I Know I'm Paranoid, But... (DAZ Installer)

DaremoK3DaremoK3 Posts: 798
edited August 2012 in The Commons

O.k., I know I might be a little paranoid when it comes to PC security, but is this normal?


Have I just been sheltered, because I was using an old version that wasn't checking at all compared to the new service which is now checking all my downloads before I double check them with my anti-virus offline?


I recently updated my Zone Alarm Firewall to their latest version, and it performs virus checking after downloads. The thing is it has a basic, and an advanced checker. Usually the basic yields results needed, but sometimes it needs to perform the advanced check.


Why I am concerned is because the advanced check is done in a virtual sandbox that actually mimics an actual install to check all variables. This was the first download from DAZ utilizing the new firewall with it's virus checker, and I'm not liking the results.


I have been using it for about a week now, and have not encountered this with any other download across the net. I know it is not a virus, but just exactly what are these silent/hidden executables that will run each time I boot my system up?


Am I being paranoid, and this well respected firewall company is completely wrong regarding their test, or do I have something to genuinely to be concerned about?


Any one else using ZoneAlarm here encounter anything like this before?


Pics below are from testing result:

Clipboard03.jpg
391 x 286 - 27K
Clipboard02.jpg
800 x 399 - 40K
Clipboard01.jpg
525 x 402 - 40K
Post edited by DaremoK3 on

Comments

  • BlazeMystEraBlazeMystEra Posts: 464
    edited December 1969

    From my knowledge you get messages like this from spyware and firewall programms all the time when a download is new. I wouldn't trust everything these messages tell you, at least not if you're downloading from a site like DAZ3D. It always is a good idea to doublecheck, but with the newer versions of 'safety programms' it's often happend that they say 'I don't know that, so it must be bad.' ... they seem to become more human... *lol* I guess it's just a precausion on the programmers site, so they can't be framed, because the program told you it could be dangerous.

    Having said all that... I downloaded it and got no message whatsoever from my PC-Security-Programs... and my programs are not shabby either, so... I don't see a problem... but maybe download another checking programm (like a programm that checks for viruses, a program that checks for troyans and a program that checks for malware) just to be sure :)

  • JasmineSkunkJasmineSkunk Posts: 1,902
    edited December 1969

    BlazeMystEra is right about that. Many virus scanners and fire walls will call a false positive to any unknown file.

  • SzarkSzark Posts: 10,634
    edited December 1969

    Yep seen this with some AntiVirus software posted on the old forums. I use MS Security Essentails and never had an issue and never been infected...picked up on a few but never with daz content etc.

  • DaremoK3DaremoK3 Posts: 798
    edited December 1969

    Thanks for the feedback guys/gals...


    I'm aware of false positives, and I check all files downloaded from the net with Avast. I have never had any issues with any DAZ file before.


    This ZoneAlarm security checker is a new thing for me. Apparently they have jumped into the anti-virus game as well, and you can install an all-in-one firewall/anti-virus, but I opted for firewall only with keeping Avast as my anti-virus.


    Irregardless (just kidding)... Regardless of not having the ZoneAlarm anti-virus suite the firewall has hijacked my downloading in Firefox, and performs a virus check upon finishing of download with option to open immediately, or store for later use. What's important is the fact if it determines it needs to perform the advanced check. The reason is it doesn't just check for virus'/trojans/spyware on the surface as many checkers do, but performs an actual online install in a virtual sandbox to check all variables including trying to install to root, hidden parameters, and the like (from my understanding when I agreed to it's online virtual sandbox advanced check).


    I've downloaded several things this week from software to content, and even those that were earmarked for the advanced check all passed with flying colors.


    The only thing from DAZ that should install any executable which would load every time one boots up their system is the CMS. I can not fathom anything in a digital camera content package that would include executables needing to run at start-up. This one has me baffled...


    DAZ is high on my "trusted" businesses, and I was one of those in the past when CMS first came on scene trying to help quash fears about it trying to phone home when it was just accessing localized loop-back adapter.


    I trust DAZ, I really do, but I am also not without remedial knowledge when it comes to PC security, and do know the difference between new/untested false positives (from the unknown) with generalized virus checking and advanced heuristics algorithms verifying unknown executables trying to write root code for invisible access at boot-up.


    Anyone else have an opinion on this, or perhaps any security "experts" that might be here can shed better light on my understanding of this.

  • JohnDelaquioxJohnDelaquiox Posts: 1,195
    edited December 1969

    Its most likely a false positive

  • DWGDWG Posts: 770
    edited December 1969

    The cameras are a single installer with metadata, my guess is Zone Alarm is being triggered by the attempted update of the CMS database with the new metadata.

  • ChoholeChohole Posts: 33,604
    edited December 1969

    As you have Avast I don't understan why you run a 2nd firewall. Avast firewall is quite robust.

    Plus, sometimes having more than one firewall can be problemsome unless you have been very careful in configuring both firewalls.

  • DaremoK3DaremoK3 Posts: 798
    edited August 2012

    DWG:


    Good hypothesis.


    I was thinking along the same lines. It seems a logical explanation from testing of executable code as opposed to checking for malicious executables.


    Since the CMS does (or is expected to) run executable code at start-up it probably would be a safe bet to conclude that content with meta-data runs updating code for the CMS (at start-up). This would be an excepted variable for me for the allotment of install.


    I should have noted one thing in particular though; I do not have DAZ Studio of any kind installed on this system including the CMS. I just rebuilt this laptop, and have yet to install DS4 Series. I am still weighing the Pro's/Con's between reinstalling DS4 Pro, or updating to the new DS4.5 Pro (since many are having issues).


    I assume the digital camera content's meta-data was looking for the CMS in the virtual sandbox test to update.


    chohole:


    Not to worry, my dear mod (with a big club), I am only running one firewall, and one anti-virus.


    I should have said I know a little more than "remedial" PC security, but since I am far from an expert I prefer to error on the side of modesty.


    I use the free ZoneAlarm firewall (which disables Windows firewall), and the free Avast anti-virus (which does not include a firewall). I was unaware that Avast has a version which includes a firewall as well. Thank you for that info. If I ever become dissatisfied with ZoneAlarm it's good to know I have another option right under my nose.


    You may now commence with your club beating if you wish it so (you know you want to). I will not put up a struggle...

    Post edited by DaremoK3 on
  • ChoholeChohole Posts: 33,604
    edited December 1969

    Me ? I never beat people until I have found I can't get any furhter talking them to death, :coolgrin:

    And yes Avast do a paid for version, with lots more features than the free version. It also has a sandbox that you can play in. I haven't tried building any sand castles yet though.

Sign In or Register to comment.