About “Zusy.381469” infection

Malware Removal

The Zusy.381469 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Zusy.381469 virus can do?

  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Zusy.381469?


File Info:

crc32: 25C6D986
md5: 2d5f20568192a5b1499e706cafac8bc5
name: 2D5F20568192A5B1499E706CAFAC8BC5.mlw
sha1: 79e8744ad73e0e115caf715412f339c06b1725c4
sha256: 55aa1bbb7e455cb95bb934581c2e7173f182ba5b6c0b6bdaef139bc285ba665e
sha512: a35138db1d58f2bd7c1417366ecebf0b13b6ec0fb39fcc3533bba46efa32859c6ceccdd7ab14ce500f687f81ebbfe5d976022b2d1aaf8647edd39ac074cdfef4
ssdeep: 49152:TtBcv14+VjKZAv75pa9SvAbIsvoFvFTslitzUkZYEuisJcCHGfU7g:DA1FjKZG7u9SvAbIEoFvFTOkZYGycCH
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: TODO: (c) . All rights reserved.
InternalName: Patch.exe
FileVersion: 1.0.0.1
CompanyName: TODO:
ProductName: TODO:
ProductVersion: 1.0.0.1
FileDescription: Patch
OriginalFilename: Patch.exe
Translation: 0x0409 0x04b0

Zusy.381469 also known as:

K7AntiVirusTrojan ( 7000001c1 )
CAT-QuickHealTrojan.Phonzy
ALYacGen:Variant.Zusy.381469
CylanceUnsafe
ZillyaAdware.Amonetize.Win32.43451
SangforTrojan.Script.Phonzy.A
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaPacked:Win32/VMProtect.7d6c62a1
K7GWTrojan ( 7000001c1 )
Cybereasonmalicious.68192a
BaiduWin32.Packed.VMProtect.a
CyrenW32/Trojan.NPFO-1467
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.VMProtect.ABD
APEXMalicious
AvastWin32:Malware-gen
BitDefenderGen:Variant.Zusy.381469
NANO-AntivirusRiskware.Win32.Amonetize.elgxuq
MicroWorld-eScanGen:Variant.Zusy.381469
TencentMalware.Win32.Gencirc.10b24ae9
Ad-AwareGen:Variant.Zusy.381469
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34688.Lv0@ayFzYtdj
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Dropper.th
FireEyeGeneric.mg.2d5f20568192a5b1
EmsisoftGen:Variant.Zusy.381469 (B)
JiangminAdWare.Amonetize.aorj
Antiy-AVLTrojan/Generic.ASMalwS.2119D40
MicrosoftTrojan:Script/Phonzy.A!ml
GridinsoftTrojan.Win32.Packed.vb!s1
ArcabitTrojan.Zusy.D5D21D
AegisLabTrojan.Win32.Ursu.4!c
GDataGen:Variant.Zusy.381469
McAfeeArtemis!2D5F20568192
MAXmalware (ai score=81)
VBA32AdWare.Amonetize
MalwarebytesMalware.AI.3667940339
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002H0CE421
RisingTrojan.Generic@ML.92 (RDML:o7QSJNlQzqLzJSJPyCYENA)
IkarusTrojan.Win32.VMProtect
MaxSecureTrojan.Malware.73773164.susgen
FortinetW32/Generic.AC.35B42B!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Zusy.381469?

Zusy.381469 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment