opened BCP late last night for shits and giggles. not so many giggles after the AVG pop-up.
haven't read up on anything, will later tonite, but figured I'd post this before doing anything else.
opened BCP late last night for shits and giggles. not so many giggles after the AVG pop-up.
haven't read up on anything, will later tonite, but figured I'd post this before doing anything else.
http://forumserver.twoplustwo.com/21...hreat-1553218/
Here is the laughable response in August from a WPN support rep about this:
Good day.
Thank you for contacting us regardng your concern.
Please be informed that the virus warning that you received is a hoax virus warning.
Yeah, not likely to be a hoax. Maybe an error, but not a hoax.
Apparently the problem is in "uninstall.exe", which is kind of scary -- almost like the Winning Poker Network software wants to spy on you if you're going to quit them.
The IDP ARES Generic malware (which is accused of being part of the WPN software) has been described as follows:
My concern is not so much that WPN intentionally did this, but that some shadeball who developed the software (or, alternately, made a third-party uninstall tool they're using) has put malware into the uninstall program.- Stealing hard disk space and memory, slowing down or completing stopping the PC
- Corrupting or deleting data
- Compromising the entire system by providing remote access to hackers
- Stealing passwords and other sensitive information
- Gathering information about your web-browsing habits without your consent for advertising purposes
- Installing other unwanted software
Its unlikely that there is a legitimate threat coded in deliberately. A non-generic signature would likely be registered if so. Those generic flags in antivir usually mean that there is a generic network call or system call being made thats fairly ubiquitous within basic malware. In this case, I'm guessing the threats that raised suspicions focused on anti-debugging flags or the heavily documented ability of these apps to screenshot and inspect the process table looking for bots, evidence of collusion, so on.
Well funded software will use bespoken API calls and such that dont have established malware signatures, which is why PokerStars (et all) clients can basically be converted to full fledged RATs if the PokerStars security team should instigate an investigation, but little to no antivirus programs flag it as malware. Less well developed apps will generally rely on more basic, publicly available code, hence it being recognized as a generic threat since many of the thousands of pieces of new malware inspected every day use those same building blocks.
"Birds born in a cage think flying is an illness." - Alejandro Jodorowsky
"America is not so much a nightmare as a non-dream. The American non-dream is precisely a move to wipe the dream out of existence. The dream is a spontaneous happening and therefore dangerous to a control system set up by the non-dreamers." -- William S. Burroughs
What is most alarming to me is the fact that it's in the uninstall.exe file.Originally Posted by sonatine
This seems to mean that the AVG antivirus is not concerned with screenshots during play or process monitoring, but rather something in the uninstall program itself which is suspicious.
So I think they may have used some kind of shady third party software to create an uninstall program, and don't realize that they are now carrying malware. That would actually be my guess.
When I worked software in the 90s and early 00s, we used third-party software to create install/uninstall programs, though it was a legit and popular tool at the time.
So with an uninstall.exe, it could simply be phoning home with details of the uninstall, the hardware, so on, etc etc, which is super greasy but not totally out of the realm of reason and certainly provide the basis for a virus alarm.
But I agree its much more eye opening than a basic poker client getting flagged.
Especially considering how often malware gets pushed out in updates due to auto-infection of some QA mope's workstation.
"Birds born in a cage think flying is an illness." - Alejandro Jodorowsky
"America is not so much a nightmare as a non-dream. The American non-dream is precisely a move to wipe the dream out of existence. The dream is a spontaneous happening and therefore dangerous to a control system set up by the non-dreamers." -- William S. Burroughs
figured one of you guys would have a better idea of what this was than me. Gracias.
never had any of these issues with the NoFraud room, I can tell you that....
AVG has a lot of false positives. Sometimes the software programmer purposely codes something in a way that sets this off but for the WPN clients to come up as a potential virus for months now is a problem they really should address.
So, when I want to vet a file for threats, I use virustotal.com. However, when people say 'AV is dead' they arent fucking joking; its shockingly easy to bypass AV. So if someone has their sites on you, state or other, you're pretty much toast. But if youre worried about the bullets with 'to whom it may concern' on them, definitely roll with virustotal.com and anything else you can get your hands on.
"Birds born in a cage think flying is an illness." - Alejandro Jodorowsky
"America is not so much a nightmare as a non-dream. The American non-dream is precisely a move to wipe the dream out of existence. The dream is a spontaneous happening and therefore dangerous to a control system set up by the non-dreamers." -- William S. Burroughs
WARNING: The following pretty much amounts to a love letter addressed to Sonatine.
I got a little pony in my pants. It isn't his best line but I have a quick recovery time. I'm always in a state of semi-arousal.But if youre worried about the bullets with 'to whom it may concern' on them...
There was a book that came out in 1981 that I read as a kid that influenced me, among others, to study engineering. The Soul of a New Machine by Tracy Kidder. I grew up in the shadow Digital Computer and that shit was sexy then.
The Soul of a New Machine was a character driven story like Michael Lewis' stuff (Liars Poker, Moneyball, The Big Short). Love that form.
A skunkworks at now defunct Data General set out to design a 32 bit mini computer in record time. Company's success depended on it. The lead character in the book was a guy named Tom West. Eclectic genius type....engineer, musician, etc. Fellow engineers' favorite pastime was analyzing West and swapping West stories.
Early in the book one of his coworkers relates a Tom West anecdote that gives some insight into who we are dealing with.
Personally, I think a responsible manager would lock Sonatine up alone in a data closet. The vision that the colorful way he must certainly express technical ideas at work kills me. It would be inevitable that in short order the other techie minions would be echoing Sonatine's shit to a perplexed audience. Immortality, like the Tom West Massachusetts story.One night while travelling in Mozembique on business for the Smithsonian, he got out of a Land Rover and yelled into the darkness:
"Massachusetts! Massachusetts!
"I thought someone might hear me, West explained, "and someday there'd be a bunch of kids running around out there named Massachusetts".
I worked with a couple of characters like this. Always the smartest guys in the room, imo. Made my short and painfully dull stint in engineering bearable.
Wish I could write or think like this but I ain't that bright.
You sick fuck. Lol.
Probably as hard to fix as showing mucked hands when player calls villans bet If villan currently bets and is called and loses automucked. THey have been working on that for 2 years.
Yeah this always bugged me about WPN.
It seems very shady not to be able to see mucked hands. Their are a few more things weird about the WPN RNG not that I'm going into the rigged stuff but I've discussed this matter with a lot of people. For example I've never seen quads in my life whether it be I got them or versus me then any other site.
What I sort of question about the network is in the past there have actually been online poker sites with a RNG programmed to create action by bringing action cards out more then they would randomly pull so if a ten is what you don't want to see on the turn it comes out so frequently. I'm not saying WPN is doing this but from not showing mucked hands I can't say for 100% the RNG is actually random. I've won money on this network but some things have felt weird to me that I didn't feel playing anywhere else and I've played on so many sites over the years so seeing mucked cards is important.
This is probably the only network in today's poker economy that don't have hand for hand on tournament bubbles which is hilarious too.
WPN also has some Russian hyper sng bots that they claim are not bots but everyone knows they are. Sometimes they play terrible but even so a bot is not what you want to play against. It don't get tired, it can be programmed to play very optimally based on blind level working with 500 chip starting stacks,etc... It might have an option to adjust to your style based on some hud stats,etc... Who knows how advanced these bots and maybe you can throw them off but I still rather not play them.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Reply With Quote
