Trojan: Win32 / Occamy

Trojan: Win32 / Occamy is a Windows Defender detection that targets a family of Trojan horse able to :

  • Download and install other malware
  • Use the computer to perform click Fraud, i.e. simulate clicks on advertisements
  • has features of keyloggers (keystroke logger)
  • Send information from PC like user name, browsing history information
  • Gives the cybercriminal access to the computer

What is Trojan: Win32 / Occamy?

Trojan: Win32 / Occamy is a versatile malware, as it performs various functions according to the choices of the developers. For example, it can abuse system resources to mine cryptocurrency. The whole process of crypto-mining based mainly on solving various "mathematical equations". Mining tools use system resources to perform calculations. Each time an "equation" is solved, only one currency unit (eg, 1 Bitcoin) is mined. Since an identical "equation" is solved by multiple computers simultaneously, the reward is split between each device based on the power of the device and the amount of work done. All income is collected by cybercriminals (crypto wallet), while users receive nothing in return. In fact, all of this is done without their consent, and as mining takes up 100% of computer resources, systems often become unstable and virtually unusable. Additionally, under certain circumstances (high ambient temperatures, poor cooling systems, etc.), hardware may be damaged (components may overheat).
Trojan: Win32 / Occamy Also collects various data including saved usernames / passwords, keystrokes, banking information, etc. The data collected is often misused to generate income. Therefore, the presence of malware like Trojan: Win32 / Esulat can lead to serious financial and privacy issues (for example, cyber criminals can transfer funds to their accounts, buy illegal items under your name, etc.).

This is a function that is fairly common to all Trojans.
In our study of the Trojan Detplock was made on a variant positioned in the following files:

Description: Windows Defender Antivirus has detected malicious or potentially unwanted software. Name: Trojan: Win32 / Occamy.C ID: 2147726780 Severity: Severe Category: Trojan horse 
Path: file: _C: \ Users \ Megaport \ Downloads \ 
Origin of detection: Local computer Type of detection: Fast path Source of detection: System User: NT AUTHORITY \ System 
Threat typeTrojan / Trojan horse
Threat familyoccamy
Assumed functionalitySteal bank details / bank website credentials
Download and install other malware
Symptoms of the diseaseNo specific symptoms, the malware tries to be discreet
But it will steal data, identifiers including passwords
Damage to the systemNone in particular
Trojan Banker sheet

Usually Trojan: Win32 / Occamy is distributed through crack.
However, Files going into AppData folders are very suspicious and usually synonymous with Trojan.
The observed pack also consisted of other malware families including:

  • Trojan: Win32 / Fuerboos
  • Trojan: Win32 / Delpem
  • Trojan: Win32 / Tiggre

The latter is propagated by torrent behind cracks or keygens.
Internet users who tend to download a bit of everything and anything are the first to be exposed.

How to remove Trojan: Win32 / Occamy ?

It is highly likely that Windows Defender will not be able to fully remove Trojan: Win32 / Occamy.
To successfully disinfect Windows and remove all malware, you can follow our free procedure
This procedure only suggests the use of free software.

Remove Trojan: Win32 / Occamy with MBAM

  • Download then install Malwarebytes Anti-Malware
  • Let yourself be guided to carry out the first configurations
  • Then Launch a quick scan by clicking on the button Analyze
  • At the end of the scan, delete all the threats detected
  • Finally restart your PC if MBAM asks for it
Remove viruses with Malwarebytes Anti-Malware

Malwarebytes Anti-Malware in video:

Remove Trojan: Win32 / Occamy with RogueKiller

  • Download then install RogueKiller
  • Start a PC virus scan by clicking on the button Analyze
Remove viruses with RogueKiller / Remove malware with RogueKiller
  • Let the scan run, it will take some time
  • Finally remove all detected threats
Remove viruses with RogueKiller / Remove malware with RogueKiller

Remove Trojan: Win32 / Occamy with NOD32

  • Download then run esetonelinescanner.exe
  • Then let yourself be guided to perform the analysis online then enable PUA detection (Potentially unwanted application)
Perform a NOD32 online scan to remove viruses
  • Then the analysis of NOD32 is carried out, again, it will take a long time, be patient
  • Finally place all the detected elements in quarantine

NOD32 scan in video:

Need personalized help?

Nothing works ?
Need personalized help?
Go to the forum by creating your own topic, we will help you!
=> Malekal Forum - Virus Removal Help


How to protect your PC from viruses

You can delete the programs used, if you wish you can keep Malwarebytes Anti-Malware to perform regular scans.
Remove AdwCleaner and ZHPCleaner, there is no point in keeping them for regular analyzes.

It is strongly advised to change all your passwords (Facebook, online games, emails etc).

Here are some tips to keep your computer safe and prevent malware.
To secure your computer, especially update all your software (Adobe Flash, Java etc): Secure your computer and protect your PC from viruses.