Thread Rating:
  • 3 Vote(s) - 2.33 Average
  • 1
  • 2
  • 3
  • 4
  • 5
12th of April 2018 banwave
ArenaNet has just gone through a purge of possible cheats in Guild Wars 2.
"Yesterday we suspended 1,583 accounts for a period of 6 months," Gaile Gray wrote in the forums. "1516 accounts were suspended because we detected that the accounts were running Guild Wars 2 at the same time as one or more of the following programs for a significant number of hours over a period of several weeks earlier this year. players cheat and get unfair gambling advantages, even if those programs have other, more benign uses. " These programs include CheatEngine, Nabster, GW2MHRexe, UNF and MMOMINION.

The discomfort in the community, of course, is that the prohibited players do not necessarily use the programs in conjunction with the game. So ArenaNet not only recognizes that banned programs have innocent uses, but also admits that they do not really know if prohibited players used them in GW2.

Of course, to know what it knows, ArenaNet apparently quietly installed de facto spyware as part of its early March update. A Redditor named fwosar, who is an expert in software reverse engineering, searched the archives to discover how ArenaNet did it.

"Most of the spyware can be found at address 0x6FBC 10. This function implements two main spy mechanisms: it will first list all the DLLs loaded into the Guild Wars 2 process using the Windows API of EnumProcessModules. file associated with the module using the GetModuleFileNameEx function For each file name resolved in this way, it will continue, open the file, read its contents and then update the contents of the file using the MD5 cryptographic hashing algorithm (function 0x6F4E90). ..] After creating MD5 hashes of all the DLL files loaded within the Guild Wars 2process, [...] they get a list of all currently running processes using the EnumProcesses Windows API, then they will unzip two strings they use together with LoadLibrary and GetProcAddress to get the address of the QueryFullProcessImageName function of the kernel library Windows 32.dll. [...] Then they will go through all processes and get their file names. These file names are fed into the same hash function as before in 0x6F4E90, which will open the respective files, read all its contents, create an MD5 hash and return the hash, which will then be stored again in a list for later use . [...]
"This is exactly the reason why competent antipropative developers would never go this route." There are many more effective, more precise and less intrusive methods to detect traps in your game, you do not have to massively degrade the game's performance for everyone (read a ton of files in your system and mixing them is not the lightest thing you can do and if you had stutter or a lot of disk activity during that time, now you know why) and create a metric ton of problematic data and invasive privacy to capture Botter in your games, Arena. I would have expected something better from you. "

"Arena decided that it was good to snoop on the processes he was running and decided that he had found something he did not like," he concludes. "I'm not a lawyer, but this kind of espionage behavior surely seems like it would be illegal here in Europe and I'm not even sure if it's documented in your EULA / privacy policy."

The detection code was removed from the client on March 27.
So has there been any accounts that had their appeal approved, or are most just buying a new game and starting from scratch again?
i used the bot the last 2 days and i got not banned

i used the bot i think 1 year before with the same account for a month or so and also not got banned, so idk :/
They dont have client side detection. I have accounts Ive loaded mmo on not get banned this wave. Only the accounts farming afk for hours got banned. They do log info , but not intricate info. They just see a person online for 8 hrs + every day , and of course that suspicious. On a positive note I got an accounts unsuspended by making excuses to Anet.
worth to buy it again and start whit a new 40€ acc?
Under EU and UK Law I do believe ANet have committed a crime but knowingly and deliberately installing software that gather data on a customer PC usage and the processes it runs. They have no right to do this as there is no agreement that allows a software company to subversley install this to detect cheating whether they want to or not.

What is interesting is that you can claim you weren't cheating as having a software installed is no indication of usage. Furthermore you could probably legally claim compensation of ANet for infecting your computer with what is essentially illegal spy-ware without your knowledge or agreement, as one side effect is that the process of spyware does (marginally I agree) slow down a PC's processes
Well I just realized all this happened, an I was hit even after not playing or reuping on my Sub for months now. Pretty sure since they did start all this a long while ago I'm sure I was in that loop. But its sucks, cause I feel they went through really crappy ways of doing this. I literally just decided I wanted to play GW2, an even before I thought of using Minion again, I let the client update an bam was hit with the suspension an I was like WTF, how? Won't be unbanned until October. I only really used the bot for Cmbat Routines, cause i'm super lazy. But GG bois I still love this bot.
(04-13-2018, 06:14 AM)fxfire Wrote:  Seems they started collecting the data for the banwave at least 2 months ago, I had (first time btw ;) ) an account banned that I just accidently logged in with the bot attached. So yeah, we need to do some work now...the rumors that they finally implemented something client side that scans and sends data back seemed to be true.

Did you do some work to protect against the spyware method they are using?

Forum Jump:

Users browsing this thread: 1 Guest(s)

We help you win the game.

FFXIV Bot, GW2 Bot and More.