Hello, Windows Defender detects the Trojan: Win32 / Occamy.C threat while scanning. Unfortunately, it is not able to remove it, the only action to choose from is the permission on the device. Interestingly, Malwarebytes does not detect the threat. I am sending FRST logs and asking for help. Regards

Otwórz notatnik i wklej: CloseProcesses: HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\Run: [GalaxyClient] => [X] Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-12-03] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) GroupPolicy: Restriction ? about:newtab FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-12-24]

Check the file on the disk locally as in the guide.

The scan does not detect anything anymore. I just had to clear the defender history as it kept telling me about the old threat. Thank you and I close the topic.

The scan does not detect anything anymore. I just had to clear the defender history as it kept telling me about the old threat. Thank you and I close the topic. Added after 2 [minutes]: The user prepared a log that removed the threat. Additionally, I cleared the history of windows defender

[Solved] Windows Defender detects Trojan: Win32 / Occamy.C but cannot delete it

Lareman 7236 4

Treść została przetłumaczona

Zobacz oryginalną wersję tematu

| New topic

#1 18416915 21 Jan 2020 07:49

Lareman Lareman

Level 2
» |

Post #1
18416915 21 Jan 2020 07:49

Hello,

Windows Defender detects the Trojan: Win32 / Occamy.C threat while scanning. Unfortunately, it is not able to remove it, the only action to choose from is the permission on the device. Interestingly, Malwarebytes does not detect the threat. I am sending FRST logs and asking for help.

Regards

Attachments:

FRST.txt Download (131.6 KB)

Shortcut.txt Download (36.64 KB)

Addition.txt Download (42.78 KB)
ADVERTISEMENT
#2 18416963 21 Jan 2020 08:28

tomekzieba tomekzieba

Level 20

» | Helpful post? (0)

Post #2
18416963 21 Jan 2020 08:28

https://malwarefixes.com/threats/trojanwin32-occamy-c/

Check the file on the disk locally as in the guide.
ADVERTISEMENT
Helpful post

#3 18417163 21 Jan 2020 10:18

krzychupar krzychupar

Level 43

» | Helpful post? (+5)

Helpful post
Post #3
18417163 21 Jan 2020 10:18

Otwórz notatnik i wklej:

CloseProcesses:
HKU\S-1-5-21-2778722619-1208249535-4111246651-1001\...\Run: [GalaxyClient] => [X]
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-12-03]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Restriction ? about:newtab
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-12-24]
ADVERTISEMENT
#4 18417212 21 Jan 2020 10:50

Lareman Lareman

Level 2

» | Topic author Helpful post? (0)

Post #4
18417212 21 Jan 2020 10:50

The scan does not detect anything anymore. I just had to clear the defender history as it kept telling me about the old threat.

Thank you and I close the topic.
#5 18417218 21 Jan 2020 10:52

Lareman Lareman

Level 2

» | Topic author Helpful post? (+2)

Post #5
18417218 21 Jan 2020 10:52

The scan does not detect anything anymore. I just had to clear the defender history as it kept telling me about the old threat.

Thank you and I close the topic.

Added after 2 [minutes]:

The user prepared a log that removed the threat. Additionally, I cleared the history of windows defender
Create an account, log in and become active in a forum and ads will not appear. You will receive points by participating in discussions.
Join this discussion.

Install the application

Didn't find an answer? Ask Artificial Intelligence

*I agree to send the question to OpenAI, Anthropic PBC, Perplexity AI, Inc., Kagi Inc., Google LLC - owners of language models in order to prepare the best response. The companies may monitor and log information entered into the form.

*I agree to publicly display my question and answer. The question and answer will be publicly available to everyone. The process may take a few minutes. Upon completion, you will be redirected to the page with the answer.

Wait...(2min)

| New topic

Report a violation of the law

[Solved] Windows Defender detects Trojan: Win32 / Occamy.C but cannot delete it

Didn't find an answer? Ask Artificial Intelligence