Malware

How to remove “Zusy.321629 (B)”?

Malware Removal

The Zusy.321629 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.321629 (B) virus can do?

  • Network activity detected but not expressed in API logs

How to determine Zusy.321629 (B)?



File Info:

crc32: E4CF5322
md5: 639030c8cb5050cf3e6dfaa6c8f9af3d
name: 639030C8CB5050CF3E6DFAA6C8F9AF3D.mlw
sha1: e409c9184f1593af1a4f0413e6e4e78bd7cee7cd
sha256: 8222ea9e95194b7be1809661fb648e06b3dbae1b1aacebb229d9070e6073276c
sha512: 1f6b9e89696bb0cda19902573b8a17e37c2ba556fbf7e966a97f010950c2235f900f89ba41df2f85e4ca6b02b41e9d64084f609702991671df552bff1c679643
ssdeep: 6144:IcxWx5mp6qvozutvl0jXOa5gsv/ncBSo61FxLAOfG4YsV1:IcxyQpDvozutvl0bOa5g6/Q+FxLdhV
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

IsPrivateBuild: False
ProductVersionRaw: 10.0.19041.546
InternalName: dllhost.exe
FilePrivatePart: 546
FileMajorPart: 10
FileMinorPart: 0
FileBuildPart: 19041
FileVersion: 10.0.19041.546 (WinBuild.160101.0800)
ProductVersion: 10.0.19041.546
FileDescription: COM Surrogate
ProductPrivatePart: 546
ProductBuildPart: 19041
OriginalFilename: dllhost.exe
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
FileVersionRaw: 10.0.19041.546
ProductMajorPart: 10
ProductMinorPart: 0
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
IsDebug: False
IsPatched: False
IsPreRelease: False
IsSpecialBuild: False
Translation: 0x0409 0x04b0

Zusy.321629 (B) also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacGen:Variant.Zusy.321629
CylanceUnsafe
CrowdStrikewin/malicious_confidence_90% (W)
BitDefenderGen:Variant.Zusy.321629
Cybereasonmalicious.8cb505
APEXMalicious
KasperskyHEUR:Trojan-Banker.Win32.ClipBanker.gen
MicroWorld-eScanGen:Variant.Zusy.321629
Ad-AwareGen:Variant.Zusy.321629
SophosGeneric ML PUA (PUA)
BitDefenderThetaGen:NN.ZexaF.34738.Fu0@aqS3lHgi
McAfee-GW-EditionBehavesLike.Win32.Generic.hm
FireEyeGeneric.mg.639030c8cb5050cf
EmsisoftGen:Variant.Zusy.321629 (B)
MicrosoftProgram:Win32/Wacapew.C!ml
GDataGen:Variant.Zusy.321629
McAfeeArtemis!639030C8CB50
MAXmalware (ai score=81)
VBA32BScope.TrojanBanker.ClipBanker
PandaTrj/GdSda.A
RisingTrojan.Generic@ML.94 (RDML:f+r6HU8HmHP/fpTpaZJDeQ)

How to remove Zusy.321629 (B)?

Zusy.321629 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment