Malware

Zusy.297650 (B) removal guide

Malware Removal

The Zusy.297650 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.297650 (B) virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a slightly modified copy of itself

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Zusy.297650 (B)?



File Info:

crc32: F1A6C707
md5: c55e27166c79873913bd5d4b5f3787c4
name: C55E27166C79873913BD5D4B5F3787C4.mlw
sha1: ae649c013079403c497f64119fe3aa127c56ef0a
sha256: 3d06f0bae062ee37b60b0a4ca25fe2a27f817c8d375f2a2721bd4b7951e23d31
sha512: ddf4c688256596f86fdfbde59558819fb2a99a13040124ac402a4c85cff05d9358e3b793bbb7abf0d268bd53f0ec62cd80a48c1baae3a2fd5dd0b07f4a3d9f8a
ssdeep: 24576:hxY3NtGUmJr+4Obxd+tPZSZciE6EhE9xY3NtGUmJr+4Obxd+tPZSZ4iE6EhE7:LY3buzMX0IY3buzMn0E
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Zusy.297650 (B) also known as:

K7AntiVirusTrojan-Downloader ( 0001b7311 )
DrWebTrojan.PWS.Gamania.10780
MicroWorld-eScanGen:Variant.Zusy.297650
ALYacGen:Variant.Zusy.297650
CylanceUnsafe
ZillyaTrojan.Banker.Win32.55
SangforMalware
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojanSpy:Win32/Banker.f6102ffa
K7GWTrojan-Downloader ( 0001b7311 )
Cybereasonmalicious.66c798
TrendMicroTROJ_FAM_0000747.TOMA
CyrenW32/Trojan.ORSB-8183
SymantecTrojan.FakeAV
ESET-NOD32a variant of Win32/TrojanDownloader.FakeAlert.VA
ZonerTrojan.Win32.89386
APEXMalicious
TotalDefenseWin32/Oneraw.JJ
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Bancos-17785
GDataWin32.Trojan.FakeAV.Q
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.297650
NANO-AntivirusTrojan.Win32.Banker.oygn
ViRobotTrojan.Win32.Banker.766787
SUPERAntiSpywareTrojan.Agent/Gen-DownloaderBanload
TencentMalware.Win32.Gencirc.10b07a10
Ad-AwareGen:Variant.Zusy.297650
SophosMal/Banker-F
ComodoTrojWare.Win32.TrojanDownloader.Banload.~AHI@7lad3
F-SecureTrojan.TR/Delf.865208
BitDefenderThetaGen:NN.ZelphiF.34110.LHZ@ayJW84gO
VIPRETrojan.Win32.Generic!BT
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Generic.th
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.c55e27166c798739
EmsisoftGen:Variant.Zusy.297650 (B)
SentinelOneDFI – Suspicious PE
F-ProtW32/Trojan2.JTRU
Endgamemalicious (high confidence)
WebrootW32.Trojan.Gen
AviraTR/Delf.865208
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan[Banker]/Win32.Banker
MicrosoftTrojanSpy:Win32/Banker.LY
JiangminTrojanSpy.Banker.rxi
ArcabitTrojan.Zusy.D48AB2
AegisLabTrojan.Win32.Generic.4!e
ZoneAlarmHEUR:Trojan.Win32.Generic
TACHYONBanker/W32.DP-Pharm.1663125
AhnLab-V3Trojan/Win32.Banker.R8976
Acronissuspicious
McAfeeFakeAV-DR
MAXmalware (ai score=81)
VBA32TrojanPSW.Gamania
MalwarebytesTrojan.Banker
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_FAM_0000747.TOMA
RisingDownloader.FakeAlert!8.4FF (TFE:4:gZaiDzu7H9B)
YandexTrojan.PWS.Banker!at4P5MVsOAQ
IkarusTrojan-Banker.Win32.Banker
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/FAKEAV.Q!tr
AVGWin32:Trojan-gen
Qihoo-360Generic/HEUR/QVM05.1.0CE6.Malware.Gen

How to remove Zusy.297650 (B)?

Zusy.297650 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment