About “Adware.Zusy.189946” infection

Malware Removal

The Adware.Zusy.189946 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Review

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Adware.Zusy.189946 virus can do?

  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Steals private information from local Internet browsers

How to determine Adware.Zusy.189946?


File Info:

crc32: 4C50E680
md5: af303aabbc5554bb0014d848dfd74efd
name: wechat_baseinst1704_428288.exe
sha1: 801404c2685f92814807f6c44a4d4e57809fa366
sha256: b172a96683aa94833463350be937f6ce4598f106e75ad3b421cffcb439b97dbf
sha512: bfd8f69fc540f88f8a5b34b5bfd13abe5bc9fa8d9089a11db6b812728f7233357658b0987a2b36da07ff6290e349a39b4ff414c2aa652113c890e20e3053352f
ssdeep: 24576:gosnOivlPWGHYXi0aJGy8DuCkd/cYfk/D7mraGH5yrMqgQM5GXNXeFQsId:gbnv5WGHYXi0aJGvDu6jvrLeqNNsId
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2020
InternalName: x667ax80fdx4e0bx8f7dx5668.exe
FileVersion: 5.0.0.0619
ProductName: x667ax80fdx4e0bx8f7dx5668.exe
FileDescription: _
OriginalFilename: x667ax80fdx4e0bx8f7dx5668.exe
Translation: 0x0804 0x04b0

Adware.Zusy.189946 also known as:

MicroWorld-eScanGen:Variant.Adware.Zusy.189946
FireEyeGen:Variant.Adware.Zusy.189946
McAfeeArtemis!AF303AABBC55
ALYacGen:Variant.Adware.Zusy.189946
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusAdware ( 005694e51 )
BitDefenderGen:Variant.Adware.Zusy.189946
K7GWAdware ( 00510c5c1 )
TrendMicroTrojan.Win32.OCCAMY.USXVPFN20
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Adware-gen [Adw]
CynetMalicious (score: 85)
GDataGen:Variant.Adware.Zusy.189946
Kasperskynot-a-virus:Downloader.Win32.Agent.mjfc
AlibabaDownloader:Win32/Qjwmonkey.ef5cbccb
RisingAdware.Downloader!1.BDCA (CLOUD)
Endgamemalicious (high confidence)
SophosGeneric PUA IA (PUA)
ComodoApplicUnwnt@#20anogvgq9vx0
F-SecureAdware.ADWARE/Qjwmonkey.gnhpi
DrWebAdware.Qjwmonkey.168
ZillyaAdware.Qjwmonkey.Win32.668
EmsisoftApplication.Downloader (A)
CyrenW32/Adware.CDAY-7635
JiangminDownloader.Agent.noo
MaxSecureTrojan.Malware.121218.susgen
AviraADWARE/Qjwmonkey.gnhpi
Antiy-AVLRiskWare[Downloader]/Win32.Agent
ArcabitTrojan.Adware.Zusy.D2E5FA
ZoneAlarmnot-a-virus:Downloader.Win32.Agent.mjfc
MicrosoftPUA:Win32/Qjwmonkey
VBA32BScope.TrojanDropper.Dapato
Ad-AwareGen:Variant.Adware.Zusy.189946
MalwarebytesAdware.ChinAd
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Adware.Qjwmonkey.H
TrendMicro-HouseCallTrojan.Win32.OCCAMY.USXVPFN20
TencentMalware.Win32.Gencirc.10cdd887
MAXmalware (ai score=69)
eGambitTrojan.Generic
WebrootW32.Adware.Gen
AVGWin32:Adware-gen [Adw]
Paloaltogeneric.ml

How to remove Adware.Zusy.189946?

Adware.Zusy.189946 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment