Trojan:Win32/Occamy.C is a threat identified by Microsoft Security Software. This is a typical malware that targets the core system of Windows in order to complete its tasks. Trojan:Win32/Occamy.C was made to execute a series of commands once it gets inside the system. It will gather data like system settings, Windows version, network configuration, and so on. Collected data will be sent to remote attacker for analysis.

Threat behavior


In general, system will get infected with Trojan:Win32/Occamy.C if malicious code is executed on the computer. Source of this trojan may vary due to the changing ways how it is deployed. Typically, spam email messages disguising as open letter from reputable institution are used to deceive recipients. Body of the message contains enticing phrases that tries to convince user into opening the attached file.

Malicious links from social media sites and instant messaging program are also seen as method used in distributing Trojan:Win32/Occamy.C. Illegally distributed software and media materials may also contain code that can lead to the infection of this malware.


In order to run itself on Windows start-up, Trojan:Win32/Occamy.C will make a copy of itself under system files. Then, registry entry is created to call the file on each Windows boot-up. Apart from that, this malware will also drop non-malicious files on various folders of the compromised PC.

Trojan:Win32/Occamy.C occasionally connects to a remote host to execute tasks like the following:

  • Notify attacker on the new infection
  • Sends gathered data from the infected computer
  • Download and execute additional files including an updated version of the trojan
  • Accept command from a remote attacker


There is not much obvious symptom from this malware. Trojan:Win32/Occamy.C operates silently in the background. However, Microsoft Security Software may alert you on the presence of this trojan.

Trojan:Win32/Occamy.C is a malware that can drop malicious files onto the computer, which tend to lock files and demand payment from users in order to regain access. Some security programs deemed this threat as a Ransomware with that causes high potential damage.

This Trojan will drop the following files:

C:\Users\Username\AppData\Local\Microsoft\Windows\INet Cache\IE\MIPY49MB\MicrosoftSecurity[1].exe
C:\Users\Username\AppData\LocalLow\Microsoft\Cryptnet Url Cache\Content\5CEA8CFB8047B569B331D0E79D28457D

Aliases: Trojan-Ransom.Win32.Blocker.kqwj, Ransom.HiddenTear, Win32.Occamy


How can you remove Trojan:Win32/Occamy.C?

To totally remove Trojan:Win32/Occamy.C from the computer and get rid of relevant virus and trojan, please execute the procedures as stated on this page. Make sure that you have completely scan the system with suggested malware removal tools and virus scanners.

Windows XP, Windows Vista, and Windows 7 Instructions:

1. Open Microsoft Security Essentials by going to Windows Start > All Programs. If the tool is not yet installed on the computer, please download Microsoft Security Essentials from the link below. Save the file on your hard drive.

Complete installation guide and usage are also provided on the same link. It is essential in removing Trojan:Win32/Occamy.C effectively. If Microsoft Security Essentials is already installed on the PC, please proceed with the steps below.

2. On Microsoft Security Essentials Home screen, please choose Full under Scan Options.

MSE Full Scan

3. Click on Scan Now button to start detecting Trojan:Win32/Occamy.C items, viruses, and malware on the PC. Scan may take a while, please be patient and wait for the process to end.

Windows 8 / 10 Instructions:

Windows Defender is a free tool that was built to help you remove Trojan:Win32/Occamy.C, viruses, and other malicious items from Windows 8 system. Follow these procedures to scan your computer with Windows Defender:

1. Tap or click the Search charm, search for defender, and then open Windows Defender.

If Windows Defender is not yet installed on the computer, please proceed to download page using the link below. It also contains detailed instruction to install and use the program effectively. Proper usage is required to totally remove Trojan:Win32/Occamy.C.


2. On the Home tab, click Full under Scan Options. Click Scan now to start scanning for presence of Trojan:Win32/Occamy.C. The process may take a while to complete.


3. After the scan, delete/quarantine identified threats wether it is relevant to Trojan:Win32/Occamy.C or not. You may now restart Windows to complete the virus removal process.

Double Check with Malwarebytes Anti-Malware

1. Download Malwarebytes Anti-Malware from the link below. Save the file on your hard drive.

2. Once the download completes, double-click on the file MBSetup.exe to run the program.

3. Select desired installation package whether for Personal Computer or Work Computer.

4. On next window, click Install button to proceed.

MBAM Default Install

5. Just proceed with the succeeding prompts until it start to execute the installation procedure.

6. Installation process will take less than a minute. It should run automatically after completing the setup.

7. When Malwarebytes Anti-Malware interface appears, please select Scan on the menu. The program will check for any available update before proceeding. Do not skip this step. Virus scan may take a while, please wait for the process to finish.


8. When scanning is done, Malwarebytes Anti-Malware will display the list of identified threats. Remove all and restart the computer to finalized the scan process.

4 thoughts on “Trojan:Win32/Occamy.C

  1. Andreas Altheimer

    I found this trojan in a bios update from ACER!!! Acer Aspire E1-570G BIOS_Acer_2.06_Windows

  2. Cooper

    I was downloading Minecraft from, and I got a notification saying my real-time protection was off, and when I got to windows defender, it detected the Trojan!

  3. MK

    Someone I trusted asked me to download this game from “Steam” they sent me the link and once I know it the computer is infected :(

  4. Arb

    Interesting seeing such recent posts for this trojan. My computer just found it in a very old file I had downloaded years and years ago supposedly with keygens and cracks.

Leave a Reply

Your email address will not be published. Required fields are marked *