Malware

What is “Zusy.321629”?

Malware Removal

The Zusy.321629 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.321629 virus can do?

  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Zusy.321629?



File Info:

crc32: AF353A98
md5: 9b74f9a76fcbc9c5333970ca7ff57f41
name: 9B74F9A76FCBC9C5333970CA7FF57F41.mlw
sha1: d6ad90f580485735073e2ee9a7b790de3f6484d5
sha256: b528c35d6cff4b42ab8b6e233ac697ea662ba66a46484451abaaa74e7d22bb15
sha512: fe879b657b569fd80b7c378a304e2eb9776569c1fe5bc5332bee316cb04046357cad87d88e0a4e775dc517cfabaf8e3fc85a6e97a62ddaa5f1adb252e32164a4
ssdeep: 6144:oIzUhNma6qvozutvl0jXOa5gsv/ncBSo61FNLAOhG4YsV1:oIzsEaDvozutvl0bOa5g6/Q+FNLPhV
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

IsPrivateBuild: False
ProductVersionRaw: 10.0.19041.546
InternalName: dllhost.exe
FilePrivatePart: 546
FileMajorPart: 10
FileMinorPart: 0
FileBuildPart: 19041
FileVersion: 10.0.19041.546 (WinBuild.160101.0800)
ProductVersion: 10.0.19041.546
FileDescription: COM Surrogate
ProductPrivatePart: 546
ProductBuildPart: 19041
OriginalFilename: dllhost.exe
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
FileVersionRaw: 10.0.19041.546
ProductMajorPart: 10
ProductMinorPart: 0
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
IsDebug: False
IsPatched: False
IsPreRelease: False
IsSpecialBuild: False
Translation: 0x0409 0x04b0

Zusy.321629 also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacGen:Variant.Zusy.321629
CylanceUnsafe
BitDefenderGen:Variant.Zusy.321629
Cybereasonmalicious.76fcbc
APEXMalicious
MicroWorld-eScanGen:Variant.Zusy.321629
Ad-AwareGen:Variant.Zusy.321629
SophosGeneric ML PUA (PUA)
BitDefenderThetaGen:NN.ZexaF.34722.Fu0@a4tE1odi
FireEyeGeneric.mg.9b74f9a76fcbc9c5
EmsisoftGen:Variant.Zusy.321629 (B)
MicrosoftProgram:Win32/Wacapew.C!ml
ArcabitTrojan.Zusy.D4E85D
GDataGen:Variant.Zusy.321629
MAXmalware (ai score=87)
VBA32BScope.TrojanBanker.ClipBanker
RisingMalware.Heuristic!ET#85% (RDMK:cmRtazrmRHGOTqst2RdkSGHdXl3f)

How to remove Zusy.321629?

Zusy.321629 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment