Virus in PartyPoker Update file??

    • Drakhor
      Drakhor
      Bronze
      Joined: 13.01.2008 Posts: 554
      Hey guys, last night I ran a full scan of my XP partition with Lavasoft's Ad-Aware 2008 and the latest definition, and it came up with a rather alarming result.

      In the file "upgradePG121-122man.exe" located in "Program Files -> PartyGaming -> tmpUpgrade" it detected a virus called
      "Win32.Packed.NSAnti".

      AVG 8 Free does not detect any virus in this file though.

      Has anybody else got the same result? I've mailed tech@partypoker.com but all I got as a reply was a copy-n-pasted text on how to un- and re-install the PP software. :rolleyes: Dumbasses...
  • 6 replies
    • Gerv
      Gerv
      Bronze
      Joined: 07.05.2008 Posts: 17,678
      I checked it via virusscan.jotti.org and virustotal.com and I got 3 detections but I think you should scan for yourself because after a reinstall of Party, My party poker client doesnt even work now... X(
    • straddler71
      straddler71
      Global
      Joined: 03.07.2008 Posts: 516
      Drakhor thanks for the heads up. I ran my virus scan and it didn't pick up anything. However 3 one time changes were made to my computer without my authorization. I then viewed the reports and logs for those changes. Currently it shows 101 pages of people trying to access my internet connection at 14 entries per page. Basically its people trying to gain access to you internet connection and use it for free. I've sent an email to my virus scan technical support to see if they can help me with the problem.

      Uninstalling and re installing the party client isn't going to help since the infected files are already on your computer. Is that about right? Gerv is your poker client up and going yet?

      My firewall has blocked all attempts from these hackers. Should probably re check your firewalls on your computer, make sure everythings okay. Gerv do you have virus software on your computer? If not its not a bad investment to make. Its better to pay a few bucks for some software than to take your computer in to get fixed.

      I don't know if I should uninstall or not after hearing what gerv said. Drakhor did you reinstall?
    • Gerv
      Gerv
      Bronze
      Joined: 07.05.2008 Posts: 17,678
      I have maximum protection for my PC :)

      Party is up and running but I dont see a map with TmpUpgrade in my Partypoker folder..

      Strange.. However I isntalled ZoneAlarm and yes it was blocking like 198 attempts from outside just like Straddler71 said.
    • straddler71
      straddler71
      Global
      Joined: 03.07.2008 Posts: 516
      I emailed party support last night and they aren't taking responsibility for the virus, they claim that there software is 100% safe. They also told me to uninstall then reinstall the software. I did that but it didn't help. It can't be a coincidence that the three of us are having the same problem.

      I have gotten the intrusion attempts to stop. Heres how. I increased the internet security level on my virus program to not allow inbound traffic. So try that. When we connect to the internet its considered outbound traffic. Try that and let me know if it works for you.
    • Gerv
      Gerv
      Bronze
      Joined: 07.05.2008 Posts: 17,678
      I installed ZoneAlarm yesterday evening and guess.. my Download speed went up from 150kb to 450 kb and my upload from 30 to 70 kb/s.

      Also I reinstalled PartyPoker but once again, I dont see a map with tmpUpgrade anymore.
    • straddler71
      straddler71
      Global
      Joined: 03.07.2008 Posts: 516
      In todays partypoker launch of the new software I ran my virus program which I do everyday. My virus scan program picked up an adware program in the update. Not to big of a deal but may slow your comp down a little.