Downloaded the latest beta and Norton 2010 says:

suspicious behaviour of holdemmanager.exe.
risk: high
You should block and delete it.

?????

edit: using windows xp

This is an old false positive error.

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

1. Enable "Show hidden files and folders" under Control Panel -> Folder Options -> View
2. Go to C:\Users\%USERPROFILE%\AppData\Local\Xenocode\Appl iance Cache and delete every folder you can find in there

If you are on XP, that location is C:\Documents and Settings\%USERPROFILE%\Local\Application Data\xenocode\appliance cache

Empty your recycle bin.

reboot

Please update to the latest beta - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe

I already deleted every xenocode file when that false alarm came up 2 months ago (or i dont know how long it was).
The last time it was about a specific trojan (?) false alarm. But this time it is about suspicious behaviour.

I allowed HEM to keep going and then Norton again tells me something about suspicious behaviour this time from the HUD.exe.
So I just click "Allow" and that's it I guess. It is still something different than the last time because the last time Norton named a trojan.

Norton Firewall, instead of Anti-Virus, it sounds like. Odd that it would now ask for permission. That usually happens when first using it.

Here are instructions for setting exceptions in Norton:

1. Start > Programs > Norton Internet Security
2. Click on Settings > Personal Firewall > Configure
3. Click on Program Control > Add
4. Add the files mentioned here: http://www.holdemmanager.net/faq/afmviewfaq.aspx?faqid=171
5. Click Modify > insure there is a check beside "Allow All" > OK

Yeah no antivirus, no antispyware.

SONAR found this, (Norton tool) = based on the behaviour of apps it gives a proactive real time - detection.

So what do you think did SONAR detect there with HEM.exe and HMHud.exe that is of a high risk? I guess it is the same as with the false virus.

Our programs use network communication and some other things which might be suspicious for such a program but HM needs them to work properly.

You mean communication over the internet?

Well, when that Sonar-message came up again I clicked allow (let the exe do its thing) but then denied the access to the internet for all exe.files in the HEM folder and HEM works perfectly right now.

Or will I get difficulties with these preferences?

HM needs to communicate with the license server.