Helium-FREE.html
| https://www.malavida.com/en/soft/helium-desktop/
| https://carbon.en.uptodown.com/android/download
|
https://www.softpedia.com/get/Mobile-Phone-Tools/Others/Carbon-Desktop.shtml
|
| The question isn't specific to Helium Desktop freeware but to all
freeware.
| How do you choose the secondary site when the primary no longer has it?
|
two names I recognize. But those sites generally don't host files.
The so-called downlad libraries are nearly all just linking to
the author's site. So even when you find an older version it
may not be available. You might click the download link for
Acme's v. 1.2.3 free program and end up at Acme's homepage
for v. 8, which now costs $60.
I once wrote a fairly popular tweaking program that I
discontinued with XP. I removed it from my site. But someone
in Russia listed it from their link. I tried to warn people that
it was not legit and that I had no idea what the Russian source
was offering. But it's not easy for people to understand such
things. You go to a download site, click the link, and get the
software. How many people notice the originating URL? The
sites themselves don't make much money, so it's not worth it
to them to deal with it. Like so many sites now, it's all automated.
If you actually want old versions, that's different. A site like
oldversion.com is offering legit copies of outdated software
from their own server. It's a great place to get formerly
free software like Paint Shop Pro, PDF XChange Viewer,
firewalls, etc.
I've never heard of Carbon, so I can't tell you anything
about that.
Big Al
Apr 7, 2022, 4:28:00 PM4/7/22
to
But I agree with Mayayana about the two or three sites offered. I will also download from as many as I can in a limited time and then
compare them. Meaning if all 4 are the same that's good. An oddball size etc is a big 'beware' sign.
Al
Paul
Apr 7, 2022, 8:23:17 PM4/7/22
to
On 4/7/2022 3:09 PM, Gronk wrote:
> What freeware site do you trust most to find the last known good freeware
> version?
>
> I want to install a certain well known Windows freeware which is no longer
> located at the original site where it used to be (as it went payware).
I'm not interested in sites.
> What freeware site do you trust most to find the last known good freeware
> version?
>
> I want to install a certain well known Windows freeware which is no longer
> located at the original site where it used to be (as it went payware).
I want a SHA256 checksum.
Operating without a checksum, is "less trusted".
And I might just have to kiss the idea, goodbye as a result.
When I have the name of the executable, I might try to find
a lead to it on Virustotal. If the signals look good, then there's
a chance the SHA256 on the page is legit. Then when I do find
a dodgy site hosting the file, I can see if the SHA256 matches.
Reverse authentication is only as good as the signals,
and the signal analysis. And like I said, we're already
in "less trusted" territory, and I'm just as likely to give
up and go look at fluffy cat photos.
For example, I tried your "https://helium-backup.en.softonic.com/",
I was given no executable name to work with. And the way I was
treated, made me close the browser.
Sometimes I use archive.org, to trace stuff and try to find linkage.
And there are a few hopping techniques you can use in there.
But if there really isn't a single breadcrumb to work with,
then forget it.
Paul
Gronk
Apr 7, 2022, 9:53:01 PM4/7/22
to
Mayayana wrote:
> If you actually want old versions, that's different. A site like
> oldversion.com is offering legit copies of outdated software
> from their own server. It's a great place to get formerly
> free software like Paint Shop Pro, PDF XChange Viewer,
> firewalls, etc.
Thank you for that "oldversion.com" site where I tried the search engine.
> If you actually want old versions, that's different. A site like
> oldversion.com is offering legit copies of outdated software
> from their own server. It's a great place to get formerly
> free software like Paint Shop Pro, PDF XChange Viewer,
> firewalls, etc.
http://www.oldversion.com/search?query=helium+desktop
http://www.oldversion.com/search?query=helium
http://www.oldversion.com/search?query=carbon
Unfortunately "Helium Desktop" (also known as "carbon") wasn't there.
I also tried "Last Freeware" which has a lot but there's no search.
https://web.archive.org/web/20210122200736/http://321download.com/LastFreeware/index.html
It's not even alphabetical (it just has numbers on the top) and as I tried
the hit-or-miss approach, I got "Account Suspended" messages.
http://www.321download.com/cgi-sys/suspendedpage.cgi
My question isn't really specific to Helium/carbon but more about what site
most people trust that has the freeware once the freeware goes payware?
Gronk
Apr 7, 2022, 10:17:25 PM4/7/22
to
Paul wrote:
> I'm not interested in sites.
>
> I want a SHA256 checksum.
I hear you but most of the time we won't know what the checksum is of the
> I'm not interested in sites.
>
> I want a SHA256 checksum.
last known good freeware version unless someone posts it at the time it
starts to be known that it is converting from freeware to payware.
> When I have the name of the executable, I might try to find
> a lead to it on Virustotal. If the signals look good, then there's
> a chance the SHA256 on the page is legit. Then when I do find
> a dodgy site hosting the file, I can see if the SHA256 matches.
That's a good idea of yours to find out the original name (and hash value).
Maybe this might be the original name?
https://github.com/koush/support-wiki/wiki/Helium-Desktop-Installer-and-Android-App
https://download.clockworkmod.com/carbon/CarbonSetup.msi
Name: CarbonSetup.msi
Size: 18114048 bytes (17 MiB)
SHA256: C92E588CAFC67C62FC10AB57C212CCB52322BB959EC5A0C660151C837B84560C
I tried that msi installer but it failed to install on my Windows 10 PC.
I uploaded that "CarbonSetup.msi" file to virustotal which came out clean.
https://www.virustotal.com/gui/file/c92e588cafc67c62fc10ab57c212ccb52322bb959ec5a0c660151c837b84560c
Your suggested Virustotal site had an interesting history.
Is this normal to have so many names for the same file?
Creation Time 1999-06-21 07:00:00 UTC
First Seen In The Wild 2015-05-03 08:55:52 UTC
First Submission 2015-05-03 14:02:19 UTC
Last Submission 2022-03-31 21:55:54 UTC
Last Analysis 2022-03-31 21:55:54 UTC
Names
6f3d297.msi
7878e6b.msi
Carbon Helium Backup PC Setup.msi
2421621c.msi
CarbonSetup.msi
60e0703.msi
4307e4b.msi
53a2a9.msi
b150b07.msi
1f9c9443.msi
"Carbon Helium Backup PC Setup.msi" seems maybe the original file name?
Paul
Apr 8, 2022, 1:25:50 AM4/8/22
to
consider uploading. The 7878e6b.msi could result from the unpacking
of an EXE, if there were an EXE wrapper for the .msi file.
In some cases, you can see a nice tight clustering of names
and naming convention, which tells you you're on the right page.
For example, if you feed
"Carbon Helium Backup PC Setup.msi"
corroborates the file is legitimate. A private thread discussion
where someone listed the checksum, say.
I've sometimes used checksums from MDL, to judge whether various
installer ISOs for Windows are legit or not (back when it was hard
to find a Windows 7 installer, for OEM computer users). Originally,
the MSDN subscription ISOs had SHA1 and MD5 sums, then Microsoft
removed access to the checksum information, forcing people like me
to fish in MDL waters to get validation.
So the idea is to prove to your own satisfaction, that you've traced
the file backwards to the original author or source. This is necessary
in cases where the original site shutdown, and archive.org doesn't
have it.
*******
Download jsMSIx (67 KB)
https://www.jsware.net/jsware/zips/jsmsix19.zip
SHA-256: 08112aff0c9d0d7a72e06cffec843b207ef5dc652b4eef62f1c5d0dd13341659
On extraction, you get this file, plus a Readme file
Name: jsMSIx.exe
Size: 196608 bytes (192 KiB)
SHA256: CC46F2227B8E284A9C3914A91492934B7B2F5A922424A3ABEC7C1087723F6A0A
Start the program and tell it where to find CarbonSetup.msi,
It will unpack the MSI. I try to put all the stuff in a work
folder, so it doesn't end up all over the place. Don't do this
work right in your Downloads folder, or you'll never find the
bits and pieces it saved out. Make a Downloads\WORK and drop
the bits and pieces in there.
You can see the usual bullshit detections :-/
https://www.virustotal.com/gui/file/cc46f2227b8e284a9c3914a91492934b7b2f5a922424a3abec7c1087723f6a0a
You'll find there is some sort of USB driver, something
related to ADB bus. And the BouncyCastle.Crypto? Not a clue :-)
There's also a signtool.exe in the kit.
You can get some idea what it might be for, but it's
a bit thin on details. You won't be able to right click the
INF and install the drivers, if for any reason they're not
signed for usage on a 64 bit OS. Anyway, that's plenty to
give you something to play with and work on.
I don't own a smartphone, so cannot test this. Having an
adb.exe on my machine is a waste of electrons :-)
Paul
slate leeper
Apr 8, 2022, 8:26:05 AM4/8/22
to
On Thu, 7 Apr 2022 13:09:09 -0600, Gronk <inv...@invalid.invalid>
wrote:
>What freeware site do you trust most to find the last known good freeware
>version?
>
https://www.snapfiles.com/
I get their daily list of updated programs via RSS. Never had a bad or
dangerous download.
-dan z-
--
Protect your civil rights!
Let the politicians know how you feel.
Join or donate to the NRA today!
http://membership.nrahq.org/default.asp?campaignid=XR014887
(use cut and paste to your browser if necessary)
Gun control is like trying to reduce drunk driving by making it tougher for sober people to own cars.
wrote:
>What freeware site do you trust most to find the last known good freeware
>version?
>
I get their daily list of updated programs via RSS. Never had a bad or
dangerous download.
-dan z-
--
Protect your civil rights!
Let the politicians know how you feel.
Join or donate to the NRA today!
http://membership.nrahq.org/default.asp?campaignid=XR014887
(use cut and paste to your browser if necessary)
Gun control is like trying to reduce drunk driving by making it tougher for sober people to own cars.
Mayayana
Apr 8, 2022, 8:37:32 AM4/8/22
to
"Gronk" <inv...@invalid.invalid> wrote
| My question isn't really specific to Helium/carbon but more about what
site
| most people trust that has the freeware once the freeware goes payware?
I like oldversion for that. You can also look here, although
it's somewhat outdated:
https://www.makeuseof.com/tag/10-websites-download-older-versions-software/
I like MajorGeeks for software in general. They seem to have
their act together and don't take listings blindly. But "trust" is
a strong word. There are programs like IrfanView that might
trick you into installing ad crap if you're not careful. Yet it's
good, legitimate software. People expect everything to be free,
so authors don't have much choice. It's the same with cellphone
apps. People don't want spyware, but that's how most apps
make money. The whole thing is not entirely honest on either side.
I would try to stay away from sites that require javascript.
And never use a download site if you can go to the author's
site. I used to list my own software on download sites but over
the years it stopped selling and the sites became too hard to use.
They're making very little money from ads, so they try to automate
everything. For years now, Softpedia has been testing an outdated
link on my website, almost daily. They never remove it or update it.
That would require human intelligence. So their bot just keeps
checking. What I'm saying is that *at best*, that kind of site is
just a listing that may or may not point to a download that's
relevant and safe. But people think those sites have the software.
I get people regularly who try to download my software from an
outdated link. Then they come to my site to check whether the
software exists. They find the software webpage. But they don't
download the latest version from me. They go back to the listing site
and start clicking again! Finally, they give up.
When I look for software I usually start with general search.
Like "acme editor v. 1.2.3". When I look for helium desktop I find
3 sites. All say it's free. None of them has a link to the author
site. I wouldn't download from a place like that. When I tested
freedownloadmanager.org the download simply didn't work.
*But you really have a special case here. You're not looking
for Windows software. You're looking for a Windows companion
program to a cellphone app.* I'm guessing that since cellphone
apps are such a halfassed market, you may be seeing that effect.
I finally found clockworkmod.com. Their webpage is a mess of
unnecessary script. Looking at the source code I found the
download is actually here:
https://github.com/koush/support-wiki/wiki/Helium-Desktop-Installer-and-Android-App
I don't know if that's actually what you want, but it seems to
be the legitimate source, if we can talk "legitimate" with
Windows software written for Android apps.
| My question isn't really specific to Helium/carbon but more about what
site
| most people trust that has the freeware once the freeware goes payware?
it's somewhat outdated:
https://www.makeuseof.com/tag/10-websites-download-older-versions-software/
I like MajorGeeks for software in general. They seem to have
their act together and don't take listings blindly. But "trust" is
a strong word. There are programs like IrfanView that might
trick you into installing ad crap if you're not careful. Yet it's
good, legitimate software. People expect everything to be free,
so authors don't have much choice. It's the same with cellphone
apps. People don't want spyware, but that's how most apps
make money. The whole thing is not entirely honest on either side.
I would try to stay away from sites that require javascript.
And never use a download site if you can go to the author's
site. I used to list my own software on download sites but over
the years it stopped selling and the sites became too hard to use.
They're making very little money from ads, so they try to automate
everything. For years now, Softpedia has been testing an outdated
link on my website, almost daily. They never remove it or update it.
That would require human intelligence. So their bot just keeps
checking. What I'm saying is that *at best*, that kind of site is
just a listing that may or may not point to a download that's
relevant and safe. But people think those sites have the software.
I get people regularly who try to download my software from an
outdated link. Then they come to my site to check whether the
software exists. They find the software webpage. But they don't
download the latest version from me. They go back to the listing site
and start clicking again! Finally, they give up.
When I look for software I usually start with general search.
Like "acme editor v. 1.2.3". When I look for helium desktop I find
3 sites. All say it's free. None of them has a link to the author
site. I wouldn't download from a place like that. When I tested
freedownloadmanager.org the download simply didn't work.
*But you really have a special case here. You're not looking
for Windows software. You're looking for a Windows companion
program to a cellphone app.* I'm guessing that since cellphone
apps are such a halfassed market, you may be seeing that effect.
I finally found clockworkmod.com. Their webpage is a mess of
unnecessary script. Looking at the source code I found the
download is actually here:
https://github.com/koush/support-wiki/wiki/Helium-Desktop-Installer-and-Android-App
I don't know if that's actually what you want, but it seems to
be the legitimate source, if we can talk "legitimate" with
Windows software written for Android apps.
Mayayana
Apr 8, 2022, 8:40:54 AM4/8/22
to
"Paul" <nos...@needed.invalid> wrote
| I want a SHA256 checksum.
|
| Operating without a checksum, is "less trusted".
| And I might just have to kiss the idea, goodbye as a result.
|
There was an interesting story this week about VLC.
Apparently Chinese hackers have been breaking into MS
Exchange server for years, then replacing a DLL in VLC
to compromise the system. So it's VLC corruption... but
it isn't. They've got you coming and going. :)
| I want a SHA256 checksum.
|
| Operating without a checksum, is "less trusted".
| And I might just have to kiss the idea, goodbye as a result.
|
Apparently Chinese hackers have been breaking into MS
Exchange server for years, then replacing a DLL in VLC
to compromise the system. So it's VLC corruption... but
it isn't. They've got you coming and going. :)
Gronk
Apr 8, 2022, 12:12:21 PM4/8/22
to
Looks like a good idea that jsware product line.
I'll add it to my msi packager viewer freeware archive after testing.
AppDeploy Packager/Repackager
https://www.itninja.com/community/appdeploy-repackager
Dark Wix Toolset
https://github.com/wixtoolset/wix3/releases/tag/wix3112rtm
EMCO msi scanner
https://emcosoftware.com/network-software-scanner/download
EMCO Installation/Uninstallation tools
https://emcosoftware.com/remote-installer
InstEd 1.5.15.26 msi scanners/editors
http://www.instedit.com/
Llessmsi msi scanners/editors
https://sourceforge.net/projects/lessmsi.mirror/D63672AECA4276D
Orca M$ tool
https://docs.microsoft.com/en-us/windows/win32/msi/orca-exe
SuperOrca non M$ replacement
http://www.pantaray.com/msi_super_orca.htmlwidiffdb.vbs
WinInstall Packaging Tools
http://ww1.scalablesmartpackager.com/
I'll add it to my msi packager viewer freeware archive after testing.
AppDeploy Packager/Repackager
https://www.itninja.com/community/appdeploy-repackager
Dark Wix Toolset
https://github.com/wixtoolset/wix3/releases/tag/wix3112rtm
EMCO msi scanner
https://emcosoftware.com/network-software-scanner/download
EMCO Installation/Uninstallation tools
https://emcosoftware.com/remote-installer
InstEd 1.5.15.26 msi scanners/editors
http://www.instedit.com/
Llessmsi msi scanners/editors
https://sourceforge.net/projects/lessmsi.mirror/D63672AECA4276D
Orca M$ tool
https://docs.microsoft.com/en-us/windows/win32/msi/orca-exe
SuperOrca non M$ replacement
http://www.pantaray.com/msi_super_orca.htmlwidiffdb.vbs
WinInstall Packaging Tools
http://ww1.scalablesmartpackager.com/
0 new messages