Curse

Chrissie Quickdraw · Jun 11, 2011, 01:00 PM // 13:00

doh, -1 reading comprehension to me (and spelling maybe hehe).

Mordiego · Jun 11, 2011, 02:29 PM // 14:29

Well... I got highest security setting possible in my kaspersky IS, I get alarmed about every additional task in Task Manager and every single change to each executable on all my hard drives, I get notifications on every app that uses network traffic and NOTHING (besides new process launch notification) popped out when I launched gwdressup.exe.
Period.

PS. Used it and loved it

Teres · Jun 11, 2011, 03:06 PM // 15:06

Does it also alert you of the fact that this program is currently using the same way to inject into GW.exe that bot toolsets use/used, which are now permanently banned from the game? I'm not saying the only problem would be Argos trying to steal your account but also that ArenaNet simply cannot distinguish between a "cosmetic only" memory modificiation and a "mesmer interrupt bot / gold farmer bot" memory modification and since they have been telling for years that there are no modificiations allowed to gw.exe (and GwDressUp does this!) you could be permanently banned for using this.

Mordiego · Jun 11, 2011, 03:58 PM // 15:58

U would have to explain to me how is it possible that a program may "inject into gw.exe" without physically changing gw.exe. My knowledge regarding programming is poor and I don't seem to get it.

Verene · Jun 11, 2011, 04:29 PM // 16:29

Avira also says it's clean.

Also, considering that the instructions say to run it after you run GW, how could it possibly steal your password as you log in?

shinta_himura · Jun 11, 2011, 06:36 PM // 18:36

Somebody get an anet representative to talk about this.

Urcscumug · Jun 11, 2011, 06:37 PM // 18:37

You mean, after you've authenticated to GW servers and they consider anything coming from your computer as legit? Anything it tells your characters to do?

@Mordiego: the gw.exe on the hard-disk is just the hard copy of the program. It gets copied to memory and that's where all the stuff happens anyway.

IF this is a handcrafted piece of spyware, especially for GW, no antivirus will detect it. Antivirus programs have lists of known stuff that they look for. They wouldn't know about a new one. Anyway, do they alert you when you use TexMod?

I'll say it again: love the idea, love the video of the program, do not like having to download an exe that was slapped somewhere and hooks into a running GW. Even if the original is legit, their server can be broken into at any time and the exe replaced.

This is not how these things are done if you want credibility, not with so much account hacking going around. You need to publish the source or get a trusted 3rd party to vouch for your program, you get it hosted in more than one place, with a SHA1 or MD5 checksum, a use and distribution license etc.

Take a look at the TexMod page: it's on the wiki, it lists more than one download location, it lists checksums etc.

Calista Blackblood · Jun 11, 2011, 06:48 PM // 18:48

Quote:

Originally Posted by Gaile Gray

Certain programs in their native, unadulterated form are not malicious and will not result in account action. Yet even those cannot be given any form of formal "approval," as we've made clear in the past, because the programs can be altered to include malware or cheat elements. We're in the business of creating games, not approving, monitoring, and vetting programs made by other people, and for that reason, the use of any third party program is always "at your own risk." I have seen case after case where someone used a program that is usually harmless but in the version he/she used, was not harmless at all.

From Here

Be advised: We hold no responsibility for potential nasty outcomes from the use of this program.

Shy Guy · Jun 11, 2011, 06:50 PM // 18:50

@Urcscumug: yea kaspersky does actually alert me whenever I use texmod.

that said, couldn't someone decompile the .exe to see exactly what it does? or is that not possible

Intrinsic · Jun 11, 2011, 08:05 PM // 20:05

It's easy to dissassemble/decompile(depending on the language it was written in, in this case it's C#/VB.net) and luckily he left debuginfo(plus he didn't even compress the exe so that's another good indication) enabled and so is easy to see what he did...assuming you have the right tools but they cost a lot, so i'd have to look through it at work. But i trust his stuff so far he's only done good for GWs so far. If Kuntz is still around he'd be able todo a good job on it.

Edit: Oh and virus checkers won't tell you anything really beyond if it's got a virus attached and the heuristics are poop usually.

Teres · Jun 11, 2011, 08:52 PM // 20:52

Quote:

Originally Posted by Urcscumug

Take a look at the TexMod page: it's on the wiki, it lists more than one download location, it lists checksums etc.

Also: from what I understand, TexMod only intercepts DirectX calls for textures, while this tool (and GwCamUnlocker) will read the memory of the Guild Wars Client itself (and modify it to change what it displays).

Eramon · Jun 11, 2011, 09:41 PM // 21:41

I scanned it via http://jotti.org and it's clean.

My virus scanner also says it's clean.

I dunno.

Urcscumug · Jun 11, 2011, 09:53 PM // 21:53

At least we should put some checksums up. Here's what I'm getting:

Code:

GwDressUp.exe
SHA1: a517dcbb567a26001bc9834e53967752c63b4cbe
MD5: 3107c2e493c03a7eb05b576420d58a99

Assuming it hasn't been hacked yet

at least please use a checksum tool and verify we're all getting the same thing. And I wish the Argos guy would publish checksums too.

I'm only half-joking about the hacking. For a hacker this would be a golden opportunity: long time trusted maker of GW tools releases an exe, you break in, replace it with one that steals accounts, next thing you know, you pwn untold number of accounts. :/

Intrinsic · Jun 11, 2011, 10:09 PM // 22:09

Get a decent firewall and you have no problem, one that alerts you to anything that tries todo anything network related. Look n Stop is my personal choice as i have full control over everything, well well worth the cash i spent on it and is very cheap imo. I control what ports/protocols/IPs each program can use or access, whether it can spawn other programs that request network use etc etc. If any program wants access that i wasn't expecting i'll block it so it just cannot send any info like account details. Windows Firewall is a bag of whale shite, just kill it and get something decent like Look n Stop.
And if ever in doubt just run the program inside a VM like VirtualBox, it's totally free and anything run inside it will cause zero damage to your system.

Eramon · Jun 11, 2011, 10:19 PM // 22:19

Quote:

Originally Posted by Intrinsic

Get a decent firewall and you have no problem, one that alerts you to anything that tries todo anything network related. Look n Stop is my personal choice as i have full control over everything, well well worth the cash i spent on it and is very cheap imo. I control what ports/protocols/IPs each program can use or access, whether it can spawn other programs that request network use etc etc. If any program wants access that i wasn't expecting i'll block it so it just cannot send any info like account details. Windows Firewall is a bag of whale shite, just kill it and get something decent like Look n Stop.
And if ever in doubt just run the program inside a VM like VirtualBox, it's totally free and anything run inside it will cause zero damage to your system.

So what happened once you opened the .exe? Was it safe?

Intrinsic · Jun 11, 2011, 10:37 PM // 22:37

I tried it inside a VM, but not with GWs running. It didn't try to connect outside of my system it just tried to find the gw process and did not touch any other files. Beyond that i can't say more at this time. Maybe it'd try todo something else if it did find the gw process running but i doubt it, at best it could pull your account username and current character name as they are stored in the gw.dat file, but not the password i'd say as i doubt it's kept in memory.

russiansteven · Jun 12, 2011, 04:40 AM // 04:40

I really love this idea but like others, I'm going to wait on the sidelines for confirmation that this program is safe to use. I love the idea and really hope to use it as it certainly is something I want to use.

ruk1a · Jun 12, 2011, 05:14 AM // 05:14

Quote:

Originally Posted by Hobbs

Wait a minute, you have all your passwords written down in a document on your PC?

If I was overly cautious about keyloggers i'd use the onscreen keyboard to login and i'd move it to a random spot on the screen every time to avoid any mouse tracking software.

But i'm not overly cautious, I just type it in.

Yep but I only use 2 or 3.

I don't know about any on screen keyboard but this is basically a public PC seeing as how all of my friends use it and I don't trust them a whole lot when it comes to downloading lol, past experiences...ugh.

I've formatted around 10 times or more.

Teres · Jun 12, 2011, 09:28 AM // 09:28

Just a note on keyloggers: most of them are capable of taking screenshots around the mouse pointer on every click, so... onscreen keyboards don't help too much.

russiansteven · Jun 12, 2011, 03:34 PM // 15:34

If anyone has installed this and used this please post how effective it is and weather or not you've gotten banned yet