hi,
i'm going for my cartographer title and decided to use texmod since my friend suggested it
i downloaded it on the link at the wiki but when i download i get message that it contains a trojan
any advice what i should do?
Texmod containing a malware trojan
N1ghtstalker
miskav
if it's used it'll give a warning on anti-spyware scanners about a file called wtf###.pl or something like that, it's just that texmod alters some files in GW, and the anti-spyware see it as spyware lol.
By the way, be sure you downloaded it from a legit place, and not a suspicous link.
By the way, be sure you downloaded it from a legit place, and not a suspicous link.
Ras Kass
I remember seeing this in the texmod thread. It turned out to be some sort of bug that the anti-virus software will pick up on. I am no techie, so I am sure someone will be posting the specifics which you will find more settling. Either way its harmless.
N1ghtstalker
it's about this filename: http://38.118.213.252/7waa9ktmhx+/pe...X6\Texmod.exe\[NsPack]\[ASPack]\[Embedded#30050]
walmare name: Win32:Trojan-gen {Other}
type is virus/worm
it came from filrefront where wiki directed you too
walmare name: Win32:Trojan-gen {Other}
type is virus/worm
it came from filrefront where wiki directed you too
pamelf
Texmod creates temporary files which are picked up as trojans by some anti virus programs, but are in fact not...
N1ghtstalker
so i won't try to log on one day to find my account has been hacked?
then it'll be fine i guess (:
then it'll be fine i guess (:
snaek
definately not a threat
Snograt
It's a false-positive that keeps popping up. I even reported it myself a while back because of the current spate of account thefts.
It's due to the nature of TexMod - because of the way it works, interrupting data between Guild Wars and the display, a lot of malware scanners see it as very trojan-like behaviour.
Yes, your account is safe - but, in the current climate, take extra precautions anyway. Cahnge your password to a strong one - something like gy4$ i(]e5ld; m03-=+f[/ for example.
It's due to the nature of TexMod - because of the way it works, interrupting data between Guild Wars and the display, a lot of malware scanners see it as very trojan-like behaviour.
Yes, your account is safe - but, in the current climate, take extra precautions anyway. Cahnge your password to a strong one - something like gy4$ i(]e5ld; m03-=+f[/ for example.
Kaide
And now you say it :P I already deleted the textmod, scanned pc, and was about to format...(I had the same problem obviosly :P)
fusa
Which AV programs are giving the warnings? I've scanned the texmod I downloaded several months ago with nod32, avast, avg, ad-aware and spybot search & destroy, non have shown warnings.
Snograt
I have a feeling that it depends on when the malware scan is done. As Miskav and Pamelf pointed out, it's the temporary files tha trigger the alert - wtf213.dll or whatever (wtf = Windows Temporary File, by the way). As these files reside in TEMP and are deleted after use, it's likely that they're not detected at all if the scanner runs when TexMod isn't running.
AVG picked it up for me - will test NOD later by scanning when TexMod's running to see if that does it too.
AVG picked it up for me - will test NOD later by scanning when TexMod's running to see if that does it too.
Tatile
Quote:
|
Originally Posted by fusa
Which AV programs are giving the warnings?
|
Yeah, Mircoshaft knows really well how to name their files.
Edit: Wait, Trojan warning during startup (of Texmod)? I don't get that, just wtf##.tmp's appearing in the daily scan. How odd.
Cyric The Liar
It's funny, but I've had texmod on my PC for one month now and never had a problem, but today I suddenly get the trojan warning like the others have reported when I try to run it. Something is weird here and I think I'll take a break from using it.
wyrd
Ive been using Texmod a while now and haven't gotten any virus warning but today avast detected a virus mentioned above "Win32:Trojan-gen {Other}"
Probably after a recent definition update. after running Texmod and avast detects it wont run gw.exe there is just a popup window saying "D'OH"
A virus scan afterwards however detects nothing probably because as mentioned above is in a temp directory and doesn't go beyond that.
Edit:Note Texmod runs Gw.exe normally if no tpf file is loaded the virus alert only happens when a tpf file is loaded no matter which one.
Probably after a recent definition update. after running Texmod and avast detects it wont run gw.exe there is just a popup window saying "D'OH"
A virus scan afterwards however detects nothing probably because as mentioned above is in a temp directory and doesn't go beyond that.
Edit:Note Texmod runs Gw.exe normally if no tpf file is loaded the virus alert only happens when a tpf file is loaded no matter which one.
Snograt
Quote:
|
Originally Posted by wyrd
Probably after a recent definition update.
|
Mr. G
ive been using texmod since the GW modding community started...and tbh im tired of telling people its clean...its clean DAMMIT
it alters files so cheap and tbh...crap scanning software (AVG comes to mind) think it has to be a trojan of some sort
it alters files so cheap and tbh...crap scanning software (AVG comes to mind) think it has to be a trojan of some sort
kvndoom
Quote:
|
Originally Posted by wyrd
Ive been using Texmod a while now and haven't gotten any virus warning but today avast detected a virus mentioned above "Win32:Trojan-gen {Other}"
Probably after a recent definition update. after running Texmod and avast detects it wont run gw.exe there is just a popup window saying "D'OH" A virus scan afterwards however detects nothing probably because as mentioned above is in a temp directory and doesn't go beyond that. Edit:Note Texmod runs Gw.exe normally if no tpf file is loaded the virus alert only happens when a tpf file is loaded no matter which one. |
OS T
ok,so I have used textmod since like almost 1.5year now..and today when I used textmod again..the wtf...thing went up on my screen, so I saw DOH and sh*** happens appear on my screen,so I thought I got the keylogger,but I dont know,so I post here for a answer...
wyrd
Some viruses activate on a particular day today being U.S Memorial day it seems suspicious but more likely it is caused by a virus definition update. It seems it has suddenly occured today to many people using different av programs so anyone using it should be cautious.
If you want to use Texmod turn anti-virus off until Guild Wars loads or dont use it.
If you want to use Texmod turn anti-virus off until Guild Wars loads or dont use it.
Quaker
My advice, use Texmod to do your Cartography titles and then put it away - it's too dam glitchy to use for much else. And who knows what version is "clean", when.
As far as the rest of the graphics stuff you can do with it goes, only you can see it anyway, so why bother.
As far as the rest of the graphics stuff you can do with it goes, only you can see it anyway, so why bother.
Lord Zado
I just had the same problem yesterday as well. I use avast and right after the definition update, it flagged texmod. I was a bit worried at first, but I guess everything is ok. I just disable active protection, load GW through the texmod, then reenable.
Amplifiction
I've been using Texmod myself, and can't say I've regretted it in any way.
But I can't say I trust it either. I've had the Trojan warnings as well. For example, Comodo detects "[email protected]". Also, my firewall always reports one of the files needs a connection to the internet. Why is that? I thought Texmod only modifies graphics locally?
It's been pointed out that you need to download it from a safe source. Does anyone have a link to such a source? I just realised it would help a lot if there would be a webpage for texmod, and not just a link on a wiki anyone can edit...
But I can't say I trust it either. I've had the Trojan warnings as well. For example, Comodo detects "[email protected]". Also, my firewall always reports one of the files needs a connection to the internet. Why is that? I thought Texmod only modifies graphics locally?
It's been pointed out that you need to download it from a safe source. Does anyone have a link to such a source? I just realised it would help a lot if there would be a webpage for texmod, and not just a link on a wiki anyone can edit...
FengShuiDove
Quote:
|
Originally Posted by Amplifiction
I've been using Texmod myself, and can't say I've regretted it in any way.
But I can't say I trust it either. I've had the Trojan warnings as well. For example, Comodo detects "[email protected]". Also, my firewall always reports one of the files needs a connection to the internet. Why is that? I thought Texmod only modifies graphics locally? It's been pointed out that you need to download it from a safe source. Does anyone have a link to such a source? I just realised it would help a lot if there would be a webpage for texmod, and not just a link on a wiki anyone can edit... |
I don't know about the file needing access to the internet, but I do know it's done that for a long time with no issues.
MisterB
TexMod does not require internet or network access; it is not supposed to attempt it.
LifeInfusion
Check the hash on the Texmod. Mine doesn't trigger AV or Firewall messages although it glitched textures very often.
Chthon
Quote:
|
Originally Posted by Amplifiction
I've been using Texmod myself, and can't say I've regretted it in any way.
But I can't say I trust it either. I've had the Trojan warnings as well. For example, Comodo detects "[email protected]". Also, my firewall always reports one of the files needs a connection to the internet. Why is that? I thought Texmod only modifies graphics locally? It's been pointed out that you need to download it from a safe source. Does anyone have a link to such a source? I just realised it would help a lot if there would be a webpage for texmod, and not just a link on a wiki anyone can edit... |
Let me help out a little.
Here is a copy of my file: http://www.filedropper.com/texmod
And here is its checksum:
Quote:
|
# MD5 checksums generated by MD5summer (http://www.md5summer.org) # Generated 1/5/2011 10:26:17 PM 3a561b80cfba394a810d528d4c05dc7e *Texmod.exe |
c_ras
I
don't
understand
why
people
really
feel
like
beating
a
dead
horse
????
I got tired of posting links. It has been discussed more times than [insert humorous satirical pun here]. Texmod is perfectly legitimate and safe to download and use (providing you d/l it from a trusted source). You won't go around screaming in a little girl voice "0H n0! my c0mpU73R G07 [email protected] 0v3R 8Y a [email protected]".
EDIT>> BTW, On record for any GW PETA players out there.........I do not condone animal violence of any type!!