About "Zusy.371082" infection

The Zusy.371082 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.371082 virus can do?

Executable code extraction
Creates RWX memory
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Queries information on disks, possibly for anti-virtualization
Behavior consistent with a dropper attempting to download the next stage.
Detects the presence of Wine emulator via registry key
Checks the version of Bios, possibly for anti-virtualization
Attempts to modify proxy settings
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

static.86.102.69.159.clients.your-server.de

How to determine Zusy.371082?


File Info:
crc32: 0E0DF959
md5: 763d37fb44fe305d524147e62309a1a5
name: 763D37FB44FE305D524147E62309A1A5.mlw
sha1: 3f259cf3d27ee85afd0c4e0074a25d8c27fb2332
sha256: 1a4c0282f3c6e344082cf0b7d8f44ba40f37b4da12b92ccf7e5ad387fb5d48a3
sha512: 5881c006aa432ed0e6c6cb2a00730f9f3a6a44635f1ab0a200a8d0d1cc8538f7a953e7d5d0449362d91c441132ef61fc39671386eb08726f072adee07e01f568
ssdeep: 24576:TKoCwGSyZ9ZTq941b/KhNiNA6fozSN9UUxu2qsQ7v8Cok7SBZjE0AvrbgAvIq5vR:RC/O4uiS61rg2C7Ok7SBATMAQ2vcO4zC
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
ProductVersion: 10.3.1.2364
ProductName: AECORF Internet Security
FileVersion: 10.3.1.2364
CompanyName: AECORF
Translation: 0x0409 0x04e4

Zusy.371082 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 00542a991 )
Lionic	Trojan.Win32.Ekstak.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.InstallCube.3825
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Mauvaise.SL1
ALYac	Gen:Variant.Zusy.371082
Cylance	Unsafe
Zillya	Adware.Ekstak.Win32.244
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Miner.0d0817a2
K7GW	Trojan ( 00542a991 )
Cybereason	malicious.b44fe3
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.GNJA
APEX	Malicious
Avast	Win32:ICLoader-X [Adw]
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Zusy.371082
NANO-Antivirus	Trojan.Win32.Ekstak.fkszmi
MicroWorld-eScan	Gen:Variant.Zusy.371082
Tencent	Malware.Win32.Gencirc.10cd3a66
Ad-Aware	Gen:Variant.Zusy.371082
Sophos	Mal/Generic-S
Comodo	Application.Win32.ICLoader.GS@84429a
BitDefenderTheta	Gen:NN.ZexaF.34236.nA0@aGtGBXli
McAfee-GW-Edition	BehavesLike.Win32.Generic.vh
FireEye	Generic.mg.763d37fb44fe305d
Emsisoft	Gen:Variant.Zusy.371082 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Ekstak.wln
Avira	TR/ICLoader.Gen8
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Trojan/Generic.ASMalwS.29B6AE7
Microsoft	SoftwareBundler:Win32/ICLoader
ZoneAlarm	HEUR:Packed.Win32.Katusha.gen
GData	Gen:Variant.Zusy.371082
TACHYON	Trojan/W32.Ekstak.2318336.K
AhnLab-V3	PUP/Win32.ICLoader.R246965
Acronis	suspicious
McAfee	Packed-FME!763D37FB44FE
MAX	malware (ai score=86)
VBA32	BScope.Adware.ICLoader
Malwarebytes	Adware.InstallCube
Panda	Trj/Genetic.gen
Rising	Trojan.Kryptik!1.AA23 (CLASSIC)
Ikarus	PUA.ICLoader
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/CoinMiner.GYQC!tr
AVG	Win32:ICLoader-X [Adw]
Paloalto	generic.ml

How to remove Zusy.371082?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Zusy.371082” infection