Gamemon.des being detected as virus.

[Jhaiden]

I haven't played for awhile and today my files updated and it started CABAL Online only to find out my anti-virus has detected a TR/Kazy.53781 malware from GameMon.des file, this kind of malware is known to steal information mostly targeting bank or credit/debit card information. So why is this attached to your games files, what kind of information are you trying to steal from your customers?

Now I can't play CABAL Online without this file running since my anti-virus blocks it everytime the client runs. This is the first time i've encountered this problem, it's not worth the risk playing this game in-trade for my personal information.

[sn0wXz]

Jhaiden; the GameMon.des file is nProtect GameGuard the anti-cheat software designed for Online/Multiplayer games. The TR/Kazy.53781 is in essence a false-positive, to a small extent. For the most part it is true that gameguard has similar functions and amounts to a root-kit which hooks into processes running on the computer, scanning memory for known exploits or anomalies. Gameguard has made clear in the past that no private information is stored or cataloged of its users, as its only information pertaining to the prevention of cheats. No, I don't think INCA needs your credit card number, they are a pretty successful company, and for the most part the malicious code that sets off the false positives are used soley with the intent of prevention of cheats, and has no relevant correlation to private information and data.

"GameMon (GameMon.des)

As a process executed by game, this is the core management program in charge of authentication, execution of game guard modules and secret communication with the game.

This program authenticates currently installed modules, and checks if they are the latest modules.
This program has built-in debugging prevention codes, i.e., self-test of CRC32 of the memory image of execution time.
This is very hard to falsify since it has a powerful built-in debugging prevention code and a falsify diagnosis code."





Sources:http://en.wikipedia.org/wiki/Gameguard
http://global.nprotect.com/index.php
http://www.progamercity.net/anti-che...-analysis.html

[Jhaiden]

I've known that information you've pasted for a long time now but it still does not answer my question as to why my anti-virus just started detecting it as a threat to my system as to before it never had this problem at all and nothing new was updated on my anti-virus, so in my opinion something seems fishy about this. I've played many games that had gameguard and this is the first time i've encountered one of the games files being a threat, so i'm not taking the risk.

Successful or not you'd be amazed to what companies would do just to get your money without you noticing it.

[sn0wXz]

I've known that information you've pasted for a long time now but it still does not answer my question as to why my anti-virus just started detecting it as a threat to my system as to before it never had this problem at all and nothing new was updated on my anti-virus, so in my opinion something seems fishy about this. I've played many games that had gameguard and this is the first time i've encountered one of the games files being a threat, so i'm not taking the risk.

Successful or not you'd be amazed to what companies would do just to get your money without you noticing it.

Gameguard has never been proven to have stolen anyone's private information. INCA has its own anti virus as well as other numerous security programs. TR/Kazy.53781 is a False positive because its defined for mailicious programs, of which gameguard is not recognized as. If you don't trust gameguard then simply don't play the game, Lol.

It's not like you can be excluded from the anti-cheat protection. The reason it could show up now and not before now is not "fishy" at all, but rather logical as the anti virus programs often have database updates with new definitions, of which other programs especially anti-cheats can give false positive. The real "TR/Kazy.53781" is a trojan but the reason it gives off false positive now is because http://www.avira.ro/ro/threats/secti...11.21.204.html it was added to the database Jan 29th, 2012. Regardless of it smelling "fishy" to you, false positives on anti cheats/root kits are common with most of the heuristics.

I know I didn't ask what anti virus your using because its irrelevant, but given it was just added to avira's database, I assumed your using that, or it could be just a universal update to multiple anti viruses, as a virus/trojan becomes detected.

[Jhaiden]

You can never say never because there are many stories out there of them stealing personal information, also as I said before it's not worth the risk and i'd stop playing if this continues. But for the conclusion i'm done with this game, there are many more other games out there that can entertain me.

So you can stop your copy/paste now.

[sn0wXz]

You can never say never because there are many stories out there of them stealing personal information.

Sorry, but wrong. Care to back up that claim with anything more then a link to some paranoid forums with tinfoil hats and 2012 end of days videos, lol. Anyway cya later bro, most of the other games you play will be the same root kit pretty much, hackshield - punkbuster - x-trap; gl with having "trojanless" gaming because your anti virus doesn't pop up with a dialog and warn you. When your AV updates the database and sets off more false positives you can quit those games too .

[Jhaiden]

Funny thing is those other hack preventions you mentioned don't set off my anti-virus at all or give me a "false positive", I know when there's a false positive warning on a file. But what you don't get is that from all the games that are protected by gameguard, hackshield, punkbuster, and so on, this is the first time gameguard or any other hack prevention has ever set off a threat to my system. Oh yeah, I will have fun with "trojanless" gaming because these other "trojanless" games I play don't set off my AV with "false positiives". By the way, I don't need to back up my claims it's all over the internet.

So have fun, deuces!

[sn0wXz]

There is no actual claims on the internet, the only implications come from programmers and reverse engineers who say the program is too invasive to the system attaching to processes and system drivers scanning for known exploits. I have not seen one case brought against gameguard/INCA for stealing private data. Your data is more likely to be stolen from the databases from whatever game you play on, not from gameguard Lol.

You say you understand what the false positive is, but you your logic of gameguard setting it off now compared to others not setting it off at all is flawed. Infact all the anti cheats you mentioned have been false positive detected by your anti virus, I'm saying this without even knowing what anti virus you have, because they are all white-listed to not be detected. If your anti virus didn't detect gameguard as a trojan until this most recent update thats just testimony to the anti virus white-list or the anti-virus' inability to detect what shares heuristics of a rootkit.

You could google any anti cheat out there and probably find someone using your brand of anti virus in the past and had false positives before it was white-listed. This is common with software updates from anti cheats, with time I don't think that trojan notification will even show up, do I think your anti virus company would suggest gameguard has added some code thats malicious to your system? I highly doubt it. Your exceptionally paranoid about gameguard when I bet you have so many personal accounts spread out on whatever databases's you sign up for i.e. games, websites, emails ect. Online game databases' are highly susceptible to mining after breach in the security. I would say your more likely to loose private data that way then through gameguard's anti cheat.

Nobody has claimed INCA to have stolen private data with resulting damage. Most of the cynics who criticize gameguard have in-depth knowledge of how it functions with hooking system files. They are not concerned about INCA stealing their credit card to go on a spending spree, of which is pretty funny. The company is rather successful, given it specifies in internet security, anti-viruses and anti-cheats, I would trust GG before I would any 3rd party game publisher.