Zusy.356049 removal

The Zusy.356049 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.356049 virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Queries information on disks, possibly for anti-virtualization
Behavior consistent with a dropper attempting to download the next stage.
Detects the presence of Wine emulator via registry key
Checks the version of Bios, possibly for anti-virtualization
Attempts to modify proxy settings
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

static.86.102.69.159.clients.your-server.de

How to determine Zusy.356049?


File Info:
crc32: F0A1EB48
md5: 4e6910cdd0ec1d385a17bcc633bae976
name: 4E6910CDD0EC1D385A17BCC633BAE976.mlw
sha1: 7de1ae14bcc80e1b35d9a085188873f321ba72ab
sha256: 02926d677bfd2ae4f5f962eda6f00d90c257bcbe5d566ed8ae7ef9900a4fd792
sha512: 7b93b1c54828ca17d8b360443e3f0372457a8f1493e01318a52a6f38bbe4f17875071317812f09afd9b7148a72f21f2b6c43ecd199eb785ca3c4fba788d1c45a
ssdeep: 49152:nGp0JjIWbgHnpYBUrhojBk7SjATMAQ2vcO4z8:nIAkWcgUtojlAAAhvcO5
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
ProductVersion: 10.2.1.2363
ProductName: ADCORE Internet Security
FileVersion: 10.2.1.2363
CompanyName: ADCORE
Translation: 0x0409 0x04e4

Zusy.356049 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 00545ca21 )
Lionic	Trojan.Win32.Ekstak.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.InstallCube.3825
Cynet	Malicious (score: 100)
CAT-QuickHeal	PUA.MauvaiseRI.S5264012
ALYac	Gen:Variant.Zusy.356049
Cylance	Unsafe
Zillya	Trojan.Ekstak.Win32.16765
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
Alibaba	Trojan:Win32/Katusha.db5e99d2
K7GW	Trojan ( 00545ca21 )
Cybereason	malicious.dd0ec1
Cyren	W32/Icloader.CB.gen!Eldorado
Symantec	PUA.ICLoader
ESET-NOD32	a variant of Win32/Kryptik.GNHK
APEX	Malicious
Avast	Win32:ICLoader-X [Adw]
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Zusy.356049
NANO-Antivirus	Trojan.Win32.Ekstak.fkshwd
MicroWorld-eScan	Gen:Variant.Zusy.356049
Tencent	Malware.Win32.Gencirc.114d863c
Ad-Aware	Gen:Variant.Zusy.356049
Sophos	Generic PUA HN (PUA)
Comodo	Application.Win32.ICLoader.GS@84429a
BitDefenderTheta	Gen:NN.ZexaF.34236.qA0@a8kk4rki
McAfee-GW-Edition	BehavesLike.Win32.Worm.vh
FireEye	Generic.mg.4e6910cdd0ec1d38
Emsisoft	Application.Generic (A)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Generic.hbubm
Avira	TR/ICLoader.Gen8
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASMalwS.29C6220
Microsoft	SoftwareBundler:Win32/ICLoader
ZoneAlarm	HEUR:Packed.Win32.Katusha.gen
GData	Gen:Variant.Zusy.356049
TACHYON	Trojan/W32.Ekstak.2367488.S
AhnLab-V3	PUP/Win32.ICLoader.R246964
Acronis	suspicious
McAfee	Packed-FME!4E6910CDD0EC
MAX	malware (ai score=88)
VBA32	BScope.Trojan.InstallCube
Malwarebytes	Adware.InstallCube
Panda	Trj/Genetic.gen
Rising	Trojan.Kryptik!1.AA23 (CLASSIC)
Yandex	Trojan.GenAsa!kxp19Fprw0w
Ikarus	PUA.ICLoader
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/CoinMiner.GYQC!tr
AVG	Win32:ICLoader-X [Adw]
Paloalto	generic.ml

How to remove Zusy.356049?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.