Categories: Malware

Zusy.379289 removal instruction

The Zusy.379289 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Zusy.379289 virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs
Creates a copy of itself
Anomalous binary characteristics

How to determine Zusy.379289?


File Info:
crc32: 18B1071Amd5: c7ed4f0a960a24d370b762844ef7c2dename: C7ED4F0A960A24D370B762844EF7C2DE.mlwsha1: c22416110117caf4cd2f63002afd11fe4b2277e5sha256: b0d2488eefefde56017a75a9c543ac6f2cce267e52f0444aa59993246713e911sha512: 5ab78e8c3098594df66b45e329a78b0cd6fdc6154c8bccf3465a11be9fc0f8ba43caa1933457a60c9c96b468fb429c8a9403bbd72bfc3b16f2e23ac10282b0b6ssdeep: 24576:9SZJbvE34yDm0z1f9WH5Vdy/xSq6Vum1htsftrSXSVRJU1/2sdAK+sJzr:9S/vE3hDm21f9ErMJKH1/VSVRa1/2sdVtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2002,2003 Georgi Georgiev and Stanimir Jordanov (Demosten)InternalName: vISOFileVersion: 1, 1, 0, 2CompanyName: PrivateBuild: LegalTrademarks: Comments: Visual ISO helps you to create mkisofs path filesProductName: CDR Tools Front End by DemostenSpecialBuild: ProductVersion: 1, 4, 0, 0FileDescription: Visual ISOOriginalFilename: vISO.exeTranslation: 0x0409 0x04b0

Zusy.379289 also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 005610711 )
Lionic	Trojan.Win32.Staser.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop11.28728
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Zusy.379289
Cylance	Unsafe
Sangfor	Trojan.Win32.Agent.ihjkv
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Trojan:Win32/Staser.52ae4a9d
K7GW	Trojan ( 005610711 )
Cybereason	malicious.a960a2
Cyren	W32/Kryptik.DER.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HBHI
APEX	Malicious
Avast	Win32:CrypterX-gen [Trj]
ClamAV	Win.Packed.Adrozek-9811562-0
Kaspersky	HEUR:Trojan.Win32.Staser.vho
BitDefender	Gen:Variant.Zusy.379289
NANO-Antivirus	Trojan.Win32.Staser.hcthat
MicroWorld-eScan	Gen:Variant.Zusy.379289
Tencent	Win32.Trojan.Staser.Tbir
Ad-Aware	Gen:Variant.Zusy.379289
Sophos	Mal/Generic-R + Troj/Agent-BEQV
BitDefenderTheta	Gen:NN.ZexaF.34266.zv1@aOQvGHki
TrendMicro	TROJ_GEN.R007C0PKE21
McAfee-GW-Edition	GenericRXKW-PM!C7ED4F0A960A
FireEye	Generic.mg.c7ed4f0a960a24d3
Emsisoft	Gen:Variant.Zusy.379289 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanDownloader.Razy.he
Avira	HEUR/AGEN.1143574
Microsoft	BrowserModifier:Win32/Adrozek
SUPERAntiSpyware	Trojan.Agent/Gen-Staser
GData	Gen:Variant.Zusy.379289
AhnLab-V3	PUP/Win32.Bundler.R326977
Acronis	suspicious
McAfee	GenericRXKW-PM!C7ED4F0A960A
MAX	malware (ai score=89)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Adware.DownloadAssistant
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R007C0PKE21
Rising	Trojan.Kryptik!1.AA23 (CLASSIC)
Yandex	Trojan.Staser!0N6k/aMNLSk
Ikarus	PUA.ICLoader
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.HASW!tr
AVG	Win32:CrypterX-gen [Trj]
Paloalto	generic.ml