Oh my gods. Please pass onwards my condolences; this came out of blue and is truly shocking to hear. A terrible loss for all of us. :(

FYI, here's a good article about how these hacks happen: http://krebsonsecurity.com/2015/01/how-was-your-credit-card-stolen/

Also, be aware that some banks have really poor security from the beginning, so it is worth googling your bank's name + credit card hack to see what sort of reputation they got.

If you use Windows, you can get a directory listing via old-school way in Command Prompt.

Copy your stuff about to be zipped to some place, like D:temp 

Fire up Command Prompt (in Accessories or with 'Run', putting in cmd as the program you want to run), and then navigate to the right directory with cd and other archaic commands; using my example, you'd have to type d: and then cd temp.

Finally, in the example directory of temp,  dir /b /s > contents.txt

Voilá! Bob's your uncle.

There are also small utility apps that do this for you, if you feel more visual. IIRC some zipping programs can do it as well.  

Heya Lyne, thanks for your freebie stuff. Your rabbit is about to make a debut in my renders and I will try to remember and link it here when I'm done with the picture. :)

Your cow did feature in one of my pics already: http://skiriki.deviantart.com/art/Groceries-320757243

Quote - Your plan of action looks very sensible, and I would be very interested in any results you obtain if you do get a 'suspect' exe to study, whatever the result.

Thanks, it is my intention also to document every step, so people can verify it themselves, instead of having to rely on my word alone. Also, if I have to take it up to F-Secure lab, I'll do my best to squeeze a full report out of it. 

Quote - Since you are approaching this in a professional way and intending to investigate first hand, I would be inclined to trust your findings. I think you should be mentally prepared though that some people will not believe your results unless they agree with their pre-concieved ideas on what the answer will be.

Sadly, this is a feature built into humans. Fallible, we are. 

Quote - It appears to me that you are the man that actually can!

Lady, but no offense taken. ;) 

Quote - I agree with Ian regarding your test and verification investigations........some people only want to hear what they are saying themselves!

Possibly, but I want to give them benefit of doubt, and start with the assumption "they saw something, let's investigate what they saw". In order to investigate, I must know details. If people worry that they can't tell me out in public, because "of course they'd be taken off store and you couldn't check or modified to remove the harmful bits" or something like that, my private message box is accepting contacts.

Like I said, I'm willing to get the item, poke and prod and see what happens. However, I expect cooperation from the other party too, and that cooperation requires...

1. Providing me .exe file names (names, not files themselves), and willingness to answer questions if I have any; my questions are going to be along lines of "OS, running processes, day of acquiring the file, source, default browsers, software used to initial examination of the issue" and so on.
2. Comparing file hashtags afterward in order to find out whether we have the same version, acquiring a different sample if I must

I am fully ready to do all this in privacy of private messages or e-mail, hey, whatever. But I am not willing to go running around like a headless chicken and guesswork which .exe file is doing it.

Just because file XYZ is bringing up an alarm, and is from the batch claimed to be foul, it does not mean that file ABC from the same batch is going to do the same. What if in compiling the exe one option was switched off? What if I grab ABC which doesn't alarm anything, whereas the culprit is XYZ? 

This is why I absolutely need to know a file name that gave the trouble. This is why I need to compare results and hashtags.

Believe me, if I find anything that looks like virus/trojan/rootkit/data miner/etc I will absolutely blow a gasket and go on warpath. 

But in order to do that, I need cooperation.

If I can't get any cooperation, I cannot allocate resources and investigate.

Quote - By the way, my dog likes you.

Err, I'm honored? My in-laws' dog just wants to stick her nose into my face or my crotch. Is this doggese for "I like you"?

Quote - i don't need to have any findings 'verified' by anyone else, i SAW exactly what the CMS was doing as it started up.

This is not about you, this is about everyone else. 

If there is a problem with the installers -- spyware, rootkits, trojans, viruses, you name it -- it is for everyone's benefit to get them removed, and guilty parties found and nailed to the wall. 

Quote - don't farking care if you don't believe my post. thats your prerogative.

And, it is not about belief. It is about being able to test and verify.  

Quote - i did not 'assert' anything, i saw it happening onscreen.

For the record, hitting 'print screen' button and then pasting the result into some paint program is a great way to provide evidence. 

Quote - if you want it verified, get off your arse and get a debugger to run the code for you.

You're missing the point: *I want to verify it myself, but until I'm told which ones specifically gave you the bleep, I cannot. *

Quote - Skiriki, I have hundreds of DAZ installers and I don't have time to install each one in order to give you examples. Just go through your own data, pick some that come from 2008 and away you go... Look for the one's made in 2008 with the red DAZ logo. If you have the Win 7 developer installed on a machine, that might be worth doing your research on.

No. This is not how it works.

1. I do not own everything. As a matter of fact, I own very little. I'm a newbie with 3D content. I am ready to make a purchase in name of getting this tested.
2. In order to test reliably, I absolutely need to know which .exes have been raising the flag. Once I have the offending .exe myself, I want to compare the hashtags to confirm that we both have the same .exe, and the one I have is hot off the store.
3. I take issues with security seriously especially when they are related to personal information. So I have full motivation to find out what's going on and deliver ass-whooping of epic proportions if I must; EU area has some pretty damn strict right of privacy laws. However, I refuse to chase a wild goose.
4. And, as I have said before, this is not about you. This is more than that: this is about the well-being of everyone around.
5. Extraordinary claims require extraordinary evidence.

FYI, my request was not flippantly made; my IT mentor is pals with F-Secure lab, and I can call in favors, if it comes down to that. Considering that F-Secure was not afraid of revealing German government spyware's hairy details and giving statements about how friggin' stupid they were, I do dare say that they would not hesitate to reveal whatever might be hidden inside this stuff, if there's any to be found.

So, please. Tell me what packages were giving warnings and I'll start poking. Otherwise it is gonna be a new round of My Little Pony: Friendship Is Magic season 2 or watching Mythbusters from season 1 and I'm not sure if my brain can take it. 

Could someone PLEASE tell me what are these malware infected .exe bundles, so I can grab them for a thorough testing.

I will be more than happy to put my IT expertise into test, seeing how I got only meager 20 years of it (as opposed to glorious 30, but no worries, I'm good pals with people who have that 30 years under their belt), and see what's going on and do packet analysis and stuff like that.

I can't test anything if people are unwilling to divulge the names of the packages involved; I don't need to get the packages from y'guys, I only need the names of the suspicious packages. Date of download and purchase would also help to pinpoint things. I'm in no way affiliated with DAZ beyond customer relationship, but I'm also bored to tears and this sounds like an excellent nut for me to crack while I await for graphics-based inspiration to come. I only got time to kill while unemployed, but I prefer to hone my IT skills.

Otherwise I'm forced to agree with others that this is a whole lot of speculation over nothing. 

Package names, please. *Give me something to do. *

I just got the new thingie and some old stuff (Regency for M4).

My PayPal purchase went through, no problem.

Download? No hiccups. Full speed ahoy.

Install for RRTime? No problems.

Install for Regency? No problems.

The error log shows no problems beyond the usual (injectpmd whinge, since I went and updated to 4.5RC1). 

I realize that the plural of anecdote is not "data", but, maybe others could share their experiences of Tuesday and onward purchases?

I still can't get my wishlist (because it chokes the system), but at least the last two purchase bundles have worked to me, with the very first one (which was made as soon as the new site went live) still pending (so 2-1 in success stories), but Ann forwarded my e-mail onward to Customer Service and said they will deal with the pending purchase. 

<=== user icon done with these shaders, sadly squished smaller. Silvermoon hair, with shader's own hair settings used.

Quote - > Quote - Hmm ... I thought that Stegolian looked familiar ...

o.O

Yeah..that must have been the inspiration LOL

OMG, you could now do rendered Dilbert strips.

We can do Dogbert, Catbert and Ratbert with Genesis creature morphs (although the idea of turning Hitomi Catgirl into Catbert plus genderswap to the original character is even more entertaining), and the rest of the cast are easy enough...

Do us a red curly-pointed tie as a freebie! :D 

Quote - I have to second Skiriki's thoughts on version 4.5, and like him/her I was lucky (more like had the foresight) to grab all my downloads before the site went black.  And, thank you Skiriki for illustrating how that function works.  I will have to give it a play.

(She, yes.  :biggrin:)

I left my system rendering when I went to bed, and when I came back it had done only 8%. Wow. Dreamer wings apparently slow things down for some reason. o_O I think this can mean only one thing... MOAR WINGS. Better ones.

(Hmmm. Spicy chicken wings in RL sounds like a great idea as well.) 

Quote - 4.5 does have some interesting new additions, and the "Edit" menu now holds some interesting production tools I don't seem to have in 4 Pro.  Also, they have included "Darkside" UI by default (no need to istall).  I never installed it in 4 Pro, so it was nice to check it out.  I think I'll keep it set to Darkside.

Oh really? New additions? Darn, I've forgotten to check those, I got so excited about the "add push modifier" that  I forgot to spelunk for everything else.

I'm easily entertained and easily distracted, it seems... 

I just can't see mine at all. :( The server chokes and dies on it. :( 

I confess that I did entertain myself with shift+F5 button for a good while when I was bored...

I, err, may be easily entertained. :D 

Edit: Oh yeah and the lizzzzard-dinoman looks awesome, I may have to consider getting it, although this is kinda going pretty Pokémon right now ("...gotta catch 'em all..."). 

Wishlist: 2,148 items. No, that's not an error.

Quote - The old forums are accessible, in Read Only Format.      http://forumarchive.daz3d.com/

Oh hey thanks. Now I can access the geo-graft tutorial and hammer out some stuff. I was looking for the forum archive but failed my Search roll...

I is mildly sad, though. My purchase (60s kitchen + Ren outfit) is still pending, even if the other purchase (Aidan + some 1.99 stuff) came through just fine. Not in a huge hurry, frankly, I got my hands full with other things, but it'd be nice. I have received confirmation mails, but then again, I run my own server and I have black- and whitelists out of wazoo. FYI: some have reported problems with installing downloaded content from the new store, I have been lucky, I s'pose, mine were perfectly intact.

Also, FYI: I found a cool feature from DS4.5! It has "Add push modifier" right below "Add smoothing modifier"! What it does? Well, apply it to, say, hair or clothes, and then you can manually jiggle the airspace between figure and clothes! AWESOME. So glad I managed to grab it before the site update.

All in all: I truly feel for DAZ Studio, knowing what kind of hell software changes can wreck; my own server upgrade resulted three sleepless nights, four days, and in the end, I solved it with money -- I bought a new NIC since I did not feel like retro-porting a NIC driver from an older system and fighting it some more, since 14 euros solved the problem. (By the way, it works much, much better now with the new NIC -- responses are notably faster. Eff you, NVidia, eff you and your embedded NICs.)

Now, hugs and kisses to everyone, users and DAZ people alike. This will get better. It may have a worse dip somewhere still, but it'll get better.