PC RPG Installs Mystery Program, Fans Freak Out

PC RPG Installs Mystery Program, Fans Freak Out
Image: Another Eden

Fans of the RPG Another Eden — out this month on PC — this week discovered that, alongside installing the game itself, copies of the game obtained on Steam were also installing something called wfsdrv which nobody knew what it was and which seemingly had nothing to do with the game.

Initially believed to be some kind of driver, then suggested as something more sinister, fans scrambled urgently to try and discover just what this thing was that was nestling itself into their system32 folders and could have been…literally anything.

Turns out that, while in some very rare instances you can get Steam games pulling some shady business, in this case it was a poorly-signposted anti-piracy measure, with the developers explaining the installation of wfsdrv in an update on the game’s Steam page:

We have been recently made aware about concerns users are having with the “wfsdrv” program that is installed along with the Steam version of Another Eden.

We take information privacy seriously at WFS and would like to alleviate any fears our users might have about the security of the recently released Steam version of Another Eden.

The program in wfsdrv is an anti-cheat kernel driver, and is installed to protect the integrity of the Another Eden experience so that all players are able to operate in a fair play-environment.

This program was also reviewed by Valve and passed Steam review, and is not made to maliciously affect the end-user’s computer or data.

The wfsdrv program is removed when Another Eden is uninstalled.

We would like to thank you for your continued patience and support, and hope you continue to support WFS, and Another Eden in the future.

-The Another Eden Team


  • If it’s installing a kernel driver, people are right to freak out. There’s no reason why a game should need administrative access to your machine, let alone kernel level access.

    • Problem is this is a FTP game with in-app purchases, which means the game accesses a server somewhere. So from a developers point of view they absolutely want that level of access, just to monitor that access.

      To keep the integrity of the game intact they want to be able to block cheat engines that intercept data and alter it, which happens at that level of access. Main issue being that if they dont block it, someone is going to exploit it and hack something to do with their game. You might not, but plenty of others will. And if you think thats OK, even if you fundamentally disagree with ingame purchases, then theres something wrong with you.

      This is a core issue between gamer rights and developer rights. They still have to protect their asset, and to do so might need access we may not like giving. It’s not a new thing either, this is an issue thats been going on well over 20 years now.

      Dont get me wrong, I dont like it any more than the next person, but to think there is no reason for it is mistaken.

      • I would level that game developers need to go ways to verifying traffic sent in multiplayer titles rather than rootkitting machines. And after events such as Solarwinds, it also presents an inordinate amount of risk to users.

        • Definitely. I wasnt saying it was right, or something we should accept, just that from their perspective its justified. Reality is that if they dont do something it will be exploited.

          Personally I dont think theres any good answer with this. If they dont do anything, they lose millions. I dont know about you, but that would piss me off pretty bad. And when it comes to anti-cheat processes, the method thats been consistently used the most is rootkitting machines, where they can monitor what your machine is doing with their data.

          Which is murky to say the least and hardly the most trusted method. But alternatives are either way too expensive, worse, or ineffective.

      • On a system that allows arbitrary unsigned code to run, you’re never going to be able to have perfect security like this. You could even circumvent a kernel module by running in a VM and use the hypervisor to hide the code.

        You could certainly build a console-like OS on modern PC hardware that would lock everything down from boot using UEFI secure boot and a TPM, but it wouldn’t be particularly useful as a general purpose computer.

        The only state you can absolutely trust for a multi-player game with general purpose computers as clients is that managed by the server.

  • Yeah, rootkits can fuck right off even if it is FTP. I know they’ve got the game’s integrity in mind, but I don’t like that crap on my PC.

Show more comments

Log in to comment on this story!