Trojan:Win32/Occamy.C32 removal guide

The Trojan:Win32/Occamy.C32 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Occamy.C32 virus can do?

Uses Windows utilities for basic functionality

How to determine Trojan:Win32/Occamy.C32?


File Info:
crc32: 3F1BF797
md5: 66a0155e3d67ea7a579ed53ba0a2831d
name: 66A0155E3D67EA7A579ED53BA0A2831D.mlw
sha1: 5f1bda04c469729deb85a4819290356a88984346
sha256: 32edfc47b67ec88789485186ebbb56f8674078e5d6cd4ace1343d445cd5ccb53
sha512: 9aa67eb742591ecc4890cb0bced2d638c21a9d1841243cd9cbae9e2d05ff16240c0fe45de353a9f47c3465086cd783c94df0fad8baac122f1afcb9537cd76205
ssdeep: 6144:C64Zl6iCmkRsbmm4PoK6HOwQlIZZMN6HW+KLLn7mWlIQHQg:CHgKbmme6HOwwIi7LLnSMHHQg
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: wsqmcons.exe
FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7601.17514
FileDescription: Windows SQM Consolidator
OriginalFilename: wsqmcons.exe
Translation: 0x0409 0x04b0

Trojan:Win32/Occamy.C32 also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Trojan.GenericKD.31109070
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Ransom:Win32/PornoBlocker.e142f4c1
Cybereason	malicious.e3d67e
Cyren	W32/Virut.D.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	FileRepMetagen [Malware]
BitDefender	Trojan.GenericKD.31109070
MicroWorld-eScan	Trojan.GenericKD.31109070
Tencent	Win32.Trojan.Ransom.Wptg
Ad-Aware	Trojan.GenericKD.31109070
Sophos	Generic ML PUA (PUA)
F-Secure	Heuristic.HEUR/AGEN.1117850
BitDefenderTheta	Gen:NN.ZexaF.34170.rq0@a8R7Wxei
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Virutrem.dm
FireEye	Generic.mg.66a0155e3d67ea7a
Emsisoft	Trojan.GenericKD.31109070 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1117850
Microsoft	Trojan:Win32/Occamy.C32
Arcabit	Trojan.Generic.D1DAAFCE
GData	Trojan.GenericKD.31109070
Acronis	suspicious
McAfee	Artemis!66A0155E3D67
MAX	malware (ai score=99)
Malwarebytes	Malware.Heuristic.1001
Panda	Trj/CI.A
Yandex	Worm.Moldyow!Yb6IZEnlZfU
Ikarus	Trojan-Ransom.PornoBlocker
Fortinet	W32/Generic.AC.5A07!tr
AVG	FileRepMetagen [Malware]
Paloalto	generic.ml

How to remove Trojan:Win32/Occamy.C32?

Trojan:Win32/Occamy.C32 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X