Hey guys, today's scan with MBAM came up with these results:
Malwarebytes' Anti-Malware 1.43
Database version: 3462
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
12/31/2009 4:14:46 AM
adware_dec31st_mbam-log-2009-12-31 (04-14-28).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 321697
Time elapsed: 32 minute(s), 28 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\PTECH (Adware.21Nova) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
A quick google search of "HKEY_LOCAL_MACHINE\SOFTWARE\PTECH" and I find these two interesting threads from 3 years ago:
http://forums.spybot.info/archive/index.php/t-5260.html
http://www.casinomeister.com/forums/...-maleware.html
Apparently "HKEY_LOCAL_MACHINE\Software\PTECH" is a generic PlayTech registry key, which will exist if you install any PlayTech casino (e.g any Ipoker network software).
More info on Playtech found here
http://en.wikipedia.org/wiki/Playtech.
Anyways, just wondering if there is any chance this could be a F/P on MBAM's end, or if this registry key is indeed infected with some sort of adware?
Also is there anything to be worried about here with adware? I play poker online quite a lot, does adware pose as a serious threat to me?
According to MBAMs definition of adware, this is what they state:
Adware:
Adware (or spyware) is a small program that is designed to show advertisements (in various form and degrees of intrusiveness) on your computer. It often reports personal information back to its owners. As a result your sense of privacy can be violated.
What i'm scared about is what kind of personal information is this sending back? Do I need to change my passwords to all my accounts because of this?
Anyways, I have not yet quarantined/deleted this yet because I'm not sure how it would affect the iPoker software currently installed on my computer, of which I have 2 skins installed (Poker Plex and Noble Poker). Which I play on quite regularly. If this is indeed a F/P, would letting MBAM delete this registry key make the software not work anymore?
Has anyone else that plays on iPoker, also gotten these detections with the latest MBAM update?
FWIW, the last scan I did was on Dec 29th, on which everything came up clean.
Anyways, I'll go ahead and scan my second computer with the latest MBAM to see if it picks up the same detection (I have Poker Plex and an old copy of NoIQ poker - back when NoIQ was still on the iPoker network, installed there). I'll post back here with the results when finished.
In the meantime, any help is appreciated.
