Zusy.380977 removal tips

The Zusy.380977 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.380977 virus can do?

At least one process apparently crashed during execution
Authenticode signature is invalid

How to determine Zusy.380977?


File Info:
name: 4F2800FC32DC61DDE3D7.mlw
path: /opt/CAPEv2/storage/binaries/365e3b25ef6456534a4943d4788c1f5cbe3d5a7aef2c5ba1e3c5d373b682595e
crc32: ABA7F75C
md5: 4f2800fc32dc61dde3d737ce611b529a
sha1: 5cf61473b55525136a3537849d97de56f9b8bf77
sha256: 365e3b25ef6456534a4943d4788c1f5cbe3d5a7aef2c5ba1e3c5d373b682595e
sha512: eed3f09901f36ef6d8782d10cb1dc94c9d91abf508d93bcacd54580339b7d745821c175dd850545bc0c5d9f335b92a0ff104ad44cee7b0668aec0b75341d5196
ssdeep: 768:9P0ymN9W7LsuE0WnSIxiPxPV/FKz6untxM:hAE7GfHsszFn4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E1E24B1AABB4963EE0B182732D31D7385F367E11646C4E0F364C592D6E24948EFA336D
sha3_384: 486a301c81f50ff3ba08c201cd7b1a93002a49a295156b6d3ba258a5ab3da95192531a8ff6fe050bbcd5b1ca0058860d
ep_bytes: 604b8bd73bc6750687d6ffcbb4c3c6c7
timestamp: 2012-08-03 03:49:29

Version Info:
Comments: Please visit http://www.internetdownloadmanager.com
CompanyName: Tonec Inc.
FileDescription: Internet Download Manager installer
FileVersion: 6, 12, 8, 1
InternalName: installer
LegalCopyright: © 1999-2012. Tonec, Inc. All rights reserved.
LegalTrademarks: Internet Download Manager (IDM)
OriginalFilename: installer.exe
PrivateBuild: 
ProductName: Internet Download Manager installer
ProductVersion: 6, 12, 8, 1
SpecialBuild: 
Translation: 0x0409 0x04b0

Zusy.380977 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.380977
FireEye	Gen:Variant.Zusy.380977
ALYac	Gen:Variant.Zusy.380977
BitDefender	Gen:Variant.Zusy.380977
Cybereason	malicious.3b5552
Cyren	W32/Sality.E.gen!Eldorado
APEX	Malicious
Avast	Win32:FileInfector-A [Heur]
NANO-Antivirus	Virus.Win32.Virut-Gen.bwpxnc
Rising	Malware.Heuristic!ET#80% (RDMK:cmRtazobA/Wk8qSSQ5wXIjvZpQm9)
Ad-Aware	Gen:Variant.Zusy.380977
Sophos	Generic ML PUA (PUA)
VIPRE	Virus.Win32.Sality.at!dam (v)
McAfee-GW-Edition	BehavesLike.Win32.Virus.nh
Emsisoft	Gen:Variant.Zusy.380977 (B)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Zusy.380977
Jiangmin	Win32/HLLP.Kuku.poly2
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!4F2800FC32DC
MAX	malware (ai score=87)
Cylance	Unsafe
Tencent	Virus.Win32.TuTu.tv
MaxSecure	Virus.Sality.AA
BitDefenderTheta	Gen:NN.ZexaF.34212.cm0@a47Odqbi
AVG	Win32:FileInfector-A [Heur]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Zusy.380977?

Zusy.380977 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X