Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!

    1. GTA Online

      1. The Diamond Casino Heist
      2. Find Lobbies & Players
      3. Guides & Strategies
      4. Vehicles
      5. Content Creator
      6. Help & Support
    2. Red Dead Online

      1. Frontier Pursuits
      2. Find Lobbies & Outlaws
      3. Help & Support
    3. Crews

      1. Events
    1. Red Dead Redemption 2

      1. PC
      2. Gameplay
      3. Missions
      4. Help & Support
    2. Red Dead Redemption

    1. Grand Theft Auto Series

    2. GTA 6

    3. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    4. GTA IV

      1. The Lost and Damned
      2. The Ballad of Gay Tony
      3. Guides & Strategies
      4. Help & Support
      5. GTA IV Mods
    5. GTA Chinatown Wars

    6. GTA Vice City Stories

    7. GTA Liberty City Stories

    8. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA SA Mods
    9. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA VC Mods
    10. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA III Mods
    11. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    1. GTA Mods

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Red Dead Mods

    3. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    4. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Rockstar Games

    2. Rockstar Collectors

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    3. Gangs

    1. News

    2. Forum Support

    3. Site Suggestions

aboutseven

Malware inside Angry Planes & Noclip Mod

Recommended Posts

Mr Dazza

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Share this post


Link to post
Share on other sites
Alexander Blade

asi shows clean because antivirus has no signature match , so it goes into dynamic analysis i.e. emulating library execution and finds still nothing because this stuff is called only when script starts ingame (no proper environment for antivirus) , so there will be signatures in av bases soon for the downloader function inside asi , signatures for logger which it is downloading are already in 1/4 of antiviruses

  • Like 3

Share this post


Link to post
Share on other sites
MagikarpIsOP

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

 

Same here.

 

This is exactly my point.

Share this post


Link to post
Share on other sites
TJGM

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Did you run the game with the mod installed?

Share this post


Link to post
Share on other sites
Mr Dazza

 

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Did you run the game with the mod installed?

 

Yeah, a while back though.. maybe it deleted its self.. Why the f*ck would people do this, seriously.

  • Like 1

Share this post


Link to post
Share on other sites
TJGM

 

 

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Did you run the game with the mod installed?

 

Yeah, a while back though.. maybe it deleted its self.. Why the f*ck would people do this, seriously.

 

Possibly, or your anti-virus picked it up. Check your anti-virus history and see what files it picked up as malware over the past week or so.

Share this post


Link to post
Share on other sites
MagikarpIsOP

 

 

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Did you run the game with the mod installed?

 

Yeah, a while back though.. maybe it deleted its self.. Why the f*ck would people do this, seriously.

 

Heisenberg is exactly saying what i wanna say. (Good words!)

 

Im also worried it deleted itself, anyone that used this mod should change passwords anyway.

Share this post


Link to post
Share on other sites
Jax765

 

 

Ive looked into my temp directories, scanned the asi and everything else, but i cant find any trace of the file doing what you are saying its done.. i cant see csc.exe, i cant see fade.exe anywhere either.. am I just blind or am I clean? Do I need the mod installed for it to do any harm? Ive had it installed once, but now its just sitting in my mod manager..

Did you run the game with the mod installed?

 

Yeah, a while back though.. maybe it deleted its self.. Why the f*ck would people do this, seriously.

 

 

Check your anti-virus history?

 

y5vb.png

Share this post


Link to post
Share on other sites
Mr Dazza

Oh f*ck.. http://prntscr.com/753boo

 

What do? WAT DO? Am I okay if the antivirus picked it up? Has it ceased to go furhter? Are my passwords safe?

Share this post


Link to post
Share on other sites
MarshallRawR

Oh f*ck.. http://prntscr.com/753boo

 

What do? WAT DO? Am I okay if the antivirus picked it up? Has it ceased to go furhter? Are my passwords safe?

 

There's some cleanup to do (regedit.exe, then search "Winlogon" and remove the extra it added

 

bBtk8HM.png

 

 

Delete all of it traces and change password I my guess.

  • Like 1

Share this post


Link to post
Share on other sites
MagikarpIsOP

Oh f*ck.. http://prntscr.com/753boo

 

What do? WAT DO? Am I okay if the antivirus picked it up? Has it ceased to go furhter? Are my passwords safe?

 

Change them asap. (Also, which software detected that?)

Share this post


Link to post
Share on other sites
Mr Dazza

 

Oh f*ck.. http://prntscr.com/753boo

 

What do? WAT DO? Am I okay if the antivirus picked it up? Has it ceased to go furhter? Are my passwords safe?

 

Change them asap. (Also, which software detected that?)

 

My antivirus is Avast. That detected it.

 

 

Oh f*ck.. http://prntscr.com/753boo

 

What do? WAT DO? Am I okay if the antivirus picked it up? Has it ceased to go furhter? Are my passwords safe?

 

There's some cleanup to do (regedit.exe, then search "Winlogon" and remove the extra it added

 

bBtk8HM.png

 

 

Delete all of it traces and change password I my guess.

 

That file isn't there. Shell wasn't there, it seemed clean. Ill give it another look over and start changing my passwords for maximum safety.

Share this post


Link to post
Share on other sites
Hideo Kojima

Just deleted both init.exe and fade.exe .

:/

Share this post


Link to post
Share on other sites
MagikarpIsOP

Is it possible that Kaspersky might stopped this? Im genuinely confused since im yet to find any of this files. Will keep scanning etc.

Share this post


Link to post
Share on other sites
Mr.Arrow

shiiiiit I got Fade.exe

 

am I f*cked????? My computer has OS password too sh*t

Edited by Cyberzone2

Share this post


Link to post
Share on other sites
Im So HM02

Hmm... I installed NoClip the day it came out and used it for about an hour all up. I have MBAM but don't have the active protection on. Nothing suspicious in my registry and no files in my temp folder (although I do a regular clean up of these). Is it possible it deleted its own registry keys?

Edited by Im So HM02

Share this post


Link to post
Share on other sites
Mr.Arrow

f*ck that mod author seriously

  • Like 1

Share this post


Link to post
Share on other sites
GtaGamer2222

WTF.. Thanks for the Post OP. guys i deleted init.exe and fade.exe also i cleared the registry as MarshallRawR said is there anything i need to do ? I'm really worried right now

Edited by GtaGamer2222

Share this post


Link to post
Share on other sites
TJGM

WTF.. Thanks for the Post OP. guys i deleted init.exe and fade.exe also i cleared the registry as MarshallRawR said is there anything i need to do ? I'm really worried right now

Change all your passwords.

Share this post


Link to post
Share on other sites
MagikarpIsOP

Is it possible that Kaspersky might stopped this? Im genuinely confused since im yet to find any of this files. Will keep scanning etc.

Nothing from a full scan of malwarebytes and also nothing from a scan in the appdata folder.

 

I seem to be the only here that is "safe".. And i don't like that.

Edited by MagikarpIsOP

Share this post


Link to post
Share on other sites
Hideo Kojima

Damn... Steam's asking my password does not recognise it... :|

 

I just changed my Steam Guard setting btw. Now it send me an email if someone wants to log in.

Edited by m3tal z_DKI

Share this post


Link to post
Share on other sites
Drkz

And that's why i refuse to use .asi whatsoever for anything else than mandatory tools like OpenIV.

 

If you want to do a menu or some easy script use .lua. There's no need to clutter everything with .asi files.

Edited by Drkz

Share this post


Link to post
Share on other sites
Mr Dazza

Damn... Steam's asking my password does not recognise it... :|

Wait sh*t have they stolen your steam account? Check your emails for ANY changes to your account. Saame goes with everything else.

Share this post


Link to post
Share on other sites
Mr.Arrow

use virustotal because this malware is one sneaky bastard

Edited by Cyberzone2

Share this post


Link to post
Share on other sites
Silent

And that's why i refuse to use .asi whatsoever for anything else than mandatory tools like OpenIV.

 

If you want to do a menu or some easy script use .lua. There's no need to clutter everything with .asi files.

You realize .lua's are loaded by an .asi, right?

  • Like 1

Share this post


Link to post
Share on other sites
Mr.Arrow

I wonder what happen with the other people especially GTASeries video and IGN since they used this mod too

Share this post


Link to post
Share on other sites
MagikarpIsOP

TbAmsDS.jpg

 

Only thing related to init.exe or something like that is this.

Share this post


Link to post
Share on other sites
Drkz

 

And that's why i refuse to use .asi whatsoever for anything else than mandatory tools like OpenIV.

 

If you want to do a menu or some easy script use .lua. There's no need to clutter everything with .asi files.

You realize .lua's are loaded by an .asi, right?

 

 

You realize you can't avoid .asi in GTA modding scene but you can atleast alleviate your exposition to it, right ? Use the necessary tools and then stick to .lua.

Edited by Drkz

Share this post


Link to post
Share on other sites
Daynja

Damn... Steam's asking my password does not recognise it... :|

 

I just changed my Steam Guard setting btw. Now it send me an email if someone wants to log in.

Best thing you could have done. I always set these guards up the moment they offer them. Same for gmail same for Origin.If anyone attempts to log in to my accounts i get a text message passcode sent to my mobile or email

  • Like 1

Share this post


Link to post
Share on other sites
Silent

You realize you can't avoid .asi in GTA modding scene but you can atleast alleviate your exposition to it, right ?

Of course I do, since I develop them myself. But I'm not that f*cked up in the head to include malware in them ;)

  • Like 2

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.