Jump to content

False Positive: RiskWare.ElectraWorks when running partypoker

Recommended Posts

partypoker is a well-known poker room.

ElectraWorks is the name of the company involved.  I don't mind so much that Malwarebytes is excessively cautious, but it would be helpful to know exactly what the risk is.

Calling something out as a risk, without identifying the risk is a bit like "the sky is falling"

No other anti-virus software identifies a problem.

Please advise

Link to post
Share on other sites

Is it a web block or a file block? Could you provide a screenshot or log please.

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location




RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged




If you click on the View option you should get something similar to the following with other options available.






Thank you

Link to post
Share on other sites


Here is the log.

Could this be related to the fact that partypoker uses doubleclick.net to deliver in-app ads?

I had a debugger open when I started the app, and captured several like this:

[6448]  BN: https://4123103.fls.doubleclick.net/activityi;src=4123103;type=ppsv1;cat=party0;ord=1;num=3342118773396;gtm=45He3750;auiddc=1214111300.1688921204;u12=partypoker;uaa=;uab=;uam=;uamb=0;uap=Windows;uapv=;uaw=0;~oref=https%3A%2F%2Fcasinogames.partypoker.com%2Fhtmllobby%2Fminilobby%2Findex.html%3Flang%3Den_US%26brand%3DPARTYPOKER%26channelName%3DVC%26invokerProduct%3DPOKER%26frontend%3Dpp%26userIp%3D192.168.0.238%26pLang%3Den%26currency%3D%24CURRENCY%24%26sessionKey%3D%24SESSION_KEY%24%26accountName%3D%24ACCOUNTNAME%24%26pokerlobby%3Dtrue%26lobbyType%3DUniqueGames%26categoryid%3DLMC_HOME%26subcategoryid%3DLMC_UNQ_POKERLOBBY%26carousel%3Dfalse%26launchSource%3DPoker_lobby?

Another user has already alerted partypoker support.


Link to post
Share on other sites

1 hour ago, Porthos said:

This was detected as riskware, so if you would like to continue using it, please add it to your allow list.

That it is riskware is pretty much covered by the name "RiskWare.ElectraWorks"

However with no way to tell what the risk is, the detection event is pretty much meaningless.

Is there a way to mitigate the risk?  How severe is it?  Is there a listing of all of the different classifications that a user can browse to find out?


Link to post
Share on other sites

  • 1 month later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.