Malware

What is “Zusy.346759”?

Malware Removal

The Zusy.346759 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.346759 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to delete volume shadow copies
  • A system process is generating network traffic likely as a result of process injection
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Creates a copy of itself
  • Harvests information related to installed mail clients
  • Uses suspicious command line tools or Windows utilities

How to determine Zusy.346759?



File Info:

crc32: 5AB21A8D
md5: 537f3a22bb83b8643c0f676887d49f57
name: 537F3A22BB83B8643C0F676887D49F57.mlw
sha1: 56ffad3ee1a96ea2d3d2bc4c75fdf8beda216738
sha256: 1473d1688a73b47d1a08dd591ffc5b5591860e3deb79a47aa35e987b2956adf4
sha512: 55d28f6cb62e1cf5fd69b978d7500fb2953ce4b5077abdfddb7e29c3be668840565b484396af8556b8377160b24ee5aa4a1422a07702afc82df8473ce2805f8c
ssdeep: 6144:DCQL7YwVl7KFvhAp080OqKoePvHgQNF2Bjj2DSAKYcTSa3qK:DCQ4g7KR7OqKoe3HgQuFjTYcTSaaK
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2018
InternalName: HD Tune Pro
FileVersion: 2, 0, 1, 8
CompanyName: EFT Software
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: HD Tune Pro
SpecialBuild: 
ProductVersion: 5, 8, 0, 2
FileDescription: HH Tune Pros
OriginalFilename: HDTunePro.EXE
Translation: 0x0409 0x04b0

Zusy.346759 also known as:

BkavW32.Common.497B2BC6
K7AntiVirusTrojan ( 0055e3ef1 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.761
CynetMalicious (score: 100)
CAT-QuickHealRansom.Teerac.A5
ALYacGen:Variant.Zusy.346759
CylanceUnsafe
ZillyaTrojan.Crypren.Win32.129
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/Teerac.cb2ae678
K7GWTrojan ( 0055e3ef1 )
Cybereasonmalicious.2bb83b
CyrenW32/Filecoder.BFQY-6086
SymantecMobileInsightAppRisk:Generisk
SymantecRansom.Enciphered
ESET-NOD32Win32/Filecoder.TorrentLocker.A
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Dropper.Zeus-9819554-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.346759
NANO-AntivirusTrojan.Win32.Crypren.dohvff
ViRobotTrojan.Win32.Agent.100864.S
SUPERAntiSpywareRansom.CryptoLocker/Variant
MicroWorld-eScanGen:Variant.Zusy.346759
TencentWin32.Trojan.Fakedoc.Auto
Ad-AwareGen:Variant.Zusy.346759
SophosMal/Generic-R + Troj/Ransom-AQU
ComodoMalware@#3k0kub7xa355t
BitDefenderThetaGen:NN.ZexaF.34628.Du0@aKdZmRni
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_CRYPDEF.WAP
McAfee-GW-EditionRansom-FXH!537F3A22BB83
FireEyeGeneric.mg.537f3a22bb83b864
EmsisoftGen:Variant.Zusy.346759 (B)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Ctblocker
AviraTR/FileCoder.489984
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftRansom:Win32/Teerac.A
ArcabitTrojan.Zusy.D54A87
GDataGen:Variant.Zusy.346759
TACHYONTrojan/W32.Crypren.489984
AhnLab-V3Trojan/Win32.ZBot.C733492
McAfeeRansom-FXH!537F3A22BB83
MAXmalware (ai score=100)
VBA32Trojan.Encoder
MalwarebytesTrojan.Agent.ED
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_CRYPDEF.WAP
RisingDropper.Generic!8.35E (CLOUD)
YandexTrojan.GenAsa!nSx1VdElcgQ
IkarusTrojan.Win32.Crypt
FortinetW32/Filecoder.DI!tr
AVGWin32:Trojan-gen
Qihoo-360Win32/Ransom.TorrentLocker.HwoCEpsA

How to remove Zusy.346759?

Zusy.346759 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment