Hi there, I'm having issues with using TexMod. I was wondering if anyone can input their insight to this:
So I'm familiar with using TexMod and have used it for mapping and such. Then i stopped for awhile and did vanquishing, and now I had planned to use it again, but it got deleted. So I go on wiki and download it from there. Now I know that virus scanners will say it's a Trojan because what it does is modify the textures of the game, and my virus scan didn't have a problem with it running. Then when i tried using it recently, my virus scan said a Trojan has been removed and it was named pwsmmorpg gen, or something like that. I looked it up on the web and McAfee said that it can send vital info like passwords and such to remote websites. I was thinking that wiki's TexMod had a virus, so i try downloading from somewhere else and try running it, but my virus scan still says it removes the same trojan and the D'OH error message comes up with "Shit Happened.".
So if anyone could let me know if this is normal and okay, or if it is something serious and I shouldn't run it, then that would be very much appreciated! ^^
I also thought about disabling my virus protection, but I figured that's a very risky move, and will use it as a last resort. Thanks again!
TexMod Virus?!
NameofSongs
own age myname
That use to happen to me too. If you using Norton, that's probably why. I have no idea why it did that to me either...
Mister_Smiley
sounds like its not only a virus but a CD key logger which will still your account information so someone can get into it and take verything. But i could be wrong.
Chthon
1. A legit copy of texmod is 100% safe.
2. A legit copy of texmod often triggers a false-positive with virus scanners because its behavior is very similar to what a virus would do to peek into the games you're running. Each time the anti-virus company adds a virus with similar behavior to their virus definitions, there's a chance that texmod will be detected as that virus.
Some anti-virus makers allow users to submit files they think are false positives so that they can do a human review of the file and fix their definitions if it's really a false positive. For instance, I personally submitted a legit copy of texmod to Avira a few months ago, and they fixed the false positive within a few days.
3. An altered version of texmod could carry any sort of maliciousness.
4. Try http://virusscan.jotti.org/ to run a comparative virus scan. If your copy of texmod comes up as a virus on most or all of the scans, it's probably been altered; If it comes up clean on most the scans, your antivirus is probably giving you a false positive.
2. A legit copy of texmod often triggers a false-positive with virus scanners because its behavior is very similar to what a virus would do to peek into the games you're running. Each time the anti-virus company adds a virus with similar behavior to their virus definitions, there's a chance that texmod will be detected as that virus.
Some anti-virus makers allow users to submit files they think are false positives so that they can do a human review of the file and fix their definitions if it's really a false positive. For instance, I personally submitted a legit copy of texmod to Avira a few months ago, and they fixed the false positive within a few days.
3. An altered version of texmod could carry any sort of maliciousness.
4. Try http://virusscan.jotti.org/ to run a comparative virus scan. If your copy of texmod comes up as a virus on most or all of the scans, it's probably been altered; If it comes up clean on most the scans, your antivirus is probably giving you a false positive.
Empress Amarox
I've never gotten any warnings. o_O
Compare md5?
Quote:
|
Originally Posted by Chthon
4. Try http://virusscan.jotti.org/ to run a comparative virus scan. If your copy of texmod comes up as a virus on most or all of the scans, it's probably been altered; If it comes up clean on most the scans, your antivirus is probably giving you a false positive.
|
Compare md5?
ShoGunTheOne
it sometimes can be detected as an Invader, as it uses another exe in the program, but it's just a false alarm
tenetke
Just as a note MD5 isn't entirely secure. People take checksums way to seriously, you can check exactly what any program is doing though by using your terminal.
Zidane Ortef
Its more then likely Norton in one of the recent virus updates a few months back made it flag as a virus all you need to do is go into your Antivirus and find where you can exclude a folder from the scan tell it to not look into the folder where you keep texmod and it will remain there from now on.
Empress Amarox
I figured I'd bump this.
A couple days ago my AVG came up with a warning that texmod.exe was doing something or other with my svchost.exe and labeled it as Packed/NSPack (I hadn't played GW for weeks, so it certainly shouldn't have been doing anything!). So, paranoid as I am, I deleted texmod.
Awhile after this, some more warnings came up and they listed as files in my E System Volume Information, where I have GW installed - System Volume Information is System Restore files. 3 things popped up from there, so it's very likely that texmod is doing something awry.
Other than this there's pretty much no way I would have a virus. I'm fairly certain I have eliminated it now though. I right clicked My Computer and selected Properties then System Restore and turned off system restore, then rebooted. It deletes all data stored in the System Volume Information, including any Virii that may have still been there.
And my texmod was an OLD version back before there were scares of it being infected with anything...
Edit: I should also mention my account hasn't been compromised. But then again, that doesn't really mean much. I literally have never typed my password...
I generate them here: http://rumkin.com/tools/password/pass_gen.php
And use this: http://passwordsafe.sourceforge.net/
So, yeah...
A couple days ago my AVG came up with a warning that texmod.exe was doing something or other with my svchost.exe and labeled it as Packed/NSPack (I hadn't played GW for weeks, so it certainly shouldn't have been doing anything!). So, paranoid as I am, I deleted texmod.
Awhile after this, some more warnings came up and they listed as files in my E System Volume Information, where I have GW installed - System Volume Information is System Restore files. 3 things popped up from there, so it's very likely that texmod is doing something awry.
Other than this there's pretty much no way I would have a virus. I'm fairly certain I have eliminated it now though. I right clicked My Computer and selected Properties then System Restore and turned off system restore, then rebooted. It deletes all data stored in the System Volume Information, including any Virii that may have still been there.
And my texmod was an OLD version back before there were scares of it being infected with anything...
Edit: I should also mention my account hasn't been compromised. But then again, that doesn't really mean much. I literally have never typed my password...
I generate them here: http://rumkin.com/tools/password/pass_gen.php
And use this: http://passwordsafe.sourceforge.net/
So, yeah...
refer
Quote:
|
Originally Posted by own age myname
That use to happen to me too. If you using Norton, that's probably why. I have no idea why it did that to me either...
|