Open Side Menu Go to the Top
FAQ Today's Posts Search Twitter Discord
Register
RE: Potential Trojan Issue - GG Poker Folders (Local) RE: Potential Trojan Issue - GG Poker Folders (Local)
Post Reply Subscribe
...
04-16-2021 , 04:52 PM
#1
Man0f3xploits
View Profile Send Message Find Posts By Man0f3xploits Find Threads By Man0f3xploits
enthusiast
Join Date: Jun 2019 Posts: 63
*I believe this to be the right forum, apologies if not.

**Not accusing GG Poker of anything, waiting for their support to come back to me. I am just curious as to how this may of occurred.

Hi Folks,

I'm not the most tech savvy so wonder what could of caused the issue. My machine is secure I use it for my business, never use public wi-fi hotspots, never allow others to use it. I have Kaspersky Total Security installed. Last night for the first time in what is probably over 5 years I had two warnings, items moved to quarantine.

I did not have GG open at the time the scan was running, and haven't had the client open for several days. Both issues:


Yesterday, 15/04/2021 18:08:05 C:\Users\Dan\AppData\Roaming\GGPOKER\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86\DumpReporter.exe Detected Malicious object detected UDS:Backdoor.Win32.Remcos Cloud Protection File C:\Users\Dan\AppData\Roaming\GGPOKER\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86 DumpReporter.exe Detected Trojan High Exactly DANLAPTOP\Dan Active user


Yesterday, 15/04/2021 18:15:40 C:\Program Files (x86)\GGPoker UK\bin\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86\DumpReporter.exe Detected Malicious object detected UDS:Backdoor.Win32.Remcos Cloud Protection File C:\Program Files (x86)\GGPoker UK\bin\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86 DumpReporter.exe Detected Trojan High Exactly DANLAPTOP\Dan Active user

Any ideas or advice welcome, thank you in advance.

Dan.
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-18-2021 , 03:01 AM
#2
Gabethebabe's Avatar
Gabethebabe
View Profile Send Message Find Posts By Gabethebabe Find Threads By Gabethebabe
Malware Jedi
Join Date: Oct 2007 Posts: 27,387
Hey Dan, it is very common that poker software triggers AV software. So I wouldn't worry too much about it. The culprit appears to be the file dumpreporter.exe. What I would do is submit that file to virustotal.com or any other website that scans files with dozens of AV softwares. Post the link to the resulting report in this thread

You can also contact GG support and ask them to confirm that this file belongs to their software
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-19-2021 , 07:40 AM
#3
Man0f3xploits
View Profile Send Message Find Posts By Man0f3xploits Find Threads By Man0f3xploits
enthusiast
Join Date: Jun 2019 Posts: 63
Hey Gabe,

Appreciate the reply, thank you. I've contacted GG, just waiting for reply from them. Raised flags with me as I cannot ever recall an AV flag for a poker client or local folder held relating to a poker client (if that's the correct way to term it). And I've played various sites since 2004.

I've only got the reference, unless Kaspersky holds the actual file in quarantine, as I removed all GG folders/files to be safe.

I'll try and do what you have suggested, and pending outcome of being able to do that, and a reply from GG I'll come back and update this thread.

Dan.
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-19-2021 , 04:11 PM
#4
Gabethebabe's Avatar
Gabethebabe
View Profile Send Message Find Posts By Gabethebabe Find Threads By Gabethebabe
Malware Jedi
Join Date: Oct 2007 Posts: 27,387
The name already gives a pretty decent indication. It appears to be a file that sends dump info from an error to GG poker for analysis, probably without asking and potentially containing personal info. Good enough for some av and/or heuristic scanners to flag it as malicious.
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-25-2021 , 08:27 AM
#5
deeeteee
View Profile Find Posts By deeeteee Find Threads By deeeteee
stranger
Join Date: Sep 2020 Posts: 1
So, any reply from GG?

I just got the same message about this file from Kaspersky Free.
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-25-2021 , 08:44 AM
#6
ionutd's Avatar
ionutd
View Profile Send Message Find Posts By ionutd Find Threads By ionutd
Carpal \'Tunnel
Join Date: Apr 2010 Posts: 13,624
false positive, guys
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
04-27-2021 , 01:25 PM
#7
22underbluffed
View Profile Send Message Find Posts By 22underbluffed Find Threads By 22underbluffed
newbie
Join Date: May 2019 Posts: 43
+1 happening to me. Any reply from GG?
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
05-02-2021 , 04:25 PM
#8
Josem's Avatar
Josem
View Profile Send Message Find Posts By Josem Find Threads By Josem
human chemical weapon
Join Date: Jan 2007 Posts: 18,189
Quote:
Originally Posted by 22underbluffed
+1 happening to me. Any reply from GG?
I don't think GG poker can give a meaningful response here. After all, if their software truly installed a trojan on your PC, they are unlikely to admit it in an email to you as a customer. "No, this isn't a trojan," is not going to be a particularly compelling argument from someone accused of installing a trojan on your computer.

Ultimately, you've got to decide whether you trust GG poker. If you do, then you can continue to their software. If not, then you should uninstall their software and cash out your balance.

I feel that trigging an anti-virus software seems like a relatively minor reason to distrust GG.
RE: Potential Trojan Issue - GG Poker Folders (Local) Quote
Post Reply Subscribe
...
      
Feedback is used for internal purposes. LEARN MORE
Contact Us Privacy Statement TOS
Top
Powered by:  Hand2Note
Copyright ©2008-2022, Hand2Note Interactive LTD
m