Should I remove “Program:Win32/Occamy.AA”?

Malware Removal

The Program:Win32/Occamy.AA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Program:Win32/Occamy.AA virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Program:Win32/Occamy.AA?


File Info:

crc32: B7CB2FCB
md5: aba6a6372600dad9e921a3f6ce40a5a2
name: acdsee_0062102655.exe
sha1: 9e8efa2c1663dbb81467be1487391d079e553a10
sha256: f938a0f7a98809be2208f84f482036777c2b576da1073b785ef7061fd8b16ee4
sha512: bc01ac8880f46fdb66664d909be991a0483060e1a37f3fe003bf5476bb65e70f2332c69289519ebf169a9269d72df5d7dd9e305271a4ddc1ee5720113505449d
ssdeep: 24576:QjzSNQDy1AOM8EHpU/QqBo527mQFQAv8I3JZs0XvpYwRdN:any1ATpG7mQ2AUI5ZxfpjRdN
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2018
InternalName: FastDownloader.exe
FileVersion: 3.2.0.8
CompanyName: -
ProductName: x8f6fx4ef6x4e0bx8f7dx5668
ProductVersion: 3.2.0.8
FileDescription: x8f6fx4ef6x4e0bx8f7dx5668
OriginalFilename: FastDownloader.exe
Translation: 0x0804 0x04b0

Program:Win32/Occamy.AA also known as:

DrWebAdware.DownLoader.1730
MicroWorld-eScanGen:Variant.Adware.Downloader.211
FireEyeGeneric.mg.aba6a6372600dad9
ALYacGen:Variant.Adware.Downloader.211
MalwarebytesPUP.Optional.FastDownloader
VIPRETrojan.Win32.Generic!BT
K7AntiVirusRiskware ( 0054404d1 )
BitDefenderGen:Variant.Adware.Downloader.211
K7GWRiskware ( 0054404d1 )
Invinceaheuristic
CyrenW32/Adware.FUMC-2049
APEXMalicious
GDataGen:Variant.Adware.Downloader.211
Kasperskynot-a-virus:HEUR:Downloader.Win32.Agent.vho
AlibabaRiskWare:Win32/Downer.2f72f72f
Ad-AwareGen:Variant.Adware.Downloader.211
SophosGeneric PUA JO (PUA)
F-SecureHeuristic.HEUR/AGEN.1126112
ZillyaTool.Downer.Win32.49
McAfee-GW-EditionPUP-XKF-IR
EmsisoftGen:Variant.Adware.Downloader.211 (B)
IkarusPUA.RiskWare.Downer
JiangminDownloader.Agent.nas
AviraHEUR/AGEN.1126112
Antiy-AVLGrayWare/Win32.Downer
Endgamemalicious (high confidence)
ArcabitTrojan.Adware.Downloader.211
SUPERAntiSpywarePUP.Downer/Variant
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.Agent.vho
MicrosoftProgram:Win32/Occamy.AA
AhnLab-V3PUP/Win32.Generic.C3478818
McAfeePUP-XKF-IR
MAXmalware (ai score=67)
VBA32Downloader.Agent
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/RiskWare.Downer.B
TrendMicro-HouseCallTROJ_GEN.R002H0CEJ20
RisingAdware.Downloader!1.C41F (CLOUD)
eGambitUnsafe.AI_Score_92%
FortinetRiskware/Agent
WebrootW32.Adware.Gen
Paloaltogeneric.ml

How to remove Program:Win32/Occamy.AA?

Program:Win32/Occamy.AA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment