Should I remove "Zusy.170236"?

The Zusy.170236 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.170236 virus can do?

Expresses interest in specific running processes
Reads data out of its own binary image
Drops a binary and executes it
Uses Windows utilities for basic functionality
A process attempted to delay the analysis task by a long amount of time.
Attempts to repeatedly call a single API many times in order to delay analysis time
Installs itself for autorun at Windows startup
Creates a hidden or system file
Likely virus infection of existing system binary
Creates a copy of itself
The sample wrote data to the system hosts file.
Attempts to modify or disable Security Center warnings

Related domains:

z.whorecord.xyz

a.tomx.xyz

effortbuilt.net

thosewhile.net

journeymeasure.net

creightonaraminta.net

leastform.net

mostaugust.net

How to determine Zusy.170236?


File Info:
crc32: 2362F780
md5: 8506fd84b896572c6f487967ba6bc443
name: 8506FD84B896572C6F487967BA6BC443.mlw
sha1: 5fa846cdeb6ce9c24bcf7d5d32726f6a39cc8d0a
sha256: efb489aa960d45922665cd9e38c68cb68a85bb99dd196bd7db3f6bcc2f68d10d
sha512: 7308bb3d73e4ba197997fd754d981d7823e362a5e3729ac53601876204cd4dfcb83e7d60cc5de86f0c29d6b63eb70ee84992233fc7bbde0c3ede2a5672b1257a
ssdeep: 49152:egc4k9P+1xbq2BgI5kMXE4x7nid2J/70UY7Uqe+3i:egt4P+1xbq2BgI5FXfx7id2J/jo
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Zusy.170236 also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader25.54616
MicroWorld-eScan	Gen:Variant.Zusy.170236
FireEye	Generic.mg.8506fd84b896572c
CAT-QuickHeal	Trojanspy.Nivdort.S4
McAfee	Nivdort!8506FD84B896
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Symmi.4!c
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004d7cd41 )
BitDefender	Gen:Variant.Zusy.170236
K7GW	Trojan ( 004d4f0d1 )
Cybereason	malicious.4b8965
BitDefenderTheta	Gen:NN.ZexaF.34804.SnW@auDsUwp
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_BAYROB.SM9
Avast	Win32:Malware-gen
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Trojan:Win32/Bayrob.2217df98
NANO-Antivirus	Trojan.Win32.Kryptik.euwyvu
Rising	Trojan.Generic!8.C3 (CLOUD)
Ad-Aware	Gen:Variant.Zusy.170236
Emsisoft	Gen:Variant.Zusy.170236 (B)
Comodo	Malware@#2dgyk3lc53wg9
F-Secure	Heuristic.HEUR/AGEN.1102747
Zillya	Trojan.Generic.Win32.1292237
TrendMicro	TROJ_BAYROB.SM9
McAfee-GW-Edition	BehavesLike.Win32.DLAssistant.th
SentinelOne	Static AI – Suspicious PE
Sophos	ML/PE-A + Troj/Nivdor-D
Ikarus	Trojan.Win32.Crypt
Jiangmin	Trojan.Generic.gpbgn
Avira	HEUR/AGEN.1102747
Microsoft	Trojan:Win32/Nivdort.A
Gridinsoft	Trojan.Win32.Downloader.oa
Arcabit	Trojan.Zusy.D298FC
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Zusy.170236
Cynet	Malicious (score: 85)
VBA32	BScope.Trojan.Nivdort
ALYac	Gen:Variant.Zusy.170236
MAX	malware (ai score=100)
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Genetic.gen
APEX	Malicious
ESET-NOD32	a variant of Win32/Bayrob.CR
Tencent	Win32.Trojan.Generic.Dxmk
Yandex	Trojan.Agent!yJG7Y0RTgzw
Fortinet	W32/Bayrob.AQ!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_80% (D)
Qihoo-360	Win32/Trojan.09e

How to remove Zusy.170236?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Zusy.170236”?