Black Desert Remastered

Pearl Abyss
Log in Create a Pearl Abyss ID
Copyright © Pearl Abyss Corp. All Rights Reserved.
Black Desert will begin in a moment.

Install the Black Desert Launcher if the game doesn't start.

Install the Black Desert Launcher to start the game.
Download the Black Desert Launcher

The launcher will appear if it's installed.
If it doesn't, try to run your downloaded launcher.

Install Guide

1 Run BlackDesert_Installer_NAEU.exe to install the Black Desert launcher.

2 Start the game once installation is complete.

Forums

UTC 6 : 39 May 18, 2026
CEST 8 : 39 May 18, 2026
PDT 23 : 39 May 17, 2026
EDT 2 : 39 May 18, 2026
#Others
BDO full access to password manager
Apr 5, 2026, 06:40 (UTC)
1807 2
Last Edit : Apr 5, 2026, 06:40 (UTC)
# 1

Hello after launching Black Desert Online (bin64/blackdesert64.exe Steam origin) I observed the game process / anti-cheat components open multiple FullControl handles to my 1Password processes.

Summary of evidence:

  • BlackDesert64.exe path: bin64/blackdesert64.exe (Steam origin). Certificate and signature attached below
  • Kernel driver: C:\WINDOWS\xhunter1.sys (xhunter1) Driver, Running, Demand start. Certificate attached below
  • Process Explorer findings (immediately after starting BDO):
    • 1Password.exe (PID 27668) Granted access 0x1FFFFF (FullControl), References 436560
    • 1Password.exe (PID 17900) Granted access 0x1FFFFF (FullControl)
    • 1Password.exe (PID 40408) Access includes VM read, VM write, CreateThread, CreateProcess, DuplicateHandle, Terminate, etc.
    • 1Password-BrowserSupport.exe (PID 36284) FullControl
  • Attachments: Process Explorer handle export, screenshots showing BlackDesert64.exe/xhunter1 as owner of these handles, full DLL list for BlackDesert64.exe

My concern: the observed handle rights (FullControl and VM read/write/thread/process control) permit reading/modifying another process’s memory and injecting code or duplicating handles, which places sensitive processes (e.g., password managers) at real risk.

Requested information:

  1. Does xhunter1 / your anti‑cheat intentionally open FullControl handles (0x1FFFFF) or request VM read/write and thread/process control on unrelated user processes such as password managers? If so, why is such access required and how is user data protected?
  2. If this access is part of anti-cheat scanning, what safeguards are in place to prevent accidental exposure of sensitive process memory or to prevent escalation by other kernel/user components?
  3. Please confirm exact modules/components (including driver and user-mode DLL names) responsible for process enumeration/handle opening and provide references or documentation about what access masks you request and why.
  4. If this behavior is not expected, what remediation steps should I take and how will you investigate?

Please advise urgently. I can provide additional Process Explorer exports, screenshots, and additional system logs on request. Thank you.

BlackDesert64.exe Cert:

xhunter1.sys (Welbia) Cert:

AerianaFilauria
1 3
Lv 63
AerianaFilauria
Report
Last Edit : Apr 7, 2026, 07:44 (UTC)
# 2

For such a thing it is best to submit a ticket to get support from the GMs, as it is unlikely to be discussed on the forums

Minarya
13 2700
Lv 66
Minarya
Report
Reply

Bug Reports

Use this forum section to report bugs during your adventures.

Start New Topic
Start New Topic