I'm getting new trojans called wtf*.tmp (*=insert random number/alphabet here)everytime i load texmod with tyria&GW:EN cartographer made easy tpf.
its not the texmod that gets triggered by antivirus program, but the trojan files i keep getting after loading texmod O.o those wtf#.tmp files in my /temp folder
(btw the files are getting classified as: trojan horse PSW.lineage.AGX)
anyone else getting them?
Texmod and wtf*.tmp trojan horse
hyunsik
Shalashaska
Yeah I got the same problem with them. Pretty anoying
Covah
well Texmod is a trojan, it opens up and uses stuff from your dat file.
Antheus
wtf = Windows Temporary File
.tmp = temporary file extension
The number is a random hex number
These files aren't trojans, they are just temporary file used by texmod. The ability to create these files is part of Windows, and any application can do that. These files should be automatically deleted if you properly close the GW and texmod. If not, you can safely delete them.
See official document.
.tmp = temporary file extension
The number is a random hex number
These files aren't trojans, they are just temporary file used by texmod. The ability to create these files is part of Windows, and any application can do that. These files should be automatically deleted if you properly close the GW and texmod. If not, you can safely delete them.
See official document.
hyunsik
thank you for the reply =]
now i can play chart the world with peace of mind.
now i can play chart the world with peace of mind.
Eroth
wtf is txmod? i keep hearing about it, but don't know what it is?
sykoone
Texmod is a program that allows one to modify textures within Guild Wars, as well as many other games, to give items a more unique appearance. The modifications are only visible to the person running Texmod, and not to anyone else. Several users have made mods that reskin the UI, assist with cartography, change weapon and armor appearance, and so much more.
http://wiki.guildwars.com/wiki/Guide...-game_graphics
http://wiki.guildwars.com/wiki/Guide..._modifications
http://wiki.guildwars.com/wiki/Guide...-game_graphics
http://wiki.guildwars.com/wiki/Guide..._modifications
Alex Morningstar
lol, I just had that happen. I googled the name of the trojan and ended up here. How ironic.
Chthon
One question: Did you download it from the link on the official wiki or not?
Hoser
Quote:
|
Originally Posted by Chthon
One question: Did you download it from the link on the official wiki or not?
|
So I figured I had a bad copy, and redownloaded it.
Same trojan.
Did a search, ended up here. Wouldn't mind knowing if it's just another false positive.
Salome
sorry for necroing such an old thread.
just got the same trojan, however I checked the virus on a virus database, and it says:
This Trojan is one of a family of Trojans which steals user passwords. It is a Windows PE EXE file. It is 52 925 bytes in size. It is packed using FSG.
now thinking i need to change my passwords.
any advice.
is this a false positive or what?
just got the same trojan, however I checked the virus on a virus database, and it says:
This Trojan is one of a family of Trojans which steals user passwords. It is a Windows PE EXE file. It is 52 925 bytes in size. It is packed using FSG.
now thinking i need to change my passwords.
any advice.
is this a false positive or what?
Kumu Honua
My advice is that if you can't tell the difference between a trojan and a false positive, you probably should not be messing with things like Texmod.
Question 1: Did you download Texmod from the official source?
Question 2: What scanner gave you the trojan warning?
Question 3: What "database" gave you the information?
Question 4: Did you search for the .exe with the 52925 byte size in question?
Question 5: If you did, where was it located?
Question 6: Download anything else recently? Open any email attachments? Using p2p applications?
Question 1: Did you download Texmod from the official source?
Question 2: What scanner gave you the trojan warning?
Question 3: What "database" gave you the information?
Question 4: Did you search for the .exe with the 52925 byte size in question?
Question 5: If you did, where was it located?
Question 6: Download anything else recently? Open any email attachments? Using p2p applications?
Fril Estelin
Quote:
|
Originally Posted by Covah
well Texmod is a trojan
|
Kumu Honua's questions are all reasonable. Make sure you get texmod and the associated GW add-ons from official websites:
http://wiki.guildwars.com/wiki/Guide...-game_graphics
The legit and official version does not have any kind of problems. IF you had a problem, it means you got the wrong program.
DarkNecrid
It's important to note that some scanners will detect texmod as a false positive because of what it does.
BabyJ
I've been using texmod forever and for some reason today I started getting the virus alerts. I would assume it's a false positive but I'm not one to take chances with my account. It's the same mods I've been running for months so thats why I'm puzzled as to why these are just now getting alerts.
cosyfiep
the temp file that is created while you are using texmod is usually deleted when gw is closed, however; if for some reason ----it closes wrong/early/disconnect etc the file may not be deleted...and thus when your virus scan scans it will pick it up....I have had this problem on the occasions when I err 5, 7...etc and the next virus scan finds the temp file still there- what I do when I get these errors is make sure when I am done for the day I check my temp folder and see if the that file is there---if so I just delete it (since it should have been deleted).......however!!!! if the temp file is not the normal size ( and you will know what that is--if you use texmod check out your temp folder and see what it is on a couple of days mine is about 235kb).....then you might want to get paranoid and believe that you truly do have a trojan ------and let the virus scan do its job (and then change your passwords etc)....
BabyJ
I put a link to a SS of what happens as of today when i try to run Texmod. It only started doing this today, I ran it last night with no problems at all, and I have used the same mod for months. I'm real paranoid when it comes to things like this cause I've spent 10,108 hours on my account and I'm not about to lose that to a key logger.
http://i17.photobucket.com/albums/b5...Virusalert.jpg
http://i17.photobucket.com/albums/b5...Virusalert.jpg
Kumu Honua
http://www.avira.com/en/threats/sect...x=0&image2.y=0
Lineage.axrx doesn't even appear in their virus database.
Here's what I would do if you are paranoid: Uninstall Texmod and delete all associated files. Run virus scan to verify you are clean. Change your passwords. Do not re-download Texmod.
You can adjust the above to fit your level of paranoia.
False positives are rampant in the world of anti-virus scanners. Some companies are quick to fix when you send files to them to verify some are not.
Paranoia is the only true anti-virus.
Lineage.axrx doesn't even appear in their virus database.
Here's what I would do if you are paranoid: Uninstall Texmod and delete all associated files. Run virus scan to verify you are clean. Change your passwords. Do not re-download Texmod.
You can adjust the above to fit your level of paranoia.
False positives are rampant in the world of anti-virus scanners. Some companies are quick to fix when you send files to them to verify some are not.
Paranoia is the only true anti-virus.
buckscrib
Sometimes files that aren't trojans appear to be. Hopefully that is the issue.
fenix
Do you guys use AVG? If so, don't. a) it's bad b) it's making false positives.
Get Avira for free or pay for NOD32 imo
Get Avira for free or pay for NOD32 imo
Kumu Honua
If you read above you notice someone posts a screenshot showing that Avira is also giving false positives (As well as not even having the entry in their searchable database).
BabyJ
Yes, I use avira. Whats really strange is today I can load texmod fine without alerts. I did although, go through my comp and cleaned up all the cookies and temp files and junk. My guess is there was a temp file left which was causing the false positives.
beserk
I use textmod all the time NEVER had a problem except those annoying patterns that occasionally show up on the screen whilst playing...but i just minimize/maximize the screen and it goes XD.
Snograt
Variations of the Lineage keylogger/trojan are known false-positives with some AV products. I've had one myself, which scared the hell out of me - but it was false.
Targren
Quote:
|
Originally Posted by fenix
Get Avira for free or pay for NOD32 imo
|
Fril Estelin
Quote:
|
Originally Posted by Targren
Worst...advice...ever... You call AVG bad and then recommend people get NOD? Wow. AVG isn't good, admittedly, but that's a half-step above telling them to get Norton Invade-Every-Subsystem^W^W^WInternet Security.
|
Targren
I know it's got nothing to do with norton. It's from some Slovak company. ESET I think. I said it's a "half-step better than". It might be really good at finding viruses, but it's a complete killer on performance.
DarkNecrid
Maybe if you have a bad PC or something? I have it running at all times and run GW at 120 fps un-v-synched. (just checked)
Snograt
ESET NOD32 - AV of choice for the discerning consumer. Excellent detection and removal rate and extremely small footprint. It's about the best there is for not affecting PC performance.
Sol Faithman
Looks like Norton have decided that texmod is bad 
I've been using texmod on 3 pc's for ages and run up to date Norton, Spybot and a number of other anti spyware packages and not 1 single one has ever come back with texmod as being a trojan.
Updated 2 pc's to Norton 2009 the other day and boom, texmod is detected as a trojan and is deleted. Just switched the 3rd pc on for the first time in a week and update the virus definitions etc (still running Norton 2008) and guess what, trojan detected and it texmod gets deleted!!
Now I know for sure that this version was acquired from the official wiki pages when it first came out (when the skinning fade first started) so I can categorically say its not a new download, and it was checked then and has been checked numerous times through virus scans etc, so why all of a sudden is it classed as a virus?
I'm off to follow the link above to the "official" version and see if Norton picks that up as a trojan.
Cheers
Rich
I've been using texmod on 3 pc's for ages and run up to date Norton, Spybot and a number of other anti spyware packages and not 1 single one has ever come back with texmod as being a trojan.Updated 2 pc's to Norton 2009 the other day and boom, texmod is detected as a trojan and is deleted. Just switched the 3rd pc on for the first time in a week and update the virus definitions etc (still running Norton 2008) and guess what, trojan detected and it texmod gets deleted!!
Now I know for sure that this version was acquired from the official wiki pages when it first came out (when the skinning fade first started) so I can categorically say its not a new download, and it was checked then and has been checked numerous times through virus scans etc, so why all of a sudden is it classed as a virus?
I'm off to follow the link above to the "official" version and see if Norton picks that up as a trojan.
Cheers
Rich
Kale Ironfist
It's classified as a trojan, as it hijacks another program. If you can, place it on the ignore list. Otherwise, either ignore it or get a better program.
fenix
It's just a false positive. A GOOD anti-virus won't bring up an error because it's not actually a trojan. Ignore Kale Ironfist, there's no reason to block the file.
Just noticed I had posted here before, hah.
Not really. AVG IS bad, and NOD32 is the best you can get. Nice work getting NOD32 and Norton mixed up, moran. Also, NOD32 is the best Anti Virus not only because of the detection rate, but because it uses almost no RAM, AND is 5x faster at scanning than all the others.
So uh...why is it the worst advice ever?
Just noticed I had posted here before, hah.
Quote:
| Worst...advice...ever... You call AVG bad and then recommend people get NOD? Wow. AVG isn't good, admittedly, but that's a half-step above telling them to get Norton Invade-Every-Subsystem^W^W^WInternet Security. |
So uh...why is it the worst advice ever?
DarkNecrid
I can't believe someone said NOD32 is bad. I think I've seen everything now.
To OP:
If you got it off the link on the Wiki, it's safe. TexMod not only hijacks another program, it intercepts your DirectX calls and redirects them to display alternate textures (basically). All bad AV's will report this as a made up trojan because it's a false positive. (These AV's display anything that hijacks another program as a false pos.)
To OP:
If you got it off the link on the Wiki, it's safe. TexMod not only hijacks another program, it intercepts your DirectX calls and redirects them to display alternate textures (basically). All bad AV's will report this as a made up trojan because it's a false positive. (These AV's display anything that hijacks another program as a false pos.)
Kale Ironfist
Quote:
|
Originally Posted by fenix
It's just a false positive. A GOOD anti-virus won't bring up an error because it's not actually a trojan. Ignore Kale Ironfist, there's no reason to block the file.
|
1a. Corollary to that, it doesn't harm the computer in any way. Nortons' algorithm apparently doesn't care though.
2. I didn't say to block Texmod, I said to place it on the anti-virus' ignore list. If that wasn't possible, either learn to put up with it, or get a better anti-virus software.
While the context wasn't clear, there is no better version of texmod, so I'm confused as to how you misinterpreted my words so badly.
Zebideedee
I got the same reports and asked about on here, I think if you get from Wiki all should be safe. Although after I got cartographer title, I deleted the prog etc. scanned my whole comp and changed my password on GW's, maybe a bit extreme but as the saying goes, 'Better safe than Sorry' 
bob12332
About this Trojan
Detected: PWS-Mmorpg.gen (Trojan), PWS-Mmorpg.gen (Trojan)
Detected: PWS-Mmorpg.gen (Trojan), PWS-Mmorpg.gen (Trojan)
The Ossus Keeper
My McAfee virus scan detected the same thing...
Imo, I think texod should be re-written so that it is more PC friendly and so that virus scanners don't pick up this So-Called False Positive!
Personally i don't trust texmod when my virus scanner says it contains a password stealling trojan, or anything else for that matter.
Re-write texmod, make it more pc/scanner friendly... problem sloved!
Imo, I think texod should be re-written so that it is more PC friendly and so that virus scanners don't pick up this So-Called False Positive!
Personally i don't trust texmod when my virus scanner says it contains a password stealling trojan, or anything else for that matter.
Re-write texmod, make it more pc/scanner friendly... problem sloved!