PDA

View Full Version : Trojan - Win32poison



Porkyporks
11-01-2009, 10:52 AM
Hi!

My anti-virus program also found a positive trojan (Xenocode\ApplianceCaches\HoldemManager.exe_v7BC20 518\Native\STUBEXE\@WINDIR@\Microsoft.NET\Framewor k\v2.0.50727\csc.exe
) in my directories.

AFTER deleting them in safe mode, deinstalling Holdemmanager and empyting my trash it is still not possible to use the beta update version to install it again. I also sent you guys a mail regarding this but haven't heard from you at all. How is this possible?

I would appreciate a quick response and a solution to this problem.

Thx in advance!

netsrak
11-01-2009, 12:17 PM
1) Make a backup of your C:\Program Files\RVG Software\Holdem Manager\Config folder, and any other important files mentioned earlier.
2) Uninstall HM with www.revouninstaller.com using the Deep setting.
3) If given the option, on the 2 following screens of Revo, choose the Select All > Delete buttons to remove any registry entries and leftover files.
4) Reboot your computer
4a) Make sure your Windows is uptodate (Windows Update, Service Pack level)
4b) Make sure that Microsoft .net Framework 3.5 service pack 1 is installed.
5) Install the complete setup of HM: http://www.holdemmanager.com/downloads/holdemmanager.zip
5a) Delete the Xenocode subfolders related to holdemmanager (you see them in the error message )
6) Download the latest patch HM: http://www.holdemmanager.com/downloads/HmBetaUpdate.exe
7) Test if it for a while and see if it work
8) Close down Holdem Manager and rename the current, working \config folder to \config_original. Now copy your \config folder from step 1 and paste it to your C:\Program Files\RVG Software\Holdem Manager\ fodler, to replace the one you just renamed.
9) Test if it works again for a while
10) If your old config folder causes problems, you can paste the contents of the \config_original folder back in.
11) Now you can import any notes and hud configs.

Porkyporks
11-01-2009, 03:52 PM
Thx netsrak!

However, after using the software for uninstalling rebooting etc. (following exactly your steps) I still get the same message saying:

"Unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately."

I don't understand what problem remains. Would you mind if you could have a teamviewer session as soon as you can? (I am free for the next 3 hours)

Thx in advance!

netsrak
11-01-2009, 04:14 PM
You can mail support@holdemmanager.net with a link to this thread to schedule a teamviewer session.

fozzy71
11-01-2009, 06:13 PM
If you are using kaspersky try this:

http://www.holdemmanager.net/forum/showpost.php?p=99782&postcount=10


Any other anti-virus, try this:

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

1. Enable "Show hidden files and folders" under Control Panel -> Folder Options -> View
2. Go to C:\Users\%USERPROFILE%\AppData\Local\Xenocode\Appl iance Cache and delete every folder you can find in there

If you are on XP, that location is C:\Documents and Settings\%USERPROFILE%\Local\Application Data\xenocode\appliance cache

Empty your recycle bin.

reboot

Please update to the latest beta - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe