Please keep all questions regarding Virus and/or Trojan warnings here

[MLI]

Even I skipped this warning, poker office still won´t start. I had to turn F-Secure off, start Poker Office and then I started F-Secure again. So fix it please...

[Slegebob]

Quote:

Originally Posted by PokerOffice Support

pnthandler.dll is not a dangerous file, it's a necessary PokerOffice file. I don't know the exact function of it, but I could ask the developers if you are interested. You should not quarantine or block this file.

I really hope that it is not dangerous - it is very alarming that so many different virus scanners find a virus in it; do all these scanners fail?! The "BDS/Agent.ein" is classified as "dangerous". So please check quick why this happens!

[Kerpele]

Like i said earlier you can set F-secure to ignore certain folders during real-time virus scanning. For those with finnish version like myself it´s done through F-Secure-> Virus- ja vakoilusuojaus -> Lisäasetukset -> Käytönaikainen tarkistus -> Ohitukset. If you´ve already deleted PNTHANDLER.DLL like I have, then the only hope is that you get that file from someone else who still has it. That´s why i´m hoping someone would upload it somewhere (PO Staff??). Otherwise you´ll have to re-install. I don´t want to re-install because i´m not sure if my database would get deleted in the process. Does anyone know about this?

[siljalaine]

But there is one thing I wonder.
What does this virus do?
Why would I want to ignore this virus in F-secure?

[Millman123]

I just scanned my whole computer and F-Secure found virus also chatcontainer.dll + updates 228, 231,232,233,234 and 235.

-Millman

[Soulman]

Quote:

Originally Posted by PokerOffice Support

pnthandler.dll is not a dangerous file, it's a necessary PokerOffice file. I don't know the exact function of it, but I could ask the developers if you are interested. You should not quarantine or block this file.

You really should ask the developers about this; people are very alarmed when they get virus warnings (and rightfully so). It would be nice knowing the reason why parts of PO is detected as containing viruses by several different anti-virus agents (meaning it's less likely to be the virus definitions of one client that contains the false positive).

[Kerpele]

Quote:

Originally Posted by siljalaine

But there is one thing I wonder.
What does this virus do?
Why would I want to ignore this virus in F-secure?

Well I´m just ASSUMING that it´s a false positive (Link: F-Secure Malware Information Pages: False Positive) and not a real backdoor-virus, since PO seems like a legitimate program. Of course I guess it would be possible that PO developers are spreading malware with their software which would be highly immoral and not very smart businesswise. Befare making such serious accusations however I suggest someone with the original file would send it to F-Secure through the above link and see what they have to say about it.

[Soulman]

Quote:

Originally Posted by Kerpele

Well I´m just ASSUMING that it´s a false positive (Link: F-Secure Malware Information Pages: False Positive) and not a real backdoor-virus, since PO seems like a legitimate program. Of course I guess it would be possible that PO developers are spreading malware with their software which would be highly immoral and not very smart businesswise. Befare making such serious accusations however I suggest someone with the original file would send it to F-Secure through the above link and see what they have to say about it.

Obviously PO support should be doing this themselves.

[Kerpele]

Quote:

Originally Posted by Soulman

Obviously PO support should be doing this themselves.

Yes, but you see there might be a slight conflict of interest if this turns out to be intensional malware on their behalf.

[CanuckNJE]

Same problem here too. Has anyone confirmed that it is a false positive?