Benie Posted June 20, 2015 Share Posted June 20, 2015 (edited) I found a reported clean version of Angry Planes by a trusted Reddit user, who also wanted people to match the checksums of his version, and the version I got. All checked out. Did a Threat scan with Malwarebytes (my Premium free trial version), and it detected nothing (before and after playing with the mod). I'm also using Sandboxie for extra protection.Ran the game for awhile, mod works great with my other mods. So I quit and tried to follow the virus removal (incase I actually had the adware). First off, there's no 'csc.exe' running that I can see in the Task Manager. In my AppData folder (the Sandboxie version), I saw a strange file called 'Local' with a bunch of weird characters next to it (almost looked Chinese). File has been removed. It could had been placed by Sandboxie, but at this day and age... I can't take any chances. In my regular version (outside of Sandboxie), the weird file isn't there. Anyway, continuing Step 3, I found no .z or init files in the Local/Temp folder. Didn't see an unnamed zip file, and no recently created folders with Fade.exe in them. But this is where it starts to get... interesting. I checked regedit, and didn't find a 'Shell' entry where the picture said to go. I checked all of them, and I see no Shell folder. Is this bad? http://puu.sh/ivDbG/fb9a0e3a39.png Lastly, I checked HKEY_CURRENT_USER/Software/Microsoft and see no entries or folders of 'Fade' or 'Leep'. So, am I still good? Did a restart, and still no Fade.exe anywhere. So, looks like it's actually clean. I won't be giving the link out due to someone could potentially put that virus in again. Edited June 20, 2015 by Benie Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067630025 Share on other sites More sharing options...
Bloody Mary Posted June 20, 2015 Share Posted June 20, 2015 (edited) That weird "Local" file with Chinese characters after it is normal and was found/reported by many players after installing GTA V long before mods were even made for it. According to Rockstar it's a file that deals with profiles that have unexpected/strange characters in them, so it's perfectly safe; if you deleted it, GTA V automatically makes another. Personally I'm extremely cautious about all mods, even now. I never got Angry Planes or Noclip, but I'm still quite wary of files from authors whom I don't trust. The GTA V modsite's heavier testing and longer approval periods help, but still, I'd stay away from anything related to Angry Planes or Noclip, no matter how "clean" a Reddit user claims it to be. Edited June 20, 2015 by Bloody Mary Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067630072 Share on other sites More sharing options...
Benie Posted June 20, 2015 Share Posted June 20, 2015 (edited) I get the message loud and clear. I don't blame you. I was REALLY.. really hesitant to even try (nomatter how 'clean' it claimed), but I saw a video of Sandboxie, and how it's able to even keep your computer safe from that Cryptlocker virus. That sold me. But like I said, here's the weird thing about that 'Local' file in my Appdata folder. You claim that it's perfectly normal and the game creates it. Then how come I never saw it before? I checked my normal un-Sandboxie version of Appdata and never saw this file. Anyway, yeah. I never even owned GTA V for PC when I heard about this virus. I even hesitated if it was worth paying the $60 for it, as I have it on my PS4. But I really wanted to play with mods. But that fear of the next top mod that may or may not have a virus... yeah. There is a mod on GTAV-mods.com, called 'Planes Hails'. Author wants it to be the next Angry Planes mod. Immediately, people thought it was more adware (with plenty of reason), but the mod author defended their mod, giving access to the source code. No viruses with it. Edited June 20, 2015 by Benie Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067630123 Share on other sites More sharing options...
Bloody Mary Posted June 20, 2015 Share Posted June 20, 2015 (edited) I get the message loud and clear. I don't blame you. I was REALLY.. really hesitant to even try (nomatter how 'clean' it claimed), but I saw a video of Sandboxie, and how it's able to even keep your computer safe from that Cryptlocker virus. That sold me. But like I said, here's the weird thing about that 'Local' file in my Appdata folder. You claim that it's perfectly normal and the game creates it. Then how come I never saw it before? I checked my normal un-Sandboxie version of Appdata and never saw this file. Anyway, yeah. I never even owned GTA V for PC when I heard about this virus. I even hesitated if it was worth paying the $60 for it, as I have it on my PS4. But I really wanted to play with mods. But that fear of the next top mod that may or may not have a virus... yeah. There is a mod on GTAV-mods.com, called 'Planes Hails'. Author wants it to be the next Angry Planes mod. Immediately, people thought it was more adware (with plenty of reason), but the mod author defended their mod, giving access to the source code. No viruses with it. Again, not too sure about the Local file, but it was reported around launch throughout the Rockstar and GTA forums. According to Rockstar themselves it's normal. Maybe it's with the Steam version only? Most of the forum topics regarding it are from Steam. However, multiple people have scanned it with various anti-virus and anti-malware software, including Malwarebytes, and it's squeaky clean. http://www.sevenforums.com/general-discussion/367307-local-what.html http://www.neogaf.com/forum/showthread.php?t=1028101&page=64 https://www.reddit.com/r/GrandTheftAutoV_PC/comments/34k60e/new_file_created_in_appdata_called/ http://steamcommunity.com/app/271590/discussions/0/611703999971057114/ http://www.bleepingcomputer.com/forums/t/578397/file-in-appdata-with-strange-japanese-characters-1kb/ Edited June 20, 2015 by Bloody Mary Benie 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067633338 Share on other sites More sharing options...
Enumerator Posted June 21, 2015 Share Posted June 21, 2015 This is an easy fix... Alex... Update your loader to prevent 1) system registry access. 2) file creation. 3) network access 4) scan asi files for imports and marshals before loading H3RB4LS 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067633570 Share on other sites More sharing options...
syn_gatez Posted June 21, 2015 Share Posted June 21, 2015 does anyone know what version of angry plane mod and it's clean from malware or viruses?? plz reply Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067633972 Share on other sites More sharing options...
Benie Posted June 21, 2015 Share Posted June 21, 2015 (edited) does anyone know what version of angry plane mod and it's clean from malware or viruses?? plz reply All I can tell you is to look it up. You shouldn't really be asking. People are still on edge here. Edited June 21, 2015 by Benie Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067634483 Share on other sites More sharing options...
Beannn Posted June 22, 2015 Share Posted June 22, 2015 (edited) Hi Guys, Just to Check is Native trainer by Alexander Blade safe??? (New to gta V mods) If this is the only mods i had downloaded for gta v, am i safe from the virus mentioned in this thread??? I do not have any files inside my Temp folder. Edited June 22, 2015 by Beannn Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067639957 Share on other sites More sharing options...
Nah nah nah Gta 6 Posted June 22, 2015 Share Posted June 22, 2015 (edited) Hi Guys, Just to Check is Native trainer by Alexander Blade safe??? It's safe, millions of people have used it, if it had a virus it would of been reported a while ago. Edited June 22, 2015 by Stoney0503 Beannn and Benie 2 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067640065 Share on other sites More sharing options...
Beannn Posted June 22, 2015 Share Posted June 22, 2015 Thanks for the reply. got so worried after reading this thread. thought i would have to reformat my comp. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067640153 Share on other sites More sharing options...
86DX Posted June 22, 2015 Share Posted June 22, 2015 Hi Guys, Just to Check is Native trainer by Alexander Blade safe??? It's safe, millions of people have used it, if it had a virus it would of been reported a while ago. Exactly, should be common sense. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067641592 Share on other sites More sharing options...
El Dorado Posted June 23, 2015 Share Posted June 23, 2015 Keep a close eye on this thread http://gtaforums.com/topic/791187-xbox360-ps3-pc-gta-v-save-editor-by-xb36hazard/page-4 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067642183 Share on other sites More sharing options...
Bloody Mary Posted June 23, 2015 Share Posted June 23, 2015 Keep a close eye on this thread http://gtaforums.com/topic/791187-xbox360-ps3-pc-gta-v-save-editor-by-xb36hazard/page-4 Sad that some people think a save editor is really worth getting malware for. Benie 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1067642584 Share on other sites More sharing options...
Bloody Mary Posted March 28, 2016 Share Posted March 28, 2016 Long time no bump. Figured I might as well do it to ask something several others have elsewhere: any reports of malware in any mods recently? Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1068646568 Share on other sites More sharing options...
86DX Posted March 28, 2016 Share Posted March 28, 2016 Long time no bump. Figured I might as well do it to ask something several others have elsewhere: any reports of malware in any mods recently? That was a really, really dumb bump. If there was reports, the topic would've been revived long before this. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/38/#findComment-1068646613 Share on other sites More sharing options...
Recommended Posts