Malware

Zusy.107547 removal guide

Malware Removal

The Zusy.107547 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.107547 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to stop active services
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Attempts to disable UAC
  • Attempts to modify or disable Security Center warnings
  • Attempts to modify UAC prompt behavior
  • Anomalous binary characteristics
  • Attempts to modify user notification settings

How to determine Zusy.107547?



File Info:

crc32: 098FF40B
md5: 4e8e393d84d10939ea574cd27e5b5827
name: 4E8E393D84D10939EA574CD27E5B5827.mlw
sha1: 35bba3305b879fb1b815c2fa0aeb6bac730cae2f
sha256: 7d7e1df686b4275b2d13b7888132efd822a09ecdcc18462968106370047cf7c2
sha512: 9486707b6d4295bb63cb2cf33ed0a6c63a230f7b38cd8dda6f2f536a20e9e59f549be51724a3935d9eae0fdc3eb2ceba84820c9de4cab59f51131d7acdd0e338
ssdeep: 12288:onNN9nmPCfZKhdhE8QCuEuKmvi4KdMVRfgWeKidBMuwqn:oNzgQ2J44Uhuj
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: All Rights reserved xa9 2005-2009                                                                     
FileDescription: AVASetup Info                                               
FileVersion:                     
Comments: This installation was built with Inno Setup.
CompanyName:                                                             
Translation: 0x0409 0x04e4

Zusy.107547 also known as:

BkavW32.Common.5CAC0FA5
K7AntiVirusTrojan ( 0055dd191 )
Elasticmalicious (high confidence)
DrWebTrojan.Fakealert.39122
CynetMalicious (score: 100)
ALYacGen:Variant.Zusy.107547
ZillyaTrojan.Blocker.Win32.7868
SangforTrojan.Win32.Save.a
K7GWTrojan ( 0055dd191 )
Cybereasonmalicious.d84d10
CyrenW32/Ransom.AC.gen!Eldorado
SymantecTrojan.FakeAV
ESET-NOD32a variant of Win32/Kryptik.BEBL
APEXMalicious
TotalDefenseWin32/FakAV.A
AvastWin32:FakeAV-ETD [Trj]
ClamAVWin.Trojan.Generickdz-9763206-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.107547
NANO-AntivirusTrojan.Win32.Fakealert.bxplzp
SUPERAntiSpywareTrojan.Agent/Gen-Winwebsec
MicroWorld-eScanGen:Variant.Zusy.107547
TencentMalware.Win32.Gencirc.10b77a55
Ad-AwareGen:Variant.Zusy.107547
SophosMal/Generic-R + Mal/FakeAV-OY
ComodoTrojWare.Win32.FakeAV.ALM@4ykx3g
BitDefenderThetaGen:NN.ZelphiF.34628.DG0@a8PdY3hi
VIPRETrojan.Win32.Fakeav.qvsm (v)
TrendMicroTROJ_RANSOM.SM04
McAfee-GW-EditionBehavesLike.Win32.Dropper.gc
FireEyeGeneric.mg.4e8e393d84d10939
EmsisoftGen:Variant.Zusy.107547 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Foreign.pva
WebrootW32.Rogue.Gen
AviraHEUR/AGEN.1114880
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Heur.KVMF58.hy.(kcloud)
MicrosoftRogue:Win32/Winwebsec
ArcabitTrojan.Zusy.D1A41B
GDataGen:Variant.Zusy.107547
AhnLab-V3Trojan/Win32.FakeAV.R70710
McAfeeRansom-FCLP!4E8E393D84D1
MAXmalware (ai score=83)
VBA32Malware-Cryptor.MTA
MalwarebytesMalware.AI.1024959568
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_RANSOM.SM04
RisingTrojan.Win32.Generic.1578606B (C64:YzY0Om7csx8u/qZV)
YandexTrojan.GenAsa!RjjMmGGJH9I
IkarusTrojan.Win32.FakeAV
FortinetW32/FakeAV.QVSM!tr
AVGWin32:FakeAV-ETD [Trj]
Qihoo-360Win32/Trojan.Ransom.a17

How to remove Zusy.107547?

Zusy.107547 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment