Jump to content

False Positive: RiskWare.ElectraWorks when running partypoker

Maugris

By Maugris
in File Detections

 Share

Recommended Posts

Maugris

Maugris

Posted
Posted

partypoker is a well-known poker room.

ElectraWorks is the name of the company involved.  I don't mind so much that Malwarebytes is excessively cautious, but it would be helpful to know exactly what the risk is.

Calling something out as a risk, without identifying the risk is a bit like "the sky is falling"

No other anti-virus software identifies a problem.

Please advise

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted

Is it a web block or a file block? Could you provide a screenshot or log please.

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location

 

image.png

 

RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged

 

image.png

 

If you click on the View option you should get something similar to the following with other options available.

 

image.png

 

 

 

Thank you

Link to post
Share on other sites
Maugris

Maugris

Posted
  • Author
Posted

Thanks.

Here is the log.

Could this be related to the fact that partypoker uses doubleclick.net to deliver in-app ads?

I had a debugger open when I started the app, and captured several like this:
  

[6448]  BN: https://4123103.fls.doubleclick.net/activityi;src=4123103;type=ppsv1;cat=party0;ord=1;num=3342118773396;gtm=45He3750;auiddc=1214111300.1688921204;u12=partypoker;uaa=;uab=;uam=;uamb=0;uap=Windows;uapv=;uaw=0;~oref=https%3A%2F%2Fcasinogames.partypoker.com%2Fhtmllobby%2Fminilobby%2Findex.html%3Flang%3Den_US%26brand%3DPARTYPOKER%26channelName%3DVC%26invokerProduct%3DPOKER%26frontend%3Dpp%26userIp%3D192.168.0.238%26pLang%3Den%26currency%3D%24CURRENCY%24%26sessionKey%3D%24SESSION_KEY%24%26accountName%3D%24ACCOUNTNAME%24%26pokerlobby%3Dtrue%26lobbyType%3DUniqueGames%26categoryid%3DLMC_HOME%26subcategoryid%3DLMC_UNQ_POKERLOBBY%26carousel%3Dfalse%26launchSource%3DPoker_lobby?

Another user has already alerted partypoker support.

malwarebytes_log.txt

Link to post
Share on other sites
Maugris

Maugris

Posted
  • Author
Posted
1 hour ago, Porthos said:

This was detected as riskware, so if you would like to continue using it, please add it to your allow list.

That it is riskware is pretty much covered by the name "RiskWare.ElectraWorks"

However with no way to tell what the risk is, the detection event is pretty much meaningless.

Is there a way to mitigate the risk?  How severe is it?  Is there a listing of all of the different classifications that a user can browse to find out?

Cheers,

Link to post
Share on other sites
  • 1 month later...
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.