malware: GoldenPalace.Casino (detected) [Archive]

View Full Version : malware: GoldenPalace.Casino (detected)

M-ware-hatr

2006-06-19, 16:26

Spybot S&D found this malware in:

HKEY_LOCAL_MACHINE\Software\PTECH

These are the latest things I have done and not done on my computer:

Didn't: Surf any other casino webpages than Centrebet.com and Norsk-Tipping.no

Didn't: Install any other casino software than from CentreBet.com and Norsk-Tipping.no

://www.centrebet.com
://www.norsk-tipping.no

DID: Install Casino software, Poker software and surfed .centrebet.com sports betting, and did bid on all 3 systems

DID: Install a BuyPass solution together with a smartcard reader from .norsk-tipping.no

The CentreBet.com and the Norsk-Tippin.no solutions both required Internet Explorer.

Now I wonder what harm this GoldenPalace.Casino malware could do to my installed windows system, and what personal information this malware to pass on over the internet?

I also wonder if this malware is needed in order to continue betting on CentreBet.com? Or if it is Norsk-Tipping.no if it is needed in order to continue there. Norsk-Tipping.no is no casino house, it is only a regular betting company under strict regulations by the Norwegian authorities.

CentreBet.com is an Australian Casino, Poker, Sports and Racing betting company. Is CentreBet.com in any way affiliated with GoldenPalace Casino systems?

Best Regards :spider:

M-ware-hatr

2006-06-19, 16:28

Scanned with following software tools WITHOUT success finding this malware:

Awira AntiVir

TrojanHunter

Ewido security suite

I have not removed the malware yet, as Spybot S&D suggests or offers.

Best Regards :spider:

tashi

2006-06-19, 16:55

Hello.

Please see:

BEFORE you post and who will advise you. Preliminary Steps (http://forums.spybot.info/showthread.php?t=288)

M-ware-hatr

2006-06-19, 20:23

Hello.

Please see:

BEFORE you post and who will advise you. Preliminary Steps (http://forums.spybot.info/showthread.php?t=288)
I did read the posting guidelines, but obviously not thorough enough. I understand your point of disabling the links. However I am pretty sure, but not 100 % that those websites are clean from website-inserting stuff.

You should allways surf the web with a proper antivirus solution. It has saved me more than once. A properly configured web-browser is also essential to use.

My gutfeeling with this Malware experience is that it came with some installation of software. Manually installed! I did manually install both the Casino software and the Poker software from CentreBet.com. And also the BuyPass solution from Norsk-Tipping.no.

I allready mentioned that in my initial posting.