MarshallRawR Posted May 14, 2015 Share Posted May 14, 2015 I did use the noclip mod but I don't have any fade.exe or the BAE2BCEE folder, I also searched for the fade.exe on my computer. I've had the mod for ages and nothing has happened, but nonetheless I deleted the mod. Mmmh... I the few other mods I used are the PalmBeach's Rapid Reponse (police) mod and also the Ambulance Missions mod. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464837 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 appears i don't have it on my system shame that gta modding has to be so tainted iv days those were the days Saunders420 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464866 Share on other sites More sharing options...
FlyingAce Posted May 14, 2015 Share Posted May 14, 2015 Fade.exe sometimes is automatically caught by your AV and it doesnt tell you search for the other init.exe as well and the registry string and change passwords also could someone please remake this mod? xD Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464870 Share on other sites More sharing options...
Microbots Posted May 14, 2015 Share Posted May 14, 2015 Well, gta5-mods came out with a statement. They're going to beef up the process of testing scripts and recommend people use lua and cs scripts so that it's faster to verify. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464872 Share on other sites More sharing options...
Drkz Posted May 14, 2015 Share Posted May 14, 2015 (edited) @TJGM Which is funny since Windows doesn't label everything as unsafe. As for the rest of your post : at this point you're obviously just moving goalposts. I don't even know why i bother anymore, and i just don't know how someone could not learn from his mistakes. We'll enjoy, this has happened before and the flood gates have been open for years and years, it rarely happens. You keep acting like this will frequently happen now because of this one incident and if that's the case, why didn't it become more common when this previously happened? People who want to upload viruses know how easy it is to upload them among the modding communities, how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? I'm acting like it will be more frequent now for multiple reasons. The first one being that GTA V is by far the most popular GTA title, both in numbers, players and everything, the second one being that the game and the modding scene has way more media coverage (reddit, websites, and especially Youtube) than before, with the implications it brings, and the third one because there's nobody to check your sh*t, no security, and no consequences. It's a free win on multiple aspects, there's like close to absolutely no downsides whatsoever. If you were looking for easy Steam accounts, or just to ruin peoples day, ignoring such an easy way to infect people would be retarded. It's not a niche business anymore. Mods are being featured on PCGamer, all over internet and all over Youtube. Hell, if Steam maintained the paying mods you could even live out of your mods. how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? Because close to no mods for Skyrim / Fallout / ArmA / whatever are coming in a potentially dangerous format like .exe or .asi. Simple as that. 99.99 % of the time it's loose files inside an archive. And go away with your sh*tty "anyone could include a virus in any files anyway !!!!!!", while this is true to a very marginal extent, doing so is far more complicated and far less accessible than packing your sh*tty password stealer in a .asi file and calling it a day. Accessibility and simplicity, this is what makes the biggest difference here. Edited May 14, 2015 by Drkz Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464885 Share on other sites More sharing options...
Silent Posted May 14, 2015 Share Posted May 14, 2015 EDIT: Asked around, turns out you can store viruses into GTA file types. It's possible to store and execute a virus via a model file, texture archive file etc.. (this was done for Vice City's file types, which would've been .dff and .txd) But this can be patched... with an ASI mod. Ss4gogeta0 and Igor Bogdanoff 2 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464890 Share on other sites More sharing options...
boswellboxer Posted May 14, 2015 Share Posted May 14, 2015 f*ck I HAVE FADE.EXE Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464902 Share on other sites More sharing options...
Nah nah nah Gta 6 Posted May 14, 2015 Share Posted May 14, 2015 (edited) I'm starting to think that someone else is adding the malware and not the creators, some people have the malware and some people don't, I don't think a modder woul go out of his way to make a mod to f*ck with people (they probably would with simple mods like noclip). Edited May 14, 2015 by Stoney0503 Igor Bogdanoff 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464911 Share on other sites More sharing options...
TJGM Posted May 14, 2015 Share Posted May 14, 2015 @TJGM Which is funny since Windows doesn't label everything as unsafe. As for the rest of your post : at this point you're obviously just moving goalposts. I don't even know why i bother anymore, and i just don't know how someone could not learn from his mistakes. We'll enjoy, this has happened before and the flood gates have been open for years and years, it rarely happens. You keep acting like this will frequently happen now because of this one incident and if that's the case, why didn't it become more common when this previously happened? People who want to upload viruses know how easy it is to upload them among the modding communities, how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? I'm acting like it will be more frequent now for multiple reasons. The first one being that GTA V is by far the most popular GTA title, both in numbers, players and everything, the second one being that the game and the modding scene has way more media coverage (reddit, websites, and especially Youtube) than before, with the implications it brings, and the third one because there's nobody to check your sh*t, no security, and no consequences. It's a free win on multiple aspects, there's like close to absolutely no downsides whatsoever. It's not a niche business anymore. Mods are being featured on PCGamer and all over Youtube. how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? Because close to no mods for Skyrim / Fallout / ArmA / whatever are coming in a potentially dangerous format like .exe or .asi. Simple as that. 99.99 % of the time it's loose files inside an archive. And go away with your sh*tty "anyone could include a virus in any files anyway !!!!!!", while this is true to a very marginal extent, doing so is far more complicated and far less accessible than packing your sh*tty password stealer in a .asi file and calling it a day. Okay, fine, you've some what won me over and clearly won this argument. But still, I don't think you need to label mods as unsafe, we should be able to trust mod hosters to do decent testing with these mods before they get approved, especially ASI mods. I probably should've admitted I didn't have facts to back up my argument about two posts ago or so, but nobody likes to admit they're wrong. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464915 Share on other sites More sharing options...
Silent Posted May 14, 2015 Share Posted May 14, 2015 (edited) I'm starting to think that someone else is adding the malware and not the creators, some people have the malware and some people don't, I don't think a modder woul go out of his way to make a mod to f*ck with people (they probably would with simple mods like noclip). Too integrated with the ASI to be added post-compilation. Most definitely was added to the original source code. Edited May 14, 2015 by Silent Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464916 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 I'm starting to think that someone else is adding the malware and not the creators, some people have the malware and some people don't, I don't think a modder woul go out of his way to make a mod to f*ck with people (they probably would with simple mods like noclip). maybe it was the reuploads that contained the malware makes a whole lot more sense Igor Bogdanoff 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464921 Share on other sites More sharing options...
BS_BlackScout Posted May 14, 2015 Share Posted May 14, 2015 I feel so happy I haven't actually went into all this modding thing, I was almost doing it. I mean, I won't stay away from it, but that was big luck. No viruses here, I am clean Sad to hear about the others whose are in a bad situation =/ Nah nah nah Gta 6 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464922 Share on other sites More sharing options...
Drkz Posted May 14, 2015 Share Posted May 14, 2015 (edited) @TJGM Which is funny since Windows doesn't label everything as unsafe. As for the rest of your post : at this point you're obviously just moving goalposts. I don't even know why i bother anymore, and i just don't know how someone could not learn from his mistakes. We'll enjoy, this has happened before and the flood gates have been open for years and years, it rarely happens. You keep acting like this will frequently happen now because of this one incident and if that's the case, why didn't it become more common when this previously happened? People who want to upload viruses know how easy it is to upload them among the modding communities, how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? I'm acting like it will be more frequent now for multiple reasons. The first one being that GTA V is by far the most popular GTA title, both in numbers, players and everything, the second one being that the game and the modding scene has way more media coverage (reddit, websites, and especially Youtube) than before, with the implications it brings, and the third one because there's nobody to check your sh*t, no security, and no consequences. It's a free win on multiple aspects, there's like close to absolutely no downsides whatsoever. It's not a niche business anymore. Mods are being featured on PCGamer and all over Youtube. how come it's only going to become frequent to the GTA modding community? Why isn't it common among the Fallout/Skyrim modding community? Because close to no mods for Skyrim / Fallout / ArmA / whatever are coming in a potentially dangerous format like .exe or .asi. Simple as that. 99.99 % of the time it's loose files inside an archive. And go away with your sh*tty "anyone could include a virus in any files anyway !!!!!!", while this is true to a very marginal extent, doing so is far more complicated and far less accessible than packing your sh*tty password stealer in a .asi file and calling it a day. Okay, fine, you've some what won me over and clearly won this argument. But still, I don't think you need to label mods as unsafe, we should be able to trust mod hosters to do decent testing with these mods before they get approved, especially ASI mods. I probably should've admitted I didn't have facts to back up my argument about two posts ago or so, but nobody likes to admit they're wrong. It's okay mate, no problems. In the end i just want the same thing as you : healthy modding community without the fear of being infected. As for trust, well it can works in a small modding community or a niche one, where everyone knows everyone. But i don't think it's the case with GTA V anymore. Edited May 14, 2015 by Drkz OldWorldNomad and TJGM 2 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464929 Share on other sites More sharing options...
Igor Bogdanoff Posted May 14, 2015 Share Posted May 14, 2015 MBAM also said http://www.thegtaplace.com/downloads/f455-gta-mod-installer-v50-betathis is malware too. (or Trojan.dropper) Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464931 Share on other sites More sharing options...
Shaunr Posted May 14, 2015 Share Posted May 14, 2015 WTF.. Thanks for the Post OP. guys i deleted init.exe and fade.exe also i cleared the registry as MarshallRawR said is there anything i need to do ? I'm really worried right now Change all your passwords. ok, some people like me can't possibly change all their passwords. This is just a keylogger, right? so my stored passwords are safe? I've only been using this since last night, and I haven't actually typed in any passwords. Please someone give some more details on this. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464940 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 MBAM also said http://www.thegtaplace.com/downloads/f455-gta-mod-installer-v50-betathis is malware too. (or Trojan.dropper) i guess get used to this noone cared about gta before but the people who actually cared now that gta is mainstream it's going to turn into a total mess it's not what it used to be any more Igor Bogdanoff and Ss4gogeta0 2 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464942 Share on other sites More sharing options...
Igor Bogdanoff Posted May 14, 2015 Share Posted May 14, 2015 MBAM also said http://www.thegtaplace.com/downloads/f455-gta-mod-installer-v50-betathis is malware too. (or Trojan.dropper) i guess get used to this noone cared about gta before but the people who actually cared now that gta is mainstream it's going to turn into a total mess it's not what it used to be any more Gaming in general turned into mainstream. AND THAT IS LAME. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464965 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 (edited) yup look at that fade.exe is in the quarantine and since day 1 Edited May 14, 2015 by ZZCOOL Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464966 Share on other sites More sharing options...
FlyingAce Posted May 14, 2015 Share Posted May 14, 2015 someone on reddit said these two might also be dangerous EnforcerZhukovReallistic Mods plz :V 1 point an hour ago WTF this is reaaaaally curious, GTAForums' got now a 403 error o.O BTW i scanned with Panda Free and Malwarebytes my AppData folder and looks clean (despite of some typical cookies). My mods folder is also clean, BUT Panda found 2 suspicious files: Tank.asi (the first version of this mod: https://www.gta5-mods.com/scripts/tanks-spawn-at-five-stars) and this too (https://www.gta5-mods.com/scripts/working-restaurants). Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464984 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 someone on reddit said these two might also be dangerous EnforcerZhukovReallistic Mods plz :V 1 pointan hour ago WTF this is reaaaaally curious, GTAForums' got now a 403 error o.O BTW i scanned with Panda Free and Malwarebytes my AppData folder and looks clean (despite of some typical cookies). My mods folder is also clean, BUT Panda found 2 suspicious files: Tank.asi (the first version of this mod: https://www.gta5-mods.com/scripts/tanks-spawn-at-five-stars) and this too (https://www.gta5-mods.com/scripts/working-restaurants). plastic tangerine is in my eyes a highly respected modder no way he'd put a virus in his mods Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067464990 Share on other sites More sharing options...
MarshallRawR Posted May 14, 2015 Share Posted May 14, 2015 Who knows, maybe whoever owns GTA5-Mods.com is putting all those malwares. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465008 Share on other sites More sharing options...
FlyingAce Posted May 14, 2015 Share Posted May 14, 2015 (edited) exactly my thought ZZCOOL just putting it out there... maybe he had a reupload from someone... Edited May 14, 2015 by FlyingAce Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465012 Share on other sites More sharing options...
Silent Posted May 14, 2015 Share Posted May 14, 2015 Who knows, maybe whoever owns GTA5-Mods.com is putting all those malwares. Still seems too well integrated with the binary to be doable without the source code. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465022 Share on other sites More sharing options...
visionglid Posted May 14, 2015 Share Posted May 14, 2015 At least four times, when i run GTA 5, the Avast grab a malware trying to access external sites. But i wasn't worried. That sucks. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465026 Share on other sites More sharing options...
Igor Bogdanoff Posted May 14, 2015 Share Posted May 14, 2015 Who knows, maybe whoever owns GTA5-Mods.com is putting all those malwares. Still seems too well integrated with the binary to be doable without the source code. Maybe some very clever cyber criminal Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465030 Share on other sites More sharing options...
EnforcerZhukov Posted May 14, 2015 Share Posted May 14, 2015 someone on reddit said these two might also be dangerous EnforcerZhukovReallistic Mods plz :V 1 pointan hour ago WTF this is reaaaaally curious, GTAForums' got now a 403 error o.O BTW i scanned with Panda Free and Malwarebytes my AppData folder and looks clean (despite of some typical cookies). My mods folder is also clean, BUT Panda found 2 suspicious files: Tank.asi (the first version of this mod: https://www.gta5-mods.com/scripts/tanks-spawn-at-five-stars) and this too (https://www.gta5-mods.com/scripts/working-restaurants). Was me That's what Panda Free found, but Malwarebytes don't. I can't say if they're infected. i just scanned my mods folder and Panda found that. Probably those results can be false positives. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465031 Share on other sites More sharing options...
ZZCOOL Posted May 14, 2015 Share Posted May 14, 2015 Who knows, maybe whoever owns GTA5-Mods.com is putting all those malwares. yeah a highly respected veteran whithin the modding community decided to go out of his way and put a virus on the website that makes him alot of money no rappo did not please never say that again Driver333 1 Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465032 Share on other sites More sharing options...
Flying Scotsman Posted May 14, 2015 Share Posted May 14, 2015 Please, please please, pretty please. answer my question. Basically, I have done everything, check my reg, nothing found. Searched for Fade.exe, nothing found. Done everything, nothing found. I have the noclip mod, I directly downloaded after 1minute of it being uploaded. Please tell me I'm fine, if so please tell me what more to do to make sure that the keylogger didn't install. I have malware byte and avg, done a scan with both nothing found. Please please please reply. Anything else that I can do to check that the keylogger didn't install? Thank you! It only infects you if you run it. Just downloading it doesn't do anything. It looks like it's compiled when you run it (hence the C# compiler) and it compiles non-GTA related code into the logger and stores it in the directories people have pointed out. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465034 Share on other sites More sharing options...
Conwin Posted May 14, 2015 Share Posted May 14, 2015 This sucks. I'm only using Scripthook, FOV mod and Visual V currently, but have experimented with shaders a deformation mod and a LED lighting mod in the past. Hopefully none of those had any viruses on them.. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465035 Share on other sites More sharing options...
Silent Posted May 14, 2015 Share Posted May 14, 2015 That's what Panda Free found, but Malwarebytes don't. I can't say if they're infected. i just scanned my mods folder and Panda found that. Probably those results can be false positives. They deffo don't have Fade inside. Link to comment https://gtaforums.com/topic/794383-malware-inside-angry-planes-noclip-mod/page/5/#findComment-1067465044 Share on other sites More sharing options...
Recommended Posts