How to remove "Zusy.125607"?

The Zusy.125607 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.125607 virus can do?

Executable code extraction
Compression (or decompression)
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
Reads data out of its own binary image
A process created a hidden window
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial language used in binary resources: Russian
Uses Windows utilities for basic functionality
Steals private information from local Internet browsers
Exhibits behavior characteristic of Pony malware
Collects information about installed applications
Attempts to access Bitcoin/ALTCoin wallets
Harvests credentials from local FTP client softwares
Harvests information related to installed mail clients

Related domains:

z.whorecord.xyz

a.tomx.xyz

a-kovalev.ru

smeshariki-multi.ru

autonews-world.ru

www.gimnasiohontanar.edu.co

How to determine Zusy.125607?


File Info:
crc32: 4B8745E1
md5: 97fe3364b2b8650abc296568d1a47112
name: 97FE3364B2B8650ABC296568D1A47112.mlw
sha1: 9dd3eedc0fd859171f19112cdf9e37fa910b0b7e
sha256: 200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168
sha512: 690d779b52d3567e2e971040ecd4154778b68a83e07693082adb43436af4d6b01ef25b1ae3b207d7d9dff16e29bca18aba626b8b937db4eb0f3e634647c312ca
ssdeep: 3072:37MX5VEFom+cFpNgcinTzn8iVKRTV0K5eU5QQlVrI9l4DbHSrwHlm/2z2:0coRgpNgc/iVKRKKwPo2aDbHqoFz2
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
CompanyName: Dell Computer Corporation

Zusy.125607 also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.125607
FireEye	Generic.mg.97fe3364b2b8650a
CAT-QuickHeal	Ransom.TeslaCrypt.WR4
ALYac	Gen:Variant.Zusy.125607
Cylance	Unsafe
VIPRE	Trojan.Win32.Carberp.i (v)
Sangfor	Malware
BitDefender	Gen:Variant.Zusy.125607
Cybereason	malicious.4b2b86
Cyren	W32/S-220c0f98!Eldorado
Symantec	Trojan.Gen.2
APEX	Malicious
ClamAV	Win.Packed.Zbot-9791148-0
Kaspersky	HEUR:Trojan.Win32.Generic
Rising	Malware.Zbot!8.E95E (TFE:3:ZyXdVehQhiU)
Ad-Aware	Gen:Variant.Zusy.125607
Emsisoft	Gen:Variant.Zusy.125607 (B)
Comodo	TrojWare.Win32.PWS.Fareit.AK@5j7l28
F-Secure	Trojan.TR/ATRAPS.Gen4
DrWeb	Trojan.PWS.Stealer.13607
Invincea	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win32.Dropper.ch
Sophos	Mal/Generic-S
Ikarus	Win32.Outbreak
GData	Gen:Variant.Zusy.125607
Jiangmin	Trojan.Generic.gluin
Avira	TR/ATRAPS.Gen4
MAX	malware (ai score=86)
Arcabit	Trojan.Zusy.D1EAA7
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	PWS:Win32/Fareit.AJ!bit
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Fareit.R134516
Acronis	suspicious
McAfee	GenericATG-FBKJ!97FE3364B2B8
VBA32	BScope.TrojanPSW.Stealer
Malwarebytes	Spyware.Pony
ESET-NOD32	a variant of Win32/Kryptik.CWYX
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Glupteba.M!tr
BitDefenderTheta	Gen:NN.ZexaF.34634.lq3@aWa5kqbk
AVG	Win32:MalwareX-gen [Trj]
Avast	Win32:MalwareX-gen [Trj]
CrowdStrike	win/malicious_confidence_80% (D)
Qihoo-360	HEUR/QVM20.1.4CD7.Malware.Gen

How to remove Zusy.125607?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Zusy.125607”?