Team Fortress 2 Classic V3 - Games

[QUOTE=PimpinDemopan;48605976]Shit. I haven't played TF2C on my other laptop (am currently using my new one, getting Windows 10 installed) for a few days now; would I somehow even have this file? It's kinda freaking me out.[/QUOTE] If you have joined the infected server, yes. I suggest scanning your source sdk mp base 13 for viruses immediatly.

Jesus, I never would have figured something this scary and convoluted would ever actually happen to a freaking mod. I hope everything gets patched up. I don't want this project to die.

It probably won't die, it's just dead right now because it's too dangerous to play on it. I know a guy who can host a server (garden freeman), I'll ask him if he could set sv_upload to 0 and sv_allowupload to 0 so we could play on TF2C again.

Good thing TF2C has no linux binaries or I might have been hacked! :downs:

Here are the scan results Here's what they say F:\downloads\7A32.tmp a variant of Win32/Verti.G potentially unwanted application F:\downloads\Alsina_Font_Installer.exe a variant of Win32/OpenInstall potentially unwanted application And here is how they cleaned it: F:\downloads\7A32.tmp - a variant of Win32/Verti.G potentially unwanted application - cleaned by deleting - quarantined [1] F:\downloads\Alsina_Font_Installer.exe - a variant of Win32/OpenInstall potentially unwanted application - cleaned by deleting - quarantined [1] Am I safe? [IMG]http://i.imgur.com/d5yQKAR.png?1[/IMG] I do not remember downloading these files. I scanned my 3 drives that I use. It also had some notes. Notes: [4] Object cannot be opened. It may be in use by another application or operating system. [1] Object has been deleted as it only contained the virus body.

[QUOTE=Cpt. Cakes;48606232]It probably won't die, it's just dead right now because it's too dangerous to play on it. I know a guy who can host a server (garden freeman), I'll ask him if he could set sv_upload to 0 and sv_allowupload to 0 so we could play on TF2C again.[/QUOTE] You really should hold off playing until we finish sorting things out.

[QUOTE=corsadevel;48604102]Apparently everybody is now saying that this guy is the one responsible - [url]http://steamcommunity.com/id/TheAlucardFromHell[/url].[/QUOTE] That Alucard? As in the former poster boy of Find the worst Steam profiles? Can't believe he'd be this petty if he was involved either as a lackey or the actual person behind this, not that he has any real motive to do so.

Jesus, I stop lurking the thread for one day and then this happens. Whoever did this is being seriously petty right now.

Well, I ran a windows defender scan, and then a malware bytes scan. I can only hope I'm safe I guess. Problem is, I joined a server yesterday with TheRubberFruitFace in it...and I'm not sure if he joined servers other than his own.

Was it a VaultF4 server?

[QUOTE=Cpt. Cakes;48606501]Was it a VaultF4 server?[/QUOTE] I honestly don't remember, I just know he was there. But probably yeah.

[QUOTE=NateDude;48606506]I honestly don't remember, I just know he was there. But probably yeah.[/QUOTE] Well, do a virus scan with ESET NOD32 (this antivirus can detect the virus) and select all your hard drives and scan just to be safe.

note I played one of my own server and a REAL vault server on second day of release and that's it, can confirm my computer is back then and now not infected, but there was no sprays either.

Is this similar to that Garrysmod/TF2 fiasco that happened a while back? I remember being deathly afraid of playing any source game at all. It was the one that changed all the hacked victim's Steam names to the same phrase but I can't at all remember what it was. [QUOTE=LittleBabyman;48607168]vinh'll fix it *cough*[/QUOTE] yeeah thats it. whatever happened to that? I sort of remember it being harmless but only affected people's usernames to get Valve to fix a big hole in their security to prevent things like this in the future. Or am I thinking of something else?

vinh'll fix it *cough*

[QUOTE=austin0331;48606970]Is this similar to that Garrysmod/TF2 fiasco that happened a while back? I remember being deathly afraid of playing any source game at all. It was the one that changed all the hacked victim's Steam names to the same phrase but I can't at all remember what it was. yeeah thats it. whatever happened to that? I sort of remember it being harmless but only affected people's usernames to get Valve to fix a big hole in their security to prevent things like this in the future. Or am I thinking of something else?[/QUOTE] That was another thing entirely. The *cough* virus was more similiar to what you are describing. Valve never updated the engine binaries** for the Source SDK 2013, so that's why it happened

[QUOTE=NitronikALT;48607518]That was another thing entirely. The *cough* virus was more similiar to what you are describing. Valve never updated the source code for the Source SDK 2013, so that's why it happened[/QUOTE] It's not the source code that is the problem it's that Valve hasn't updated engine binaries for SDK 2013 Base MP.

[QUOTE=Nicknine;48607537]It's not the source code that is the problem it's that Valve hasn't updated engine binaries for SDK 2013 Base MP.[/QUOTE] Woops. Fixed it!

[QUOTE=EdvardSchnitz;48606087]If you have joined the infected server, yes. I suggest scanning your source sdk mp base 13 for viruses immediatly.[/QUOTE] I don't think I did so I might be all set. Gonna do a virus scan just in case though.

The Source SDK Base 2013 Multiplayer has update queued for me. In the words of Jane Doe himself; "[URL="http://www.youtube.com/watch?v=_bmK9K5wPyQ"]I'VE GOT A GOOD FEELING ABOUT THIS![/URL]"

Stop what you're doing. [url]http://ic3.gov[/url] for starting a criminal investigation for the spreading of malware. If someone can spin up a VM and use Wireshark (or attach it to the VM's virtual network controller), get a packet capture for proof of the malicious act.

If it's really masks itself as spray, don't forget to clean up "download/user_custom" and "materials/temp" folders.

[IMG]https://i.gyazo.com/e42ada5ac5db77407bdabf5f7ab9a2eb.png[/IMG] Hacking is illegal but god hates fags.

RIP Yiffy Fox.

[QUOTE=Zeekill1;48608612][IMG]https://i.gyazo.com/e42ada5ac5db77407bdabf5f7ab9a2eb.png[/IMG] Hacking is illegal but god hates fags.[/QUOTE] What's the point of this post? is Zeekill1 the hacker or something?

Judging from Fox's pre-theft username it was an old screenshot.

[IMG]http://i.imgur.com/AkU0i5r.png[/IMG] too bad we're untouchables

It's pretty much safe to say if you played with Rubberfruit AT ALL on TF2C you should format your computer and reinstall windows.

[QUOTE=Snowshoe;48608742]It's pretty much safe to say if you played with Rubberfruit AT ALL on TF2C you should format your computer and reinstall windows.[/QUOTE] I have played with him. I have scanned my computer with Malwarebytes and ESET NOD32 antivirus (eset nod32 can detect that virus), no virus. Should I still format my computer and reinstall windows?

[QUOTE=Cpt. Cakes;48608773]I have played with him. I have scanned my computer with Malwarebytes and ESET NOD32 antivirus (eset nod32 can detect that virus), no virus. Should I still format my computer and reinstall windows?[/QUOTE]Do it anyway just to be safe.