I use the free version of AVG for antivirus protection.
I was just wondering if this might be a false positive:

http://i82.photobucket.com/albums/j256/TradeSurplus/Capture-2.jpg?t=1267275082

it just happened the same to me.

i uninstalled AVG and HM and installed HM back in but is no longer working.

i can no longer open HM as I get this message :

xenocode virtual appliance runtime

This application has encountered an error : 0x8000FFFF

Fatal Error. Please contact the publisher...


Any help ?

i have the same virus detected and now i cant even start it up... if i look in it my computer says i can remove the infections. but is that save to do? im in the midle of a rakerace and this is the last i can use!

any help?

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

1. Enable "Show hidden files and folders" under Control Panel -> Folder Options -> View
2. Go to C:\Users\%USERPROFILE%\AppData\Local\Xenocode\Appl iance Cache and delete every folder you can find in there

If you are on XP, that location is C:\Documents and Settings\%USERPROFILE%\Local\Application Data\xenocode\appliance cache

Empty your recycle bin.

reboot

Please update to the latest beta - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe

let me know if that solves it

I do not have net framework 3, installed in my computer and I can not install it.

If I update to this - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe

am I going to be able to run HM?

Thank you.

I have tried following your instructions.
AVG says that the virus is still there and on top of that HM takes ages top initialize database;actually it´s been more than 1/2 hour and still waiting to initializing.

Hope it helps.

my AVG reported all the same virus infections as the OP but HEM seems to be working fine. Should I still follow the instructions above? Should I empty my virus vault or will this affect HEM operation?

i got the same warning except i am using the rush HUD version http://forums.holdemmanager.com/releases/26165-rush-hud-fully-supported.html

i also just bought table scanner yesterday, idk if that would have anything to do with it

i will try the instructions in your post

This worked for me

I do not have net framework 3, installed in my computer and I can not install it.

If I update to this - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe

am I going to be able to run HM?

Thank you.


I have tried following your instructions.
AVG says that the virus is still there and on top of that HM takes ages top initialize database;actually it´s been more than 1/2 hour and still waiting to initializing.

Hope it helps.


No. You are using 1.09.03 right now and still getting the warnings after following the steps? I don't know when exactly this was, to know what version will work with dotnet 2 and also not give the false positive.

Here are some older release threads where you can download other old versions to try.

http://forums.holdemmanager.com/releases/23748-1-10-03b-official-release.html

http://forums.holdemmanager.com/releases/11865-release-info-thread-1-09-beta-43-release-candidate-1-09-a.html




my AVG reported all the same virus infections as the OP but HEM seems to be working fine. Should I still follow the instructions above? Should I empty my virus vault or will this affect HEM operation?

Follow the steps posted and you should be fine.

OK it appears these are NOT false positives. I uploaded some of the files detected to Jotti's malware scan (http://virusscan.jotti.org) and most scanners returned a virus.

Does this possibly have something to do with the rush hud?

Please explain.

In the meantime I'm going to do a complete scan and change all poker passwords.

It is version 1.08.04.Is it that old? Worked fine to me.

I'm having problems with Hold Em manager too, whenever I try to log in I get a Trojan horse backdoor.generic1 according to AVG. When I click to heal it, nothing happens and I can't log in to HEM. I followed morny's instructions and restarted my computer, but still nothing happened.

Not sure what to do.

I have the same problem. Followed all the steps and it is still not working.

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

1. Enable "Show hidden files and folders" under Control Panel -> Folder Options -> View
2. Go to C:\Users\%USERPROFILE%\AppData\Local\Xenocode\Appl iance Cache and delete every folder you can find in there

If you are on XP, that location is C:\Documents and Settings\%USERPROFILE%\Local\Application Data\xenocode\appliance cache

Empty your recycle bin.

reboot

Please update to the latest beta - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe

let me know if that solves it

I had the same problem today and followed these instructions step by step - and it fixed it for me.

I am not very good at dealing with computer issues - and admittedly not very smart about it either. So thank you for making the instructions simple enough for "dummies" like me to follow.

If I can do it anyone can lol.

Ok.I followed the steps given and I installed version 1.09 Beta 42.
It works fine and imports correctly (hundreds of duplicate hands tho - I don´t care);

Now the problem is that despite of having auto launch HUD with import and ticking relaunch HUD,there is nothing popping up;I have no HUD.

No need to say that the HUD is a must,it is a need.

Please help me out.

Thank you.

I had the same problem today and followed these instructions step by step - and it fixed it for me.

I am not very good at dealing with computer issues - and admittedly not very smart about it either. So thank you for making the instructions simple enough for "dummies" like me to follow.

If I can do it anyone can lol.

+1 to this.

OK it appears these are NOT false positives. I uploaded some of the files detected to Jotti's malware scan (http://virusscan.jotti.org) and most scanners returned a virus.

Does this possibly have something to do with the rush hud?

Please explain.

In the meantime I'm going to do a complete scan and change all poker passwords.

Why didnt you post your results or tell me some file names at least? What anti-virus are you using and what files were flagged?


It is version 1.08.04.Is it that old? Worked fine to me.

That is ancient. 1+ years old. Please fol.low my instructions I posted.


I'm having problems with Hold Em manager too, whenever I try to log in I get a Trojan horse backdoor.generic1 according to AVG. When I click to heal it, nothing happens and I can't log in to HEM. I followed morny's instructions and restarted my computer, but still nothing happened.

Not sure what to do.

Please try the steps again, and let me know if you have problems with any of the steps.


I have the same problem. Followed all the steps and it is still not working.

Which Operating System, Firewall, and Anti-Virus are you using? What errors/warnings do you get? What files are flagged? Screen shots or logs? It's hard to trouble shoot with so few details.


Ok.I followed the steps given and I installed version 1.09 Beta 42.
It works fine and imports correctly (hundreds of duplicate hands tho - I don´t care);

Now the problem is that despite of having auto launch HUD with import and ticking relaunch HUD,there is nothing popping up;I have no HUD.

No need to say that the HUD is a must,it is a need.

Please help me out.

Thank you.

You have to use 1.09.xx because you cant install dot net 3.5? You tried the dotnet cleaenup tool? Which Operating System, Firewall, and Anti-Virus are you using?

Please give HoldemManager Administrator rights -

1) Go to C:\Program Files\RVG Software\Holdem Manager (Program Files (x86) if you have the 64bit version)
2) Rightclick the HoldemManager.exe and choose "Properties".
3) Go to the Compatibility Tab and select "Run this program as an Administrator".
4) Do the same for HMHud.exe and DBControlPanel.exe

Try double-clicking hmhud.exe directly to start it.

File HMHud.exe received on 2010.02.28 00:55:11 (UTC)
Current status: finished
Result: 0/42 (0%)

Virustotal. MD5: 1e000b4b3746adb8ff6074a88de0b8de (http://www.virustotal.com/analisis/75e0dfac45517adfa702698011c8e406f9ced76223b99c9faf 91cd3fe2652ce8-1267318511)

http://i49.tinypic.com/j5jpl5.png

Virustotal. MD5: 67eff0b69b569a017a3316e1160dc43e Backdoor.Trojan Heuristic.LooksLike.Trojan.Backdoor.Poison.H Backdoor.Generic!IK (http://www.virustotal.com/analisis/158e9af9b9c75c5c057f4f8af7d4297e66c691cc8331efaee6 041c78a9fbae29-1267324834)
File HMImport.exe received on 2010.02.28 02:40:34 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 28/42 (66.67%)

Virustotal. MD5: 06c586b5ecbd4990ca76014952ff800f Backdoor.Trojan Heuristic.LooksLike.Trojan.Backdoor.Poison.H Backdoor.Generic.231119 (http://www.virustotal.com/analisis/92a9984531d137aa5ed630fc6e8c1752554e1a23df0b293d6d d1eb3e74ae8bf9-1267324948)
File HMHud.exe received on 2010.02.28 02:42:28 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 33/42 (78.58%)

Those are all false positives. Please follow the instructions I posted, exactly as I posted.

Close HEM and your anti-virus and delete any \xenocode\appliance cache folders and any other possible false positive files.

1. Enable "Show hidden files and folders" under Control Panel -> Folder Options -> View
2. Go to C:\Users\%USERPROFILE%\AppData\Local\Xenocode\Appl iance Cache and delete every folder you can find in there

If you can't see it, turn off the windows option that is hiding that directory. How to see hidden files in Windows (http://www.bleepingcomputer.com/tutorials/tutorial62.html)

http://www.holdemmanager.com/downloads/images/hidden.jpg


If you are on XP, that location is C:\Documents and Settings\%USERPROFILE%\Local\Application Data\xenocode\appliance cache

Empty your recycle bin.

reboot

Please update to the latest beta - http://www.holdemmanager.com/downloads/HmBetaUpdate.exe


If you have Kaspersky try this:

Holdem Manager Forums - View Single Post - Kaspersky Internet Security 2010 not working with PostgreSQL? Here is the solution! (http://www.holdemmanager.net/forum/showpost.php?p=99782&postcount=10)


or this:

* Go into the KAV settings window.
* Navigate to the Service node.
* Here, turn on the Compatibility mode for programs using self-protection option.

If that does not work then find the "Heuristic Scanning" option in Kaspersky and disable that.

I do not have a Xenocode folder. I tried searching around but can't find anything.

I deleted everything in the Xenocode/ApplianceCache folder and updated to latest beta and now it seems to work fine.

Nothing is working anymore. ARGH!!!!! HEM will not boot up or anything. :confused:

I did not have the last version of HEM installed, and installing that did the trick. LOL @ me thx for the help etc etc

just wanted to say that I had these aswell, but only on my old xp partition.
not on the w7 x64 I am using now (so It is prob from the Hem version i had installed at the time i used xp)
Using AVG free edition v9.0.733, db version 271.1.1/2713

I hope this helps you guys figuring it out :)

I just deleted the folder Appliancecache and am scanning again now

Hi there support of HM,

I've got the same problem.

At first I got this masage from AVG.3688

Then I did what morny suggest.

But the file in the Appliance Caches and delete folder keeps cominig back!

Then I updated the rvgsoftware and now I get a different error masage.3689

Please help! I don't know what to do!

I wanna play poker! lol!

Best Regards,

Antonio

* Under Vista and Windows 7 make sure that holdemmanager.exe, hmhud.exe and dbcontrolpanel.exe are started as administrator. Run the windows explorer and navigate to your Holdemmanager installation directory. Right click the holdemmanager.exe, dbcontrolpanel.exe and the hmhud.exe executable and select "Run as admin" from the popup menu under compatibilty.

Tried all of the above and still HEm does not open up. Everytime i try to open it HEM closes down and i get a trojan horse warning from my AVG virus software.

ANy ideas how to fix this?

U need to uninstall avg antivirus
donwload and install this update http://www.holdemmanager.com/downloads/HmBetaUpdate.exe
restart your computer and run holdem manager again.
if that works u can reinstall avg again and it should be ok

The steps I posted should fix it. The only other thing I could think to try would be a complete revo uninstall of HM and your anti-virus to start from scratch.

FAQ - Hold'em Manager Poker Tracking Software :: Using Revo Uninstaller (http://faq.holdemmanager.com/questions/126/Using+Revo+Uninstaller+)

ok i've followed the instructions in the post and it has stopped virus warnings from the xenocode folder (in fact there isn't a xenocode folder anymore) but i am still getting these files going into my system restore folder

http://i50.tinypic.com/2luyr88.png

even if i tell AVG to remove the file, another still shows up a few minutes later

any idea how to stop this

I followed all the steps that you recommended and the virus threat is still there. I also tried to give HEM Administration rights but that wasnt an option under compatability. I only had the option to "run this program in compatability mode".

HEM on my desktop works fine but my laptop is having all the virus problems.

I use Windows 7 and AVG free 9.0

Is it necessary for me to do a revo uninstall? If i do a revo uninstall will I lose the data that is currently in HEM?

OK i followed all the instructions and updated HEM but when i try to open it now i get the following error message

"An errror occurred on startup: Access to the path 'C:\Program Files\ RVG Software\Holdem Manager\fishfinder\filterv2' is denied "

How do i fix this?

thx

@drink: answered in your other thread

@Tommo: Under Vista and Windows 7 make sure that holdemmanager.exe, hmhud.exe and dbcontrolpanel.exe are started as administrator. Run the windows explorer and navigate to your Holdemmanager installation directory. Right click the holdemmanager.exe, dbcontrolpanel.exe and the hmhud.exe executable and select "Run as admin" from the popup menu under compatibilty.

ok i've followed the instructions in the post and it has stopped virus warnings from the xenocode folder (in fact there isn't a xenocode folder anymore) but i am still getting these files going into my system restore folder

http://i50.tinypic.com/2luyr88.png

even if i tell AVG to remove the file, another still shows up a few minutes later

any idea how to stop this

The old suspicious code is saved in a restore point. To delete this you need to disable system restore, reboot, delete the folder from the error message, enable system restore and reboot again.

Guys,it is working for me now.Just follow the instructions and you´ll be fine.
I installed 1.09 Beta 42 though.

Admin. thanks for the effort and quick responses.I do appreciate it.

Yo HEM,

Is this a false positive or not? I did a scan with Ad-Aware. Normally I have the free version of avast running, and it has not found anything, ever.

Quarantined items:
Description: C:\Users\acer\AppData\Local\Xenocode\ApplianceCach es\HoldemManager.exe_v7BC20518\Native\STUBEXE\@WIN DIR@\Microsoft.NET\Framework\v2.0.50727\csc.exe Family Name: Win32.Backdoor.Poison Engine: 1 Clean status: Success Item ID: 2926113 Family ID: 1566 MD5: 4cf61d89f4e476fdcd1e8897ba9b64fa

Description: C:\Users\acer\AppData\Local\Xenocode\ApplianceCach es\HoldemManager.exe_v7BC20518\Native\STUBEXE\@WIN DIR@\Microsoft.NET\Framework\v2.0.50727\cvtres.exe Family Name: Win32.Backdoor.Poison Engine: 1 Clean status: Success Item ID: 2634197 Family ID: 1566 MD5: 59b776217f77743958a40123dc956793

Any advice? Thanks!

this is false alarm
anyway, HM no longer uses this technology, so:
update to latest HM version (download link #1 in my sugnature & run installer in right path)
then reboot PC & delete this XENOCODE folder at all

this is false alarm
anyway, HM no longer uses this technology, so:
update to latest HM version (download link #1 in my sugnature & run installer in right path)
then reboot PC & delete this XENOCODE folder at all

Thanks for a quick reply, it worked out well.