Jump to content
Forum Rules
Official Modification Forum Rules
GTAMods Wiki
GTA Online New Bonuses for 17th Apr 2025 - Celebrate 4/20 with Bonuses and Rewards Across Everything Weed Related, a Twist on Hunting Pack with Lamar Davis & More!

Malware inside Angry Planes & Noclip Mod

aboutseven

By aboutseven
in GTA V

 Share

Recommended Posts

Benie

Benie

Posted
Posted (edited)

I found a reported clean version of Angry Planes by a trusted Reddit user, who also wanted people to match the checksums of his version, and the version I got. All checked out. Did a Threat scan with Malwarebytes (my Premium free trial version), and it detected nothing (before and after playing with the mod). I'm also using Sandboxie for extra protection.

Ran the game for awhile, mod works great with my other mods. So I quit and tried to follow the virus removal (incase I actually had the adware). First off, there's no 'csc.exe' running that I can see in the Task Manager.

In my AppData folder (the Sandboxie version), I saw a strange file called 'Local' with a bunch of weird characters next to it (almost looked Chinese). File has been removed. It could had been placed by Sandboxie, but at this day and age... I can't take any chances.

In my regular version (outside of Sandboxie), the weird file isn't there.

 

Anyway, continuing Step 3, I found no .z or init files in the Local/Temp folder. Didn't see an unnamed zip file, and no recently created folders with Fade.exe in them.

But this is where it starts to get... interesting. I checked regedit, and didn't find a 'Shell' entry where the picture said to go. I checked all of them, and I see no Shell folder. Is this bad?

http://puu.sh/ivDbG/fb9a0e3a39.png

 

Lastly, I checked HKEY_CURRENT_USER/Software/Microsoft and see no entries or folders of 'Fade' or 'Leep'.

 

So, am I still good? Did a restart, and still no Fade.exe anywhere. So, looks like it's actually clean. I won't be giving the link out due to someone could potentially put that virus in again.

Edited by Benie
Bloody Mary

Bloody Mary

Posted
Posted (edited)

That weird "Local" file with Chinese characters after it is normal and was found/reported by many players after installing GTA V long before mods were even made for it. According to Rockstar it's a file that deals with profiles that have unexpected/strange characters in them, so it's perfectly safe; if you deleted it, GTA V automatically makes another.

 

Personally I'm extremely cautious about all mods, even now. I never got Angry Planes or Noclip, but I'm still quite wary of files from authors whom I don't trust. The GTA V modsite's heavier testing and longer approval periods help, but still, I'd stay away from anything related to Angry Planes or Noclip, no matter how "clean" a Reddit user claims it to be.

Edited by Bloody Mary
Benie

Benie

Posted
Posted (edited)

I get the message loud and clear. I don't blame you. I was REALLY.. really hesitant to even try (nomatter how 'clean' it claimed), but I saw a video of Sandboxie, and how it's able to even keep your computer safe from that Cryptlocker virus. That sold me.

 

But like I said, here's the weird thing about that 'Local' file in my Appdata folder. You claim that it's perfectly normal and the game creates it. Then how come I never saw it before? I checked my normal un-Sandboxie version of Appdata and never saw this file.

Anyway, yeah. I never even owned GTA V for PC when I heard about this virus. I even hesitated if it was worth paying the $60 for it, as I have it on my PS4. But I really wanted to play with mods.

But that fear of the next top mod that may or may not have a virus... yeah.

 

There is a mod on GTAV-mods.com, called 'Planes Hails'. Author wants it to be the next Angry Planes mod. Immediately, people thought it was more adware (with plenty of reason), but the mod author defended their mod, giving access to the source code. No viruses with it.

Edited by Benie
Bloody Mary

Bloody Mary

Posted
Posted (edited)

I get the message loud and clear. I don't blame you. I was REALLY.. really hesitant to even try (nomatter how 'clean' it claimed), but I saw a video of Sandboxie, and how it's able to even keep your computer safe from that Cryptlocker virus. That sold me.

 

But like I said, here's the weird thing about that 'Local' file in my Appdata folder. You claim that it's perfectly normal and the game creates it. Then how come I never saw it before? I checked my normal un-Sandboxie version of Appdata and never saw this file.

Anyway, yeah. I never even owned GTA V for PC when I heard about this virus. I even hesitated if it was worth paying the $60 for it, as I have it on my PS4. But I really wanted to play with mods.

But that fear of the next top mod that may or may not have a virus... yeah.

 

There is a mod on GTAV-mods.com, called 'Planes Hails'. Author wants it to be the next Angry Planes mod. Immediately, people thought it was more adware (with plenty of reason), but the mod author defended their mod, giving access to the source code. No viruses with it.

 

Again, not too sure about the Local file, but it was reported around launch throughout the Rockstar and GTA forums. According to Rockstar themselves it's normal. Maybe it's with the Steam version only? Most of the forum topics regarding it are from Steam. However, multiple people have scanned it with various anti-virus and anti-malware software, including Malwarebytes, and it's squeaky clean.

 

http://www.sevenforums.com/general-discussion/367307-local-what.html

http://www.neogaf.com/forum/showthread.php?t=1028101&page=64

https://www.reddit.com/r/GrandTheftAutoV_PC/comments/34k60e/new_file_created_in_appdata_called/

http://steamcommunity.com/app/271590/discussions/0/611703999971057114/

http://www.bleepingcomputer.com/forums/t/578397/file-in-appdata-with-strange-japanese-characters-1kb/

Edited by Bloody Mary
Benie

Benie

Posted
Posted (edited)

does anyone know what version of angry plane mod and it's clean from malware or viruses??

plz reply :D

All I can tell you is to look it up. You shouldn't really be asking. People are still on edge here.

Edited by Benie
Beannn

Beannn

Posted
Posted (edited)

Hi Guys, Just to Check is Native trainer by Alexander Blade safe??? (New to gta V mods) If this is the only mods i had downloaded for gta v, am i safe from the virus mentioned in this thread??? I do not have any files inside my Temp folder.

Edited by Beannn
Nah nah nah Gta 6

Nah nah nah Gta 6

Posted
Posted (edited)

Hi Guys, Just to Check is Native trainer by Alexander Blade safe???

It's safe, millions of people have used it, if it had a virus it would of been reported a while ago.

Edited by Stoney0503
  • Beannn and Benie
  • Like 2
  • 9 months later...
86DX

86DX

Posted
Posted

Long time no bump. Figured I might as well do it to ask something several others have elsewhere: any reports of malware in any mods recently?

That was a really, really dumb bump. If there was reports, the topic would've been revived long before this.

Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • 0 User Currently Viewing
    0 members, 0 Anonymous, 0 Guests

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.

  I accept