What is “PUA:Win32/Occamy”?

The PUA:Win32/Occamy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What PUA:Win32/Occamy virus can do?

• Sample contains Overlay data
• Reads data out of its own binary image
• Authenticode signature is invalid
• Anomalous binary characteristics

How to determine PUA:Win32/Occamy?

File Info:
name: 23A89201C40ED18C0F29.mlw
path: /opt/CAPEv2/storage/binaries/27107d7b5d283c8324c77c712167ff13db5a8a61496fe5c40f91ddb372e46b57
crc32: 7742404E
md5: 23a89201c40ed18c0f29eb7637031388
sha1: 59aebd8e9bef0f1a6acf58b0182e5704dd8548cc
sha256: 27107d7b5d283c8324c77c712167ff13db5a8a61496fe5c40f91ddb372e46b57
sha512: 99ada5c0e6fbb34dde067b28b4e75b6de7dc3c8bbbf9a3b8864776424765c1040b502ab046eb706191a28b6a83bf2bde8f85a70e602240ed56872ae0583aee4e
ssdeep: 24576:SUWqistZ85pTb6rTTwSCXRicZvBHQVmA0Pb5slh8VokydYB0NySj:SUUG85pqn0TXYcZ+sA0zZX6Hlj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11F45E11F000B0794E7785370CE1974A781E83909BC97EABFFDD92A8215A91F5E06EB31
sha3_384: ffcca91164e2c3c083b23d53bf3bc552cc860222d1decabcdf01005099cacb6aec6afe40638ee9d33bee8fe65aac23ae
ep_bytes: e8e3feffff33c050505050e8542b0000
timestamp: 2009-08-16 11:05:35

Version Info:
0: [No Data]

PUA:Win32/Occamy also known as:

How to remove PUA:Win32/Occamy?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.