Quote - > Quote - I own about 50 sheep, but they are only about 10 mm high and made of plastic, so I am hoping they don't pose a significant threat.

 

Britains comes to mind.....most excellent!!!......please tell me they are Britains!

Sadly not Britains as they would be a bit overscale for my railway models, but I agree the Britains farm models are really nice. I do have a couple of Britains trees somewhere though.

Some of my sheep are from the old Airfix Farm Stock sets. When i was a lad these sets sold for two shillings each ( 10p in decimal ) down at the local newsagent. These days I have seen the same sets sell for as much as £40 on Ebay !!  mine long since were pulled of their sprues and painted, and the boxes are long gone. I buy models to use them, not to keep them pristine in their original packaging. Kind of like James May, but on about 1% of his budget. lol.

kylumi and chohole are you self appointed DAZ representatives? Because if you are then you're embarassing the company. Are we back in grade school where bullies got together to try to push other people around? Seriously? You wrote an amazing story kylumi, you should pass that by a publisher and see what they have to say. Who knows, you might get published. Is this the type of climate you maintain in the DAZ forums? Do you make fun of people for daring to question the almighty DAZ? Do you really get that frustrated with people because they continue to disagree with you? If you aren't communicating effeciently, it's best to let someone else handle it. And if you aren't capable of having a decent conversation without making fun or cutting people then you both should probably just keep your mouth shut.

With regard to the installers, I don't know what's up. What I do know is that people have complained about their AV giving them a warning with some DAZ installers. I've seen first-hand what happens when I've installed from the older installers, the one's that are red with a round DAZ logo and a Z. I already provided the URLs to the previous sites that were, potentially, collecting the info. Now, either the information was being gleaned in order to provide personal information so DAZ could track who is installing their products and/or for marketting purposes. Doesn't matter, what does matter is that if they were collecting personal information, they should have informed their customers first.

If DAZ was not collecting the information, and this just occurred to me, the other possiblity is that whomever made the installers left tracks in the installers before licensing, and it's very possible that DAZ was not aware. However, they should have been in the know about this before allowing customers to use them.

Skiriki, I have hundreds of DAZ installers and I don't have time to install each one in order to give you examples. Just go through your own data, pick some that come from 2008 and away you go... Look for the one's made in 2008 with the red DAZ logo. If you have the Win 7 developer installed on a machine, that might be worth doing your research on.

RHaseltine, thank you for the explanation. I still don't understand how the installer would bring up three web pages. One for download.com, one for data.country code/poser and the last one was supposed to load the readme, but couldn't find it on the localhost. And these are the same URLs no matter what product I've installed that come from 2008.

Khory_D, I am using common sense and learned a long time ago to never follow along like a lamb. Always question when something isn't right. You're right, this is speculation. It's how people get to the bottom of things. It's how questions are answered. I don't need to provide you or anyone else with proof. This isn't a court of law and you are not my judge. Believe whatever you want. I am simply pointing out issues with the installers in correlation with the warnings that manleystanley spoke about. Besides the fact that many, if not all, businesses hire other companies to do their marketting research. How do you think commercials targe specific audiences? It's how businesses operate and how they stay in business. Ever answer a questionaire for a company? It was a result of marketting research. We are a society of net freaks, so marektting has adapted. It isn't beyond the realm of possibilities have personal data released or to be tracked through an installer.

You think this is a bunch of BS? Good for you, I'm glad you have an opinion that you felt you could express freely without other people making fun of you. Other people are expressing their thoughts and concerns and they are just as valid as anyone else. I don't know if DAZ was collecting the info for piracy purposes or for marketting or both or if they even knew about it. I have no clue. What I do know is what I've seen and I'm combining that with what other people are saying with regard to the installers.

I didn't say that the DAZ site change was the reason for a change to zips. I said that many customers have requested zips over installers. But that never happened and the ONLY reason it's happening now is because the new "eCommerce site cannot deliver installers," so DAZ must convert to zips. At least that's what I read in their forum a few days before it went down.

Those of you who are joking around having a good time making fun of people, you can just laugh alone. Why not let a DAZ representative answer questions without your interferance, or is there something you feel you need to protect them from? DAZ is not a person nor are they a child who needs protecting and defending. They are a hierarchy of individuals who run a corporation. Those of you who feel that DAZ has been slighted or bashed. Stop it! Stop getting emotional about a company and start acting like adults. You know the one's who debate with respect.

The simple facts would stand that if DAZ installers held viruses, then there would be thousands of people all running into attacks on a regular basis.

You really cannot argue that fact.

I (obviously) purchase alot of daz products and have so for over 10 years now....and never once have I recieved a virus from any of the installers. (and since this is a business for me, you can bet I have decent AV programs to make sure things are kept clean)

The obvious conclusion is that the AV reports you are getting are reporting a false positive.

I am no techy by any stretch of the imagination...just a dumb artist......but those facts are pretty conclusive, even to a simple guy like me.

Rawn

Quote - wall of text

I don't think anyone is trying to protect anyone from anything, I think that people have put out reasonable and logical explainations for things mentioned in the OP. However that isn't enough for everybody so the conversation started going in circles.

Because of this some people decided to lighten the mood. I don't see any bullying going on, but I do sense that some may be taking things more seriously then they are.

This isn't Daz's offical forum so I really don't see why comments need to be limited to staff, some of the most relevent and insightful posts came from regular joes.

Jazzmin,

Real respect has to be earned. There are some users of this site that I have a lot of respect for, and other for which I have none....  That comes from years of visiting this site and reading what people post and how they conduct themselves. As for yourself I have the same respect for you as I would have for any person that I don't know since I haven't read any of your posts outside this thread.

To the issue at hand, do DAZ installers carry a virus? I think you will find if you read through this thread that it has been investigated before and the answer was no. I agree that if AV software flags up a warning, then it is sensible to check, and each person must make a decision if they believe the answer they get from the vendor, or not. Personally I make an informed decision based on the reputatation of the person providing the information, and on 25+ years experience in IT. I have had a couple of viruses on my home computer, usually they got in before my AV was updated to detect them. I think the first one was on 'Flair Paint' on an Atari ST and unusually that did come on the floppy disk from the vendor. I have never had a virus from DAZ, or from models I bought from Zygote before DAZ was split off. ( first model I bought I think was the racing car driver from Zygote. wow a long time ago  lol. )

Quote -

Those of you who are joking around having a good time making fun of people, you can just laugh alone. Why not let a DAZ representative answer questions without your interferance, or is there something you feel you need to protect them from? DAZ is not a person nor are they a child who needs protecting and defending. They are a hierarchy of individuals who run a corporation. Those of you who feel that DAZ has been slighted or bashed. Stop it! Stop getting emotional about a company and start acting like adults. You know the one's who debate with respect.

I for one was sincere in all my posts. I asked you to tell me if the URLs you posted were the exact ones you saw. If so, I explained how those possibly got there and also how installation-package creating suits have the potential to help developers gather relevant information from users (whether hidden or asked for).

We also understand how marketing works. I for one am not a sheeple, hell, I am as libertarian as they come.

From your last post I deduced that those are the exact URLs that you saw and in that case those URLs do nothing and go nowhere. When it comes to URLs they are as meaningless as trying to ask a Spanish speaker in English to do something. They are malformed, not correct syntax for URLs.

gate wrote:

Quote - the issue with opening different Pages on the DAZ intallers ... Round Type with Z Logo

also happen to me. what was mentioned erlier from the user did not seem to be an
accusement but rather a discovery ... well the computer does not seem to have taken  any damadge :-)

Jazzmin wrote:

Quote - With regard to the installers, I don't know what's up. What I do know is that people have complained about their AV giving them a warning with some DAZ installers. I've seen first-hand what happens when I've installed from the older installers, the one's that are red with a round DAZ logo and a Z. I already provided the URLs to the previous sites that were, potentially, collecting the info. Now, either the information was being gleaned in order to provide personal information so DAZ could track who is installing their products and/or for marketting purposes. Doesn't matter, what does matter is that if they were collecting personal information, they should have informed their customers first.

Too bad noone can name files. But that narrows it down. If it's all of those, then it should be easy to find one. :-)

That is curious behavior, alright. For the first time, ever, I kinda wish I had Windows 7, so I could see it.

Personally, I strongly doubt if it means anything nefarious.

Spyware is something that (I feel) should be opposed. And if doubts are raised, I'd like to see the security experts check it out. They can settle the matter.

Jazzmin wrote:> Quote - Is this the type of climate you maintain in the DAZ forums?

Pretty much. :-) When things get too heated, and personal, then silly off-topic joking often commences. It's a defusing tactic which attempts to ease the tensions, and stave off severe moderation. (more to follow)

Jazzmin wrote:

Quote - Do you make fun of people for daring to question the almighty DAZ?

I can see why you'd ask that.

I'm sorry you got criticized, and lumped in with some others. I see that you consider other explanations, which kinda sets you apart from some others who've raised their concerns. I don't hold it against you that you have suspicions.
If you look back through this thread, you see a lot of jumping to conclusions, and sticking to them regardless. A lot of proclamations about Daz's intentions were made. (The OP, while a helpful & knowledgeable curmudgeon, over there, is known for a tendency to stick to his initial opinions. He has a certain level of frustration with the company's tendencies, and, well... sometimes extrapolates...).

Someone noticed that it had evolved to be indistinguishable from an argument on a conspiracy-theory site. So a parody was made.

I found it funny. But since a parody could conceivably be met with anger, it was followed with a lot of off-topic sillieness.

And now we're here. Sorry again, try not to take it personally. Gets crazy when we're around, sometimes.

Bet Rendo will be happy to get a lot of us back where we can be... you know, giving ulcers to moderators who are used to it. ;-)

Quote - kylumi and chohole are you self appointed DAZ representatives? Because if you are then you're embarassing the company. Are we back in grade school where bullies got together to try to push other people around? Seriously? You wrote an amazing story kylumi, you should pass that by a publisher and see what they have to say. Who knows, you might get published. Is this the type of climate you maintain in the DAZ forums? Do you make fun of people for daring to question the almighty DAZ? Do you really get that frustrated with people because they continue to disagree with you? If you aren't communicating effeciently, it's best to let someone else handle it. And if you aren't capable of having a decent conversation without making fun or cutting people then you both should probably just keep your mouth shut.

Hello my friend.

The answer to your first sentence is, YES! we are, but which company are you referring to? are you referring to the company that knowingly retail virus infected packages or this one, Rendo?

Are we back in grade school........well reading this thread I did think that we were, am I mistaken?

Funny you should mention publishing, I have been published and I recommend you read it,     http://www.amazon.co.uk/Figures-Characters-Avatars-Official-Beautiful/dp/1435461207/ref=sr_1_4?ie=UTF8&qid=1337785587&sr=8-4#reader_1435461207

I have never been accused of being a bully before but, if you say that is what I am then it must be true.

Can you point me to a part of this thread which involves decent communication accomplishing an end result?

I think by the length of your posts you aquit yourself very well in the communication stakes....so, I will be more than happy to let you handle my communications, too.

I have asked my dog about keeping my mouth shut.....he told me he did not like your tone!

Quote - i don't need to have any findings 'verified' by anyone else, i SAW exactly what the CMS was doing as it started up.

This is not about you, this is about everyone else. 

If there is a problem with the installers -- spyware, rootkits, trojans, viruses, you name it -- it is for everyone's benefit to get them removed, and guilty parties found and nailed to the wall. 

Quote - don't farking care if you don't believe my post. thats your prerogative.

And, it is not about belief. It is about being able to test and verify.  

Quote - i did not 'assert' anything, i saw it happening onscreen.

For the record, hitting 'print screen' button and then pasting the result into some paint program is a great way to provide evidence. 

Quote - if you want it verified, get off your arse and get a debugger to run the code for you.

You're missing the point: *I want to verify it myself, but until I'm told which ones specifically gave you the bleep, I cannot. *

Quote - Skiriki, I have hundreds of DAZ installers and I don't have time to install each one in order to give you examples. Just go through your own data, pick some that come from 2008 and away you go... Look for the one's made in 2008 with the red DAZ logo. If you have the Win 7 developer installed on a machine, that might be worth doing your research on.

No. This is not how it works.

1. I do not own everything. As a matter of fact, I own very little. I'm a newbie with 3D content. I am ready to make a purchase in name of getting this tested.
2. In order to test reliably, I absolutely need to know which .exes have been raising the flag. Once I have the offending .exe myself, I want to compare the hashtags to confirm that we both have the same .exe, and the one I have is hot off the store.
3. I take issues with security seriously especially when they are related to personal information. So I have full motivation to find out what's going on and deliver ass-whooping of epic proportions if I must; EU area has some pretty damn strict right of privacy laws. However, I refuse to chase a wild goose.
4. And, as I have said before, this is not about you. This is more than that: this is about the well-being of everyone around.
5. Extraordinary claims require extraordinary evidence.

Skiriki,

Your plan of action looks very sensible, and I would be very interested in any results you obtain if you do get a 'suspect' exe to study, whatever the result.

Since you are approaching this in a professional way and intending to investigate first hand, I would be inclined to trust your findings. I think you should be mentally prepared though that some people will not believe your results unless they agree with their pre-concieved ideas on what the answer will be.

Quote - > Quote - > Quote - I own about 50 sheep, but they are only about 10 mm high and made of plastic, so I am hoping they don't pose a significant threat.

 

Britains comes to mind.....most excellent!!!......please tell me they are Britains!

 

Sadly not Britains as they would be a bit overscale for my railway models, but I agree the Britains farm models are really nice. I do have a couple of Britains trees somewhere though.

Some of my sheep are from the old Airfix Farm Stock sets. When i was a lad these sets sold for two shillings each ( 10p in decimal ) down at the local newsagent. These days I have seen the same sets sell for as much as £40 on Ebay !!  mine long since were pulled of their sprues and painted, and the boxes are long gone. I buy models to use them, not to keep them pristine in their original packaging. Kind of like James May, but on about 1% of his budget. lol.

 

Now that does sound interesting. Have you ever been to the Miniatur Wunderland in Hamburg?

It is bloody amazing, its the largest minature railway layout in the world.

I bet you would love it, I did, and I am not a model railway enthusiast.

"Khory_D, I am using common sense and learned a long time ago to never follow along like a lamb. Always question when something isn't right. "

And I am questioning accusations of wrong doing that are not backed up by the presentation of solid proof. Or am I expected to blindly follow what people I don't know state as "fact" without presenting proof?

"You think this is a bunch of BS? Good for you, I'm glad you have an opinion that you felt you could express freely without other people making fun of you. "

So I say what I believe and you have a go at it? How is that different than what others did? You can't have it both ways. Be upset others disagree with you but vilify anyone who doesn't believe what you do.

Just so we are clear..Not believing someone or disagreeing, or being funny for that matter is considered bulling. But saying someone has failings as a professional or that someone else should "keep your mouth shut" is alright behavior?

Quote - > Quote - i don't need to have any findings 'verified' by anyone else, i SAW exactly what the CMS was doing as it started up.

This is not about you, this is about everyone else. 

If there is a problem with the installers -- spyware, rootkits, trojans, viruses, you name it -- it is for everyone's benefit to get them removed, and guilty parties found and nailed to the wall. 

Quote - don't farking care if you don't believe my post. thats your prerogative.

And, it is not about belief. It is about being able to test and verify.  

Quote - i did not 'assert' anything, i saw it happening onscreen.

For the record, hitting 'print screen' button and then pasting the result into some paint program is a great way to provide evidence. 

Quote - if you want it verified, get off your arse and get a debugger to run the code for you.

You're missing the point: *I want to verify it myself, but until I'm told which ones specifically gave you the bleep, I cannot. *

Quote - Skiriki, I have hundreds of DAZ installers and I don't have time to install each one in order to give you examples. Just go through your own data, pick some that come from 2008 and away you go... Look for the one's made in 2008 with the red DAZ logo. If you have the Win 7 developer installed on a machine, that might be worth doing your research on.

No. This is not how it works.

1. I do not own everything. As a matter of fact, I own very little. I'm a newbie with 3D content. I am ready to make a purchase in name of getting this tested.
2. In order to test reliably, I absolutely need to know which .exes have been raising the flag. Once I have the offending .exe myself, I want to compare the hashtags to confirm that we both have the same .exe, and the one I have is hot off the store.
3. I take issues with security seriously especially when they are related to personal information. So I have full motivation to find out what's going on and deliver ass-whooping of epic proportions if I must; EU area has some pretty damn strict right of privacy laws. However, I refuse to chase a wild goose.
4. And, as I have said before, this is not about you. This is more than that: this is about the well-being of everyone around.
5. Extraordinary claims require extraordinary evidence.

It appears to me that you are the man that actually can!

I agree with Ian regarding your test and verification investigations........some people only want to hear what they are saying themselves!

By the way, my dog likes you.

Quote - Your plan of action looks very sensible, and I would be very interested in any results you obtain if you do get a 'suspect' exe to study, whatever the result.

Thanks, it is my intention also to document every step, so people can verify it themselves, instead of having to rely on my word alone. Also, if I have to take it up to F-Secure lab, I'll do my best to squeeze a full report out of it. 

Quote - Since you are approaching this in a professional way and intending to investigate first hand, I would be inclined to trust your findings. I think you should be mentally prepared though that some people will not believe your results unless they agree with their pre-concieved ideas on what the answer will be.

Sadly, this is a feature built into humans. Fallible, we are. 

Quote - It appears to me that you are the man that actually can!

Lady, but no offense taken. ;) 

Quote - I agree with Ian regarding your test and verification investigations........some people only want to hear what they are saying themselves!

Possibly, but I want to give them benefit of doubt, and start with the assumption "they saw something, let's investigate what they saw". In order to investigate, I must know details. If people worry that they can't tell me out in public, because "of course they'd be taken off store and you couldn't check or modified to remove the harmful bits" or something like that, my private message box is accepting contacts.

Like I said, I'm willing to get the item, poke and prod and see what happens. However, I expect cooperation from the other party too, and that cooperation requires...

1. Providing me .exe file names (names, not files themselves), and willingness to answer questions if I have any; my questions are going to be along lines of "OS, running processes, day of acquiring the file, source, default browsers, software used to initial examination of the issue" and so on.
2. Comparing file hashtags afterward in order to find out whether we have the same version, acquiring a different sample if I must

I am fully ready to do all this in privacy of private messages or e-mail, hey, whatever. But I am not willing to go running around like a headless chicken and guesswork which .exe file is doing it.

Just because file XYZ is bringing up an alarm, and is from the batch claimed to be foul, it does not mean that file ABC from the same batch is going to do the same. What if in compiling the exe one option was switched off? What if I grab ABC which doesn't alarm anything, whereas the culprit is XYZ? 

This is why I absolutely need to know a file name that gave the trouble. This is why I need to compare results and hashtags.

Believe me, if I find anything that looks like virus/trojan/rootkit/data miner/etc I will absolutely blow a gasket and go on warpath. 

But in order to do that, I need cooperation.

If I can't get any cooperation, I cannot allocate resources and investigate.

Quote - By the way, my dog likes you.

Err, I'm honored? My in-laws' dog just wants to stick her nose into my face or my crotch. Is this doggese for "I like you"?

Quote -

1. file://localhost/path of your install (readme)

Hosts:

1. http://www.data.your country code/poser

2. http://www.downloads.your country/readme's/product name

To many users/people, these "url's" may appear suspicious, but honestly, I find it hard to believe they are anything to be concerned about. Additionally, I find it very hard to believe that they are sending any sort of personal information to DAZ, or anyone else.
Keep in mind, this is much like "taking a statement out of context" .... actually .... it is literally taking a statement out of context. In this case, Windows 7 is trapping requests or statements, that it doesn't understand, or possibly the UAC won't let happen. But we know nothing about what came before or after the statement, which leaves it completely open to interpretation, and based on one's personal biases and experiences, this interpretation can range from "it's an evil plot to send personal information back to the mother ship" to "it's garbage code in the installer".

As someone already mentioned, as they stand, they are not properly formed URL's, and could not be effectively used as they stand by any browser. Doing a whois lookup on the two www "URL's" gives no indication that these are some sort of tracking or information collecting sites. From the information provided, and knowing that the installers are somewhat smart (i.e. they "remember" the last location you installed to), in context, these statements may either refer to the internal locations that the original data came from at DAZ, or the customization used, or that could potentially be used, for the installer to use local language/characters (i.e. the country references could be used to look at the same file that gives the last installation location for language/character set usage by the installer). But, given the fact that this only happens when the view the readme option is checked in the last step of installation, I would surmize that at least the first statement is used by the installer scripts to open the proper readme in your browser.

Now, all this is simply conjecture on my part, based on the statements provided above, with my attempt to place them in what I feel would be a proper context, based on 25 years of experience in IT. My experience in IT includes everything from systems management, to programming, to security management. If someone needed to use these very same installers on any of the systems I am responsible for, I would have no problems with their use at all. But, your mileage may vary.

As for all the talk about the warnings that ManleyStanley is experiencing, I've had the same warnings, but went ahead and installed my content (and told the AV to ignore them), after installation the system is fine - no viruses. Again, this is simply a guess, but looking at the behavior of the installers, false positives can be expected. They are "intelligent" installers. I'm not trying to be facetious here, but how do you think they "know" where to install stuff in non-standard locations? They can't use the force, so they need to either search your system every time the installer runs (years ago they did this .... everyone complained), or keep a file on your system to give the installer the proper options for your individual environment. I'm sure the installer performs some sort of quick validation of the options it gets from this "hidden" file everytime it runs. Both the activity of opening this hidden "configuration" file and the validation of the directories to use by the installer could easily be seen by AV software as being a potential system threat and trigger a false positive. I'm not worried about the installers being virus laden. But again, that is my opinion, and your milage may vary.

On a final note, the work that Skiriki has proposed would put all the speculation to rest - mine, as well as others.

And the forums are begining to be up again :-)

Woot! Woot and double Woot!...................sorry guys thanks for the party, I just gotta bale now..............probably see you all again in 24hrs

After looking this thread over, I think it has run its course.

Please keep in mind, if you have a problem with another member simply site mail them do not start an argument in the forum.  Thanks!