Actual solution to the current cough virus issues - Developers

Other solutions may work too, but I am trying to explain why this fixes stuff as well. [b]Fixing Servers[/b] Delete the following files - garrysmod/engine_win32.dll - garrysmod/download/engine_win32.dll - garrysmod/lua/autorun/server/default.lua Modify server.cfg so that the below variables are defined as follows: [code] sv_allowdownload 0 // Stop clients downloading files directly from server, FastDL will still be functional sv_allowupload 0 // Stop files from uploading files directly to the server rcon_password "" // alternatively, move your rcon password to be defined in your server's startup command line [/code] This will ensure that infected clients are unable to re-infect your server [b]Fixing Clients[/b] Delete the following files - garrysmod/engine_win32.dll - garrysmod/download/engine_win32.dll - garrysmod/bin/game_shader_generic_engine.dll - garrysmod/materials/cooltexture.vtf Some of these files are hidden and will require you to enable viewing hidden files on windows. ( [url]http://windows.microsoft.com/en-gb/windows/show-hidden-files[/url] ) Once you have performed these actions, joining an infected server may still cause you to become re-infected.

Thanks! Perfect guide man!

[QUOTE=Willox;44584702][code] sv_allowdownload 0 // Stop clients downloading files directly from server, FastDL will still be functional sv_allowupload 0 // Stop files from uploading files directly to the server rcon_password "" // alternatively, move your rcon password to be defined in your server's startup command line [/code][/QUOTE] As a note for everyone, this should be disabled regardless of the virus. allowupload and RCON should always be disabled; they're highly exploitable in many Source games. Also, Willox, you misspelled upload.

All of these posts are suggesting a windows only server issues. Does this issue also affect linux servers?

[QUOTE=radargaming;44584973]All of these posts are suggesting a windows only server issues. Does this issue also affect linux servers?[/QUOTE] Nope. This specific "virus" is Windows only. Linux servers could potentially be effected by the exploits it uses and the configuration instructions from this guide should be applied.

Just a question, if you disable all this in your server, and then join it, can anyone infect you within the server?

Clients can only be infected by an infected server

So.. I did not find any of these files for fixing my server. However, during this "epidemic" I had many people spamming the "*cough*" in chat so I assumed my server was infected? I shut it off after this weird thing happened, and then checked facepunch and found out it was a virus.

Could anyone upload the DLLs files please ?

Thanks for the help, very nice tutorial.

[QUOTE=ExtReMLapin;44585757]Could anyone upload the DLLs files please ?[/QUOTE] Pretty sure Steam redownloads them automatically for you if you start GMod. Might have to verify your game cache if that doesn't work.

[QUOTE=Handsome Matt;44585807]Not until the patch is out.[/QUOTE] I mean the infected files, i can also connect to a server and get infected but i just want the infected file , without being infected :v: .

You shouldn't be playing GMod at all. Workshop can be used to spread the virus.

[QUOTE=ExtReMLapin;44585983]I mean the infected files, i can also connect to a server and get infected but i just want the infected file , without being infected :v: .[/QUOTE] As of right now; it's a virus delivery tool. No OS is safe with removing a few lines; meaning anyone that wrote a virus who doesn't have a viable delivery mechanism, will have one just by using the files. It's being censored for a reason.

[QUOTE=Acecool;44586044]As of right now; it's a virus delivery tool. No OS is safe with removing a few lines [B][I][U] ; [/U][/I][/B] meaning anyone that wrote a virus who doesn't have a viable delivery mechanism, will have one just by using the files. It's being censored for a reason.[/QUOTE] Understood, thanks.

[QUOTE=code_gs;44584749]As a note for everyone, this should be disabled regardless of the virus. allowupload and RCON should always be disabled; they're highly exploitable in many Source games. Also, Willox, you misspelled upload.[/QUOTE] I've never known a way to exploit RCON when set using a strong password and in the command line. This also makes me laugh greatly at a shit server I was toying with in March: [IMG]http://i.imgur.com/zmprXUF.png[/IMG] You just can't help some idiots even if you try :)

[QUOTE=Pantho;44586418]I've never known a way to exploit RCON when set using a strong password and in the command line. This also makes me laugh greatly at a shit server I was toying with in March: [IMG]http://i.imgur.com/zmprXUF.png[/IMG] You just can't help some idiots even if you try :)[/QUOTE] The same guy that runs coder-launch !