PDA

View Full Version : Firewall security alerts for HM/HM HUD



Tranclugator
06-16-2009, 09:54 AM
Alert:

Application is trying to catch keystrokes
App: HMHUD.EXE
Method: GetKeyState
Allow/block catching attempts

Alert:

Application is trying to modify the memory area of another app
Process: HMHUD.EXE
Target process: csrss.exe
allow/block


What does it mean? :eek: I don't remember such activity with 1.08.4. Now i have 1.09 beta 6a

stretch00
06-16-2009, 11:11 AM
you probably never made HUD.exe an admin file did you?
HUD .exe/DBcontrol.exe/HM.exe need to have admin in most VISTA(crap)systems

Tranclugator
06-16-2009, 11:19 AM
I play poker at WinXP, most often as admin-user

stretch00
06-16-2009, 11:48 AM
Thats your firewall alert correct?All you would have to do is make HMHUD have privilege it looks like you never set up your firewall to ignore HM thats all

Tranclugator
06-16-2009, 11:59 AM
Setting the rules for HMHUD in Outpost Firewall is not a problem, the only question is: is that suspicious activity normal for HMHUD?

stretch00
06-16-2009, 12:54 PM
That it,Hm has to know what your doing to gather the stats,right?

Tranclugator
06-16-2009, 01:01 PM
That it,Hm has to know what your doing to gather the stats,right?

OK, i just could not think that keylogging is needed for this :)

morny
06-16-2009, 06:40 PM
Roy will clear this up, as always with these things its either something mistaking it as malicious act when in fact its not or a false positive

However i would still urge caution a run a full system scan in the meantime

Mike chops
06-16-2009, 07:27 PM
Like Morny says..be careful.

However, the HUD does some pretty funky stuff that could look suspicious. There can't be many legitimate programs that interface with another app (the poker client in hmhud's case) as tightly as we do. We overlay their graphics, we read their memory looking for past hands and recently we started hacking the chatboxes to read the text there.

I don't do any keylogging or anything else shady, but I can see why a program built to detect suspicious activity might flag hmhud as a threat

Tranclugator
06-17-2009, 02:33 PM
Ok ty