Had a strange conversation with JakeMac, thought I'd post it and get it out there in case this is some exploit he is using.
Every good rts I have played has "Trade Secrets" for the players to discover. Its not exactly fair as all boardgames etc. have rulebooks. However, if any of you run a scan after JakeMac's test.reference any malware to this;
indows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 home2010 :: HOME2010-PC [administrator]
1/14/2013 1:15:33 PM mbam-log-2013-01-14 (13-15-33).txt
Scan type: Full scan (A:\|C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 452213 Time elapsed: 50 minute(s), 30 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 0 (No malicious items detected)
Registry Values Detected: 0 (No malicious items detected)
Registry Data Items Detected: 4 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Exploit.Drop.GSA) -> Bad: (C:\PROGRA~3\dsgsdgdsgdsgw.bat) Good: () -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0 (No malicious items detected)
Files Detected: 3 C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> Quarantined and deleted successfully. C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Quarantined and deleted successfully. C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> Quarantined and deleted successfully.
Now Im not sure what kind of car or what faction uses a "Shuriken" *cough gag*(see above). But I swear I didnt know how that money got under the Monopoly board. Amatuers. What a nuisance it is to have to run anti virys/malware after every hiccup in a pcs operation.
This is my backup antmalware program. It shows the same record as my main Firewall. Run this afternoon
Zombie is that an attempt to paraphrase the conversation I posted above? For anyone that might think otherwise.. the conversation he posted did not occur, I have no idea what JakeMac is doing, but by his own admission he IS doing SOMETHING he doesn't want people to know about.
He is making a joke referencing a movie...Office Space.
Oh wow, big fail on my part. Now if it was a BOOK he had referenced....
My personal take on all this is that Jake is employing what I've heard of for a while now, but never seen specific evidence of, and that is a crash exploit that can essentially crash the game at will. I've heard people say they can do this, but again, never seen evidence. There are several Google search results about Steam client crash exploits, some having to do with port emulators, but I can only speculate.
You are a very serious book
These are very serious allegations bordering on a scandal that could bring down the whole Goldlist of Skilled Sins players like a house of cards. I demand that JakeMac appear and explain himself! Come on Jake - I know you are reading this - I know you are only 12 but I'm sure you can express yourself well enough in written form as evidenced by Exhibit A provided by prosecutor Mr_Book in his opening address. Don't be shy Jake! The Sins Community is hanging on your every word!
uhh can I get 0.1% of the US Federal budget? it's only a small fraction, shouldn't hurt anyone.
I don't think you understand... It's very complicated.
well, you did post it on a Monday.
Mr_Book, Mr_Murdoc would like a moment with you. (Dark City 4TW)
Finally someone gets MY obscure movie reference!
SHUT IT DOWN! SHUT IT DOWN FOREVER!
It's actually 0.1% of the federal reserve....courtesy of Uncle Huy....
Not to blunt whats already been done, but if the game values can be changed. Which I had to physically remove the hack from my system. I have a screenshot of when the hack was installed in my system and a copy of the file. It really is not the fault of the players. The game needs to be patched properly.
In BFME2 there was a trainer file that could be installed to help your units level faster. The devs patched the game and the trainer could no longer be used. From my findings the values can be changed. Possibly after the game starts. If thats true they should quietly patch it and its not a huge deal. Hacking is not cool. It is a hobby but a shady one.
@ rabidturnip
If I follow your posts in this thread, it seems like you are saying JakeMac convinced you to try his hack/trainer/whatever it is and you had to manually remove its files later and that it may have changed game values while active? How long has JakeMac been using this in his games? I don't think a trainer like you are describing would be possible in MP with a Steamworks game. The most you could do would be fiddle with client side files like your stats, name, etc.
there is nothing file-wise that you can do or the checksum value will differ and you will not be able to play with others.
Rebellion doesn't use Steams anti-cheat software.
They're talking about a trainer that modifies in memory values, not files.
Dude, you had malware on your computer and it wasn't anything that the Sins engine would have installed, nor could you have gotten it by being in the same game as Jakemac. The actual malware you had was dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -- the Shuriken reference is to a type of virus class -- you didn't have it, it was just in the search options of your anti-malware program.Assuming Jake COULD hack his Sins client to get an advantage in game (highly unlikely), it has nothing to do with malware you probably picked up from a pron or wares site. MAYBE he has found a way to disrupt the game and cause it to lag/crash/minidump by interfering with network traffic -- that is all he was claiming in the original conversation. Stop acting like a bunch of gossipy old women dreaming up the worst.
A dev stepped in and said the values cannot be changed. Thats probably true its a triple AAA game. No I went into a 1v1 with Jake to test his theory. I have a hack installed on my computer verifying that at that time that I was in the test with Jake through Ironclad server or some other means there was a hack placed on my computer. I could verify with Ironclad the time I was in the 1v1 with Jake. If I or they cared. All I know is files were modified. Shuriken is a Tech Loyalist unit. Heuristics is a (cant remember the term exactly) is a term for modifying a value.
I do hardware and software maintenance for a living. Not software design. Those are my finding. But if during our 1v1 something could be modified, it was when we tested his crash theory. January 8th 10:46 pm. My usual gametime. I dont use filebucket so I am not sure I can attach the screenshot of the deleted file. I do have a copy of the file on another drive. A Tracer program could have been used outside of Ironclad. Its too screwin normal for people to do this these days.
TV looks a lot better than it did before this.
The mention of Shuriken is coincidental. I explained that it was part of your anti-virus search options, it had nothing to do with the malware on your computer. Run the program again, you should see it again if you have the same settings.
No I checked my main firewall log. Its NOT from Jake. I never had 7 exploits in one security scan show up . Ive been hacked before, but pcs operating systems are more durable and much harder to crash. But I do know anything remotely suspicious warrants a antivirus scan like a 1v1 to test to see if someone can crash a game in game. Sheet in BFME2 if I was pissed I would just power down the modem. I did run the scan right after finishing playing for the night. Coincidental? well nothing is strange until it happens the first time. I actually find this stuff interesting. I have some other heuristic files on my pc that are BFME2 special character files from mods. Strange coincidental but true.
btw It was the last game of Monopoly I ever played with Dad. His fake fit had everyone rolling on the floor laughing so we forgave him pretty quickly.
The Plot Thickens....
FYI, heuristics (at least in the anti-virus world) is a pattern-matching algorithm designed to find viruses that don't look/behave the same. It basically looks to see if anything resembles a virus pattern it has
Ironically though, the same viruses actually use similar heuristic algorithms to make them hard to find and different each time.
No its a strange coincidence. I work at home answering questions for a major insurance company. A+ Certified technician studying Security + . I entered in heuristics in my search field and have old BFME2 mod files for special characters turn up. What a clusterscrew. I fully went over my log files Cyker is correct. But usually when it happens the firewalls detects one file. You go into safe mode and remove it. Nothing is totally free. This one didnt shut anything down just appeared after after trying to help someone out testing whether a mysterious beacon would crash the game for him while playing. Had a very similar conversation as Mr. Book had with Jake. Ironclad could check the log files when the conversation and test with Jake and I took place. I am sure they have more potent stuff than NICE.
Its not worth worrying about if you do a decent job maintaining your pc.
I like... can't understand half of what you're saying. So...
So am I; I work in IT.
Quoting rabidturnip, reply 50I entered in heuristics in my search field and have old BFME2 mod files for special characters turn up.
In what search field? Where? If you googled 'heuristics' and some old files you have on your hard drive came up that would freak me the hell out and I'd probably swear off the internet. Are you saying you turned on heuristics and your antivirus software flagged your old files (that you know are clean) as viruses?
You should know that some malware alters existing files instead of making new ones. hope you have a backup, because you need to get rid of the infected one.
Quoting rabidturnip, reply 50What a clusterscrew
Is that the name of the thing on front of the drills that drill subway-sized mine tunnels? That's the visual I get.
Quoting rabidturnip, reply 50I fully went over my log files Cyker is correct. But usually when it happens the firewalls detects one file.
So, you're agreeing that the malware/virus/trojan/whatever is coincidental?
Are you also saying you can attribute the malware to an ip event log in your firewall? if so, block that ip.
If that is not what you're saying, well firewalls don't detect files, please explain.
Quoting rabidturnip, reply 50You go into safe mode and remove it. Nothing is totally free.
That works sometimes... you have to go real deep through your profile and get all the virus pieces, remove the registry entries, double check your shortcuts (seriously, I've seen one that rerouted the IE shortcut to a different website), hope you don't destroy any important window updates/registry entries (which look like viruses to me) and you will still probably miss alot of it. That worked in the past, but now you either run software to remove it or wipe your drive and reload it.
I followed the rest and have no comment
There are many great features available to you once you register, including:
Sign in or Create Account
