- This topic has 45 replies, 21 voices, and was last updated 4 years, 5 months ago by
.
-
Posts
-
is it not a better idea for the future to have some people testing the uploads? to make sure they are legit for downloading so this would not happen again.
Moderator: just checking all these infected files for hidden images, batch files and scripts takes forever, are you suggesting that we find volunteers to do this backbreaking work? I don't think it's possible - I'm doing this moderation stuff for free, and it takes up hours and hours of my life thanks to these idiots infesting the files... No fun, really.So far it seems that all of the insidious files were created/modified on August 2, 2020.
Mostly what I have found are EXTRANEOUS files that don't belong to the original download...
Examples:
• 'Alternative Shapes for Kwan 8' should only have 12 head and body shapes and "they" added a 13th, 'CTRLAltKwan8Body13.dsf' and 'CTRLAltKwan8Head13.dsf'.
• 'ZhuQue The Red Phoenix Outfit for Genesis 8 Female(s)' contains two texture files that don't belong, 'RP-HelmetAndSleeves-BaseColorB.jpg' and 'RP-Legs_NormalA.jpg'. These are fake files that are not referenced within the .duf
• 'UltraScenery Tangy Apple Orchard' contains a texture file that doesn't belong, 'tao_Fern_Autumn_04.jpg'
• and of course the obvious 'run.bat' files of various names within folders in many of the zips.
It seems like a fairly incompetent and unsophisticated attempt at sowing chaos.
Rank:
Well, I don't know about the other files, as I only had two that came up bad, which @legolas18 has already fixed. Here is the list of what I had downloaded that day, and all of these with the exception of RobinHD and Robin hair (which are no longer in this folder because my AV deleted em) appear to be clean. I deep scanned them with avast, set to max protection and they passed it fine.
Unfortunately I haven't downloaded any of those files and can't say anything about their threadlevel, but I doubt that there's a real virus inside. I'd rather guess that the admins at 3d-stuff who are always hunting re-posters created these pics in their investigation. Since they've their own filesevers they can do stuff like conditional downloading depending on the user.
Personally I find these little textures hilarious and really want to have them. Especially after all the crap and complains here about people re-posting stuff from 3d-zone to other sites.
it would be nice to have a little program or script or I don't know that compares the zip content files with files reported from the readme section of the products..
EDIT:
so what packages still need to be compared with safe sources? I could consider spending my PC coupons of the months for something.. I'm not really into fantasy and sci-fi so I would prefer to take something I could use..I would suggest a new rule to regain trust : uploads could mention "genuine bought product" or "direct from the store" to make clear that the uploader owns the original file and assumes responsibility. It could prevent nasty contamination and lazy distribution. Of course non genuine would still be accepted but people would know the risks...
As has been mentioned in this thread [and repeatedly in others over the last 2 years - at least].
It is time something [?] was done regarding anyone posting altered / added to items.
The files here should all be the format that came from the original purchase. NOT altered structures or added images or docs [that includes the ones that are supposed to be 'Ours' - the annoying Read Me and jpg that keeps being added].
There are those of us here that have been predicting this stupid outcome, as a result of this meddling, for quite a while.I'm almost finished with fixing ALL the files which I listed, and getting replacements directly from the sources.
As I have stated in the various thread comments I added prefaced with "Moderator:" there are some items in there which were also duplicated in the MEGA folder, so it was impossible for me to know that folks like @joelj or @legolas18 or others had upped them a day or two prior from their own purchases. My apologies for the confusion but better SAFE than SORRY.
I recently changed entries in the BLOG noting that files are "(NO-DIM)" and warning they have been totally altered in structure and installation files were removed. This makes a product suspicious to me. And I honestly do not wish to have people rip apart original installers and just dump them on us as if they were "cool" for large numbers of points. To me this is like giving points for a car missing the engine and wiring cause someone didn't like the color of them. Either deliver the original install files, or don't.
The latest Hair file from Soto was delivered in a MEGA in the inner folders which were in the CONTENT folder of the installer, but there was no installer zip, no manifest or supplemental files (which contain the meta data install info) and sometimes people remove other folders including documentation. This is unacceptable and keep in mind once these BAD or MESSED UP files hit the internet shares - they are spread far and wide and forever.
And many times, if it is already on the BLOG here, the mods wouldn't replace them even if we told them the original was incomplete - as the original poster would lose their points. This is a vicious cycle that needs to be broken.
What do you all think?
AnjaBear
Many of the files have things like this inside them:
I'm almost through all of these and am still pulling bad files and extra files out.
Anja
Thank you for all your hard work, Anja and everyone else involved. Just know that people appreciate you taking your own free time to do this.
THanks for the warning... I hope Win10 defender would scream around when you open such a Zip...
Maybe time to add a new system that not everyone is allowed to share stuff :/
I know we would get lesser stuff, but... this is uncool 😮
I will scan my complete "My Library" lets hope there is nothing.Moderator: if you look thru my posts with image snapshots, you will note that the offending files have extensions of ".bat" but some others are more nasty. But many of these files don't actually do anything but annoy, however, I am not sure if a .DUF file will be autorun by DS to infect your system somehow. So not all that I have found shows up as a "virus" or "malware" however, some does.My windows scan is done, lucky I got no warnings 🙂
@Legolas18 but it also require that someone is here to delete that post and indeed check the post... or atleast shut down the post, then checking the files and in worst case deleting it.
Anyway... I would accept it if only somehow loyal users can share, but well just my opinion 😛Maybe a form of upload approval is necessary, if only a quick flyover of the items by some who are familiar with the products original structures, and how to find out how many files are involved in the case of Renderosity (where is it plainly listed with file sizes on the product pages) And we know how DS installers are supposed to be packaged.
This all has been a nightmare, and I hope not to go through it again.
I am almost done every single file, and have setup a new MEGA just for these fixed files and will post them all for everyone, if you want them.
AnjaBear
Maybe a limited approval process to the effect of the first X uploads are subject to greater scrutiny?
I don't know if that's possible or if it would add undue strain to the system, but at least that way if there are people who share more frequently without issue, their stuff goes in the queue as normal (until they post something messed, of course), and people posting the first few times are under scrutiny until their stuff can be doublechecked?
I know that's a LOT more work, though, for a group of volunteers to do, but maybe other people can volunteer to be testers to give a yes/no on it? Or... ssssomething?
Just sorta throwing spaghetti at the wall here because I don't think "test everything thoroughly as if we were paying people for it" is a realistic option, but "the first time(s?) a person uploads, we have people check it out before it goes up" could be a thing that works?
I think someone who has the free time to test the files for malware before hand can be rewarded with some points per check? Something small, but at least make it so his work is not completely "free" and he/she receives something for the time spent checking the items that are about to be posted on the site. Just my 2 cents.
- The topic ‘RESOLVED/CLOSED: Fixing the Shares from 02-04 AUG’ is closed to new replies.
