Two Plus Two Publishing LLC
Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

Computer Technical Help Post your questions about computer hardware and software and configuring same here.

Reply
 
Thread Tools Display Modes
Old 04-16-2021, 04:52 PM   #1
Man0f3xploits
enthusiast
 
Join Date: Jun 2019
Location: Wales
Posts: 63
RE: Potential Trojan Issue - GG Poker Folders (Local)

*I believe this to be the right forum, apologies if not.

**Not accusing GG Poker of anything, waiting for their support to come back to me. I am just curious as to how this may of occurred.

Hi Folks,

I'm not the most tech savvy so wonder what could of caused the issue. My machine is secure I use it for my business, never use public wi-fi hotspots, never allow others to use it. I have Kaspersky Total Security installed. Last night for the first time in what is probably over 5 years I had two warnings, items moved to quarantine.

I did not have GG open at the time the scan was running, and haven't had the client open for several days. Both issues:


Yesterday, 15/04/2021 18:08:05 C:\Users\Dan\AppData\Roaming\GGPOKER\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86\DumpReporter.exe Detected Malicious object detected UDS:Backdoor.Win32.Remcos Cloud Protection File C:\Users\Dan\AppData\Roaming\GGPOKER\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86 DumpReporter.exe Detected Trojan High Exactly DANLAPTOP\Dan Active user



Yesterday, 15/04/2021 18:15:40 C:\Program Files (x86)\GGPoker UK\bin\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86\DumpReporter.exe Detected Malicious object detected UDS:Backdoor.Win32.Remcos Cloud Protection File C:\Program Files (x86)\GGPoker UK\bin\META-INF\AIR\extensions\com.nsus.iron.ane\META-INF\ANE\Windows-x86 DumpReporter.exe Detected Trojan High Exactly DANLAPTOP\Dan Active user


Any ideas or advice welcome, thank you in advance.

Dan.
Man0f3xploits is offline   Reply With Quote
Old 04-18-2021, 03:01 AM   #2
Gabethebabe
Malware Jedi
 
Gabethebabe's Avatar
 
Join Date: Oct 2007
Location: In front of my monitor
Posts: 25,643
Re: Potential Trojan Issue - GG Poker Folders (Local)

Hey Dan, it is very common that poker software triggers AV software. So I wouldn't worry too much about it. The culprit appears to be the file dumpreporter.exe. What I would do is submit that file to virustotal.com or any other website that scans files with dozens of AV softwares. Post the link to the resulting report in this thread

You can also contact GG support and ask them to confirm that this file belongs to their software
Gabethebabe is offline   Reply With Quote
Old 04-19-2021, 07:40 AM   #3
Man0f3xploits
enthusiast
 
Join Date: Jun 2019
Location: Wales
Posts: 63
Re: Potential Trojan Issue - GG Poker Folders (Local)

Hey Gabe,

Appreciate the reply, thank you. I've contacted GG, just waiting for reply from them. Raised flags with me as I cannot ever recall an AV flag for a poker client or local folder held relating to a poker client (if that's the correct way to term it). And I've played various sites since 2004.

I've only got the reference, unless Kaspersky holds the actual file in quarantine, as I removed all GG folders/files to be safe.

I'll try and do what you have suggested, and pending outcome of being able to do that, and a reply from GG I'll come back and update this thread.

Dan.
Man0f3xploits is offline   Reply With Quote
Old 04-19-2021, 04:11 PM   #4
Gabethebabe
Malware Jedi
 
Gabethebabe's Avatar
 
Join Date: Oct 2007
Location: In front of my monitor
Posts: 25,643
Re: Potential Trojan Issue - GG Poker Folders (Local)

The name already gives a pretty decent indication. It appears to be a file that sends dump info from an error to GG poker for analysis, probably without asking and potentially containing personal info. Good enough for some av and/or heuristic scanners to flag it as malicious.
Gabethebabe is offline   Reply With Quote
Old 04-25-2021, 08:27 AM   #5
deeeteee
stranger
 
Join Date: Sep 2020
Posts: 1
Re: Potential Trojan Issue - GG Poker Folders (Local)

So, any reply from GG?

I just got the same message about this file from Kaspersky Free.
deeeteee is offline   Reply With Quote
Old 04-25-2021, 08:44 AM   #6
ionutd
Carpal \'Tunnel
 
ionutd's Avatar
 
Join Date: Apr 2010
Posts: 13,258
Re: Potential Trojan Issue - GG Poker Folders (Local)

false positive, guys
ionutd is online now   Reply With Quote
Old 04-27-2021, 01:25 PM   #7
22underbluffed
newbie
 
Join Date: May 2019
Posts: 36
Re: Potential Trojan Issue - GG Poker Folders (Local)

+1 happening to me. Any reply from GG?
22underbluffed is offline   Reply With Quote
Old 05-02-2021, 04:25 PM   #8
Josem
human chemical weapon
 
Josem's Avatar
 
Join Date: Jan 2007
Location: Getting Trolled
Posts: 17,907
Re: Potential Trojan Issue - GG Poker Folders (Local)

Quote:
Originally Posted by 22underbluffed View Post
+1 happening to me. Any reply from GG?
I don't think GG poker can give a meaningful response here. After all, if their software truly installed a trojan on your PC, they are unlikely to admit it in an email to you as a customer. "No, this isn't a trojan," is not going to be a particularly compelling argument from someone accused of installing a trojan on your computer.

Ultimately, you've got to decide whether you trust GG poker. If you do, then you can continue to their software. If not, then you should uninstall their software and cash out your balance.

I feel that trigging an anti-virus software seems like a relatively minor reason to distrust GG.
Josem is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 07:01 PM.


Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Copyright 2008-2020, Two Plus Two Interactive