Malware

Zusy.390513 removal

Malware Removal

The Zusy.390513 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Zusy.390513 virus can do?

  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Zusy.390513?


File Info:

name: 4DC41992CBEA0494CF3B.mlw
path: /opt/CAPEv2/storage/binaries/2f43105027f23c16461df23635fab19a6a2635b90efef4cf2300115e316ee448
crc32: 4E7A9041
md5: 4dc41992cbea0494cf3b576599d08606
sha1: e19fe258957eb6461d717ee4f45a2eff8fa16410
sha256: 2f43105027f23c16461df23635fab19a6a2635b90efef4cf2300115e316ee448
sha512: a223a290d4f5e24ecc9af6b5287c83598a0c88c8177471e1adb7dd95f15ad9a5c53a9bb8f7c047aaa3d55ee93ee1ae44782466d14c4cb3ff165cccbbd6c3e6eb
ssdeep: 98304:vOAqw+gANU0DKPbAT+Rq2vcv1+agUmHUqU1B56GAH7TvmfuwD4:vO5gAN9uMaU2q+adAU1BYTv8j0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F262327B6BEC2F0F8AD3EF456406B525972AE651A35E087C51F7CC4E933283D8296C4
sha3_384: 3e015ebb875ff39ecc0dfd134fd0a16cc9b097ee750ca401183928a0b73c36b16a6551c6a309372cd8e75f248e9019f9
ep_bytes: 558bec6aff6878c3410068c092410064
timestamp: 2012-05-10 11:37:50

Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.6.0.2478
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2012 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: May 10, 2012
ProductName: 7-Zip SFX
ProductVersion: 1.6.0.2478
Translation: 0x0000 0x04b0

Zusy.390513 also known as:

LionicTrojan.Win32.Crypzip.4!c
MicroWorld-eScanGen:Variant.Zusy.390513
FireEyeGen:Variant.Zusy.390513
ALYacGen:Variant.Zusy.390513
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Crypzip.fi
K7AntiVirusTrojan ( 0057e80b1 )
AlibabaTrojan:Win32/Crypzip.8da60b8e
K7GWTrojan ( 0057e80b1 )
CyrenW32/Trojan.QRCQ-2906
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Packed.7zip.CP suspicious
KasperskyTrojan.Win32.Crypzip.fi
BitDefenderGen:Variant.Zusy.390513
AvastWin32:Malware-gen
TencentWin32.Trojan.Crypzip.Phgu
Ad-AwareGen:Variant.Zusy.390513
EmsisoftGen:Variant.Zusy.390513 (B)
TrendMicroTROJ_GEN.R007C0WHO21
McAfee-GW-EditionBehavesLike.Win32.BadFile.rc
SophosMal/Generic-S
GDataGen:Variant.Zusy.390513
JiangminHackTool.KMSAuto.gr
MaxSecureTrojan.Malware.116864819.susgen
AviraTR/Redcap.lssww
MAXmalware (ai score=80)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
McAfeeArtemis!4DC41992CBEA
VBA32Trojan.Crypzip
MalwarebytesTrojan.Dropper.Generic
TrendMicro-HouseCallTROJ_GEN.R007C0WHO21
RisingTrojan.HiddenRun/SFX!1.D57B (CLASSIC)
YandexTrojan.Crypzip!kqJCN3NA8zI
FortinetRiskware/Crypzip
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Zusy.390513?

Zusy.390513 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment