Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
To anyone playing cabal... nProtect Gamemon = BAD.
elqueffo
Member Posts: 1
Cabal Online uses nProtect Gamemon. This is a piece of software that behaves exactly like a rootkit or other malware.
When you start the game, nProtect injects itself into all running processes, hides itself and the game process from the task manager process list, and sets itself to higher than normal priority.
The reason i started investigating this was that i use a software controlled fan on my gfx card. It spins down when the card is cool and runs faster when things get hot. After playing Cabal a few times i noticed something strange, my fan would go crazy and spin at full speed AS SOON AS I QUIT the game... this is probably because the nProtect software sets its priority to higher than normal, meaning my fan control program won't get a chance to do its work. This could have cost me a very expensive graphics card if i hadn't noticed it (because of overheating). [ Don't tell me software controlled fans are a bad idea, i'm only describing this because it's the only reason that i found out that something sneaky was happening ]
Injecting itself into ALL RUNNING processes on the machine is a VERY BAD thing in my opinion. Only the developers know what kind of information it's sending about what i'm doing. It could be reading my mail, sending my passwords etc without me knowing anything about it. Having to hide itself from the process lists is a good sign that it's doing something bad that they don't want us to know about.
Of course i did some googling on the matter, and i found some people that had done a in-depth investigation and concluded that the software indeed is acting like som kind of rootkit. You can read the details here: http://www.wilderssecurity.com/showthread.php?p=791548
There's also several exploits floating around that would allow people to do evil things to your computer just because you are running the nProtect software. You can read about those here:
http://www.securityfocus.com/archive/1/387574
http://www.securityfocus.com/archive/1/388812
The bottom line is, i would not recomend playing this game at all. There's no way of knowing what the heck this stealthy piece of malware is doing. Personally i won't be playing ANY game with nProtect Gamemon.
Comments
very good post, thanks!
Also the game on steam (X3) had a similar rootkit but they removed it from steam version after a lot of ppl complaining.
Open notepad. Write:
@echo off
net stop npptnt2
Go to file/save as, change the type from text files to all files, save as any name you want.bat
Do not save as txt. Place a shortcut on your desktop and run everytime you quit the game, it's goo to prevent crashes. I recomend also to clean up the Prefetch folder and to delete Npptnt2.sys evrytime you quit the game, it's a Gameguard file and it replaces itself every time you run the game and it's missing. Mine gets corrupted every time and refuses to close down.
i never had a problem with any other mmos, but this one i cant play for more than 5mins without the game crashing and the blue screen of death pops up, i'm running xp so the blue screen really dont happen very often but i cant seem to run rohan for more than 5mins (ingame) and it always says its some software or hardware malfunction and i should remove any new hardware or software...but i ran all my games fine before so its not hardware. i dunno wat to do x.X
my driver is up-to-date, so is there any other solution to this problem or do i have to stop playing this game?