Occamy.c Trojan wtf?
Results 1 to 7 of 7
  1. #1
    Junior Member
    Join Date
    Apr 2016
    Posts
    5

    Default Occamy.c Trojan wtf?

    First time windows defender "caught" it was a week ago, now i had the same "Threat found" again. Wtf? Also, yesterday HM2 was not able to show HUD, i got error message, like it cant connect to something, but today it showed it fine, altough i had this trojan message again.

    https://gyazo.com/c20420fb40f21c84e6e07ec673ff2a6a
    https://gyazo.com/8468eefb0e60a21a98b49243b91ad41a

    Wtf and what should i do? Should i deinstall it and just save database so i dont lose everything or?
    And regarding database, since i started using notecaddy there is so much garbage files that use space, i remember last time i cleared all files i saved more than 50gb of space (they were not related to database because i was deleting my database once in 3 months and creating new one because of new datamined hands)

  2. #2
    Junior Member
    Join Date
    Jul 2019
    Posts
    3

    Default

    Yep, I got the same thing. I first downloaded HM2 again after a 2 year hiatus on 7/5/19, and an hour later Windows Defender told me that same trojan horse attack script. HM2 wasn't working anyways, so I uninstalled it, and had WD clear the virus.

    Dowloaded HM2 again, and whadda you know? Hour or two later, same trojan horse attack...

    Should we be fearful of this software embedded attack? Really not interested in my pc turning to trash from it...

  3. #3
    Junior Member
    Join Date
    Apr 2016
    Posts
    5

    Default

    okay, i just tried to play again and i got this hud message again wtf
    https://gyazo.com/bfb771ef6a2a7dbc7d571a7eceed4414

  4. #4
    *** HM3! *** fozzy71's Avatar
    Join Date
    Sep 1971
    Location
    HM Support
    Posts
    28,573

    Default

    Quote Originally Posted by grujamachko View Post
    First time windows defender "caught" it was a week ago, now i had the same "Threat found" again. Wtf? Also, yesterday HM2 was not able to show HUD, i got error message, like it cant connect to something, but today it showed it fine, altough i had this trojan message again.

    https://gyazo.com/c20420fb40f21c84e6e07ec673ff2a6a
    https://gyazo.com/8468eefb0e60a21a98b49243b91ad41a

    Wtf and what should i do? Should i deinstall it and just save database so i dont lose everything or?
    And regarding database, since i started using notecaddy there is so much garbage files that use space, i remember last time i cleared all files i saved more than 50gb of space (they were not related to database because i was deleting my database once in 3 months and creating new one because of new datamined hands)
    Quote Originally Posted by sred View Post
    Yep, I got the same thing. I first downloaded HM2 again after a 2 year hiatus on 7/5/19, and an hour later Windows Defender told me that same trojan horse attack script. HM2 wasn't working anyways, so I uninstalled it, and had WD clear the virus.

    Dowloaded HM2 again, and whadda you know? Hour or two later, same trojan horse attack...

    Should we be fearful of this software embedded attack? Really not interested in my pc turning to trash from it...
    Which Operating System, Firewall, and AntiVirus are you using?

    Sometimes security software can prevent Holdem Manager communicating with PostgreSQL and the Poker sites. This can cause many issues including import, hud issues and issues with launching Holdem Manager. Please follow the instructions in this FAQ that creates exceptions for Holdem Manager and PostgreSQL to avoid these issues - http://hm2faq.holdemmanager.com/ques...%28Firewall%29


    a) Open your Windows Defender (or chosen AntiVirus program) > History tab:

    1) Select the files if they are from holdemmanager with that checkbox on the left side, then in the bottom right of the window click 'Allow Item'.
    2) Start HM2.

    I sometimes have to open the Windows Security app, go to the Virus & threat protection menu, Virus & threat protection settings - 'Manage settings' and then disable 'Real-time protection, Cloud-delivered protection, and Automatic sample submission then update/launch HM2 before I enable them again.

    Please let us know if that solved the problems.


    b) If none of that helps:

    Many of those free Norton, Mcaffee, Comodo, Zonealarm, Avira, Avast, AVG, Bitdefender, etc, 'internet security' bundles will not work well with Holdem Manager.

    Please do the following steps, so we can get your computer to a state that we know will work with Holdem Manager:

    1) Uninstall any 3rd party security software (even windows defender or security essentials) bundles and dont reinstall them until after you reconnect postgresql.
    2) Reboot your computer
    3) Uninstall HM2* and then Reinstall HM2 - http://www.holdemmanager.com/downloa...er_2_Setup.exe
    - After downloading, you should right-click the file, go to properties and click unblock.*
    * If you do not see an 'unblock' option you can ignore this step.
    - Then, right click the file and run as administrator.
    4) Enable Windows Firewall's recommended settings through your Control Panel, turn off Windows Defender (unless you are using Windows 10, in which case it should be enabled), and add firewall exceptions for HM and SQL - http://hm2faq.holdemmanager.com/ques...rewall%29#MSES
    5) Install Microsoft Security Essentials (unless you are using Windows 10) for antivirus/malware protection and update it - https://support.microsoft.com/en-us/help/14210

    *This will not affect your database, settings or original hands in your archive folder.

    Once HM2 is working properly you should be able to reinstall your preferred AntiVirus software. Please follow the instructions in this FAQ that creates exceptions for Holdem Manager and PostgreSQL to avoid these issues - http://hm2faq.holdemmanager.com/ques...%28Firewall%29

    c) If you continue to have problems, please duplicate the issue and send us log files with a detailed description of what you were doing and what problems you were experiencing:
    - Open Windows Event Viewer's (Control Panel - System & Security - Administrative Tools or Start - Search - 'Event Viewer') - Windows Logs - Applications.
    - Check for any errors and send the information (Save All Events As...).
    - Please send your \HM2Logs folder files as well - http://hm2faq.holdemmanager.com/ques...ger+Support%3F

    When sending any files please zip them (right-click - send to - compressed folder) before attaching them to an email. If the attachment is larger than 10MB please upload them to a file hosting site like dropbox, then right-click - 'copy dropbox link' and paste the download link directly into the support ticket email. If you have any problems with dropbox try using filedropper.com



    Quote Originally Posted by grujamachko View Post
    okay, i just tried to play again and i got this hud message again wtf
    https://gyazo.com/bfb771ef6a2a7dbc7d571a7eceed4414
    This indicates that something is blocking the connection to our server.

    Please see this FAQ - http://hm2faq.holdemmanager.com/ques...+files#winsock

    If you continue to have problems:

    This is most likely either an antivirus or firewall, or a proxy setting. Please see this FAQ to fix AV issues - http://hm2faq.holdemmanager.com/ques...+Problems#7881

    Please see this FAQ to alleviate any security bottlenecks - http://hm2faq.holdemmanager.com/ques...olders+HM2+use

    Even if you have not changed the Proxy settings, another program may have. Please see this FAQ for more information:
    http://hm2faq.holdemmanager.com/ques...+Manager#proxy

    Also make sure you are logged in properly in the Options > Settings > HM.com Website Login menu.

    If you continue to have problems, please reproduce the problem and zip/attach your HM2Logs folder with a detailed description of what you were doing and what problems you were experiencing - http://hm2faq.holdemmanager.com/ques...ger+Support%3F

  5. #5
    Junior Member
    Join Date
    Apr 2016
    Posts
    5

    Default

    I dont use any of this shitty antivirus softwares, i barely can look at windows defender. I've made an exception for HEM and it works now but still, with all crypto and passwords and everything why would i risk using something that is declared as trojan? I mean, i understand its like "false", but who can guarantee that?

  6. #6
    Junior Member
    Join Date
    Jul 2019
    Posts
    3

    Default

    Quote Originally Posted by grujamachko View Post
    I dont use any of this shitty antivirus softwares, i barely can look at windows defender. I've made an exception for HEM and it works now but still, with all crypto and passwords and everything why would i risk using something that is declared as trojan? I mean, i understand its like "false", but who can guarantee that?
    Exactly. Here's me trying to download HM2 on my desktop today.

    https://gyazo.com/c577a0db645f51cd0872eee232b036f5

    It has a new name now: Trojan:Win32/Fuerboos.Clcl I'm going to Poker Tracker 4. I'm done with this software.

  7. #7
    *** HM3! *** fozzy71's Avatar
    Join Date
    Sep 1971
    Location
    HM Support
    Posts
    28,573

    Default

    The false positive is because of new licensing security code changes in our new beta. All we can suggest is report it to your AV company and wait for them tell you it's a false positive, or you upload the suspicious file to virustotal you will likely see all but 3 or 4 of the 40+ antivirus programs give it a pass. The instructions in the first reply should solve this issue. If it doesn't send the logs/files we requested.

Similar Threads

  1. Occamy.C Trojan after last update!? WTF???
    By arawoy in forum Bug Reports
    Replies: 1
    Last Post: 06-15-2019, 05:41 PM
  2. player not being imported (superuser or wtf??)
    By theRabidDog in forum Manager General
    Replies: 1
    Last Post: 01-15-2009, 10:49 AM
  3. paid, haven't recieved, wtf?
    By triggaman6 in forum Manager General
    Replies: 5
    Last Post: 01-11-2009, 03:21 PM
  4. HM saying trial period is over, WTF?
    By COTLOD in forum Manager General
    Replies: 1
    Last Post: 10-03-2008, 03:09 PM
  5. destructor wtf
    By GangstarrLDO in forum Manager General
    Replies: 11
    Last Post: 09-07-2008, 05:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •