PDA

View Full Version : Backdoor trojaner in hmimport.exe (beta36b) ?



KBS444
10-11-2009, 11:41 AM
Yesterday I installed the latest beta of HM and all was fine.
Today I started HM and my VirusScanner(F-Secure) says:
Backdoor.Win32 Poison.aujn in HMImport.exe
what is it falsepositive alarm or real?

fozzy71
10-11-2009, 05:45 PM
http://www.holdemmanager.net/forum/showthread.php?p=93155#post93155

RajShina
10-17-2009, 07:35 PM
Every time I try to open Holdem Manager my application doesn't open and I am automatically bombed out by my Norton anti virus software say there is a "backdoor trojan virsu".

I have unistalled the program and re-installed with the same problem and messages..


Please help..

Regards
Raj

fozzy71
10-18-2009, 12:59 AM
If you have Vista, please verify that UAC is still off. - http://www.holdemmanager.net/faq/afmmain.aspx?faqid=73. If it is on, please turn it off and reboot.

Turn off Windows Firewall for installing HM and PostgreSQL. You must also add exceptions to the Windows firewall, even if it is off. If you have a 3rd party firewall, uninstall it completely before installing HM/SQL - http://www.holdemmanager.net/faq/afmviewfaq.aspx?faqid=171

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

reboot

If you are still getting warnings you may want to reinstall HEM and do a thorough scan when it is uninstalled to make sure you dont have an actual virus somehow. I would scan with MBAM (MalwareBytes Anti-Malware) and your normal virus software.


1) Make a backup of your C:\Program Files\RVG Software\Holdem Manager\Config folder, and any other important files mentioned earlier.
2) Uninstall HM with www.revouninstaller.com using the Deep setting.
3) If given the option, on the 2 following screens of Revo, choose the Select All > Delete buttons to remove any registry entries and leftover files.
4) Reboot your computer

run any scans you feel necessary if there is a chance of real infection


5) Install the complete setup of HM: http://www.holdemmanager.com/downloads/holdemmanager.zip
6) Download the latest patch HM: http://www.holdemmanager.com/downloads/HmBetaUpdate.exe
7) Test if it for a while and see if it work
8) Close down Holdem Manager and rename the current, working \config folder to \config_original. Now copy your \config folder from step 1 and paste it to your C:\Program Files\RVG Software\Holdem Manager\ fodler, to replace the one you just renamed.
9) Test if it works again for a while
10) If your old config folder causes problems, you can paste the contents of the \config_original folder back in.
11) Now you can import any notes and hud configs.

preflopjitters
10-21-2009, 05:26 PM
This sounds very complicated. Is there anyone who can help me with this? I am having the same problems everyone else is having, have no xenocode files that I can find, downloaded the latest version, etc.

Please help.

Thanks.

netsrak
10-22-2009, 03:20 AM
Which operating system?
The folders are hidden folders so you need to activate the option to display them in control panel-> folder view -> show hidden files/folders and show system files.