Zusy.394255 information

The Zusy.394255 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.394255 virus can do?

Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Zusy.394255?


File Info:
name: 01CDA6F848167D3CE51F.mlw
path: /opt/CAPEv2/storage/binaries/2748ab375789fbd6e96b72fc99ac8934608b29873ce8c9fe6640d2addf27dfad
crc32: E8547C8D
md5: 01cda6f848167d3ce51fd27e6e49464e
sha1: a80736c4248ed7619673ae663265bc2e2617de7c
sha256: 2748ab375789fbd6e96b72fc99ac8934608b29873ce8c9fe6640d2addf27dfad
sha512: dedcf97ccd0413ddceef646f96f077f8109c5a60f7708adb95fb022c6d1e66451fa1749d8ce62cc537bef81d6e40d43402ac557386d3033784bb3c9e5c661130
ssdeep: 98304:MdyO+dcAoYvcRyHKa1vY0ZOeyLSRNL2DdZXm+aa+:Mdy7vcRyHKaFY6OeyLwN2DbW+aa+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CEF523663A9A806ED2E21BF44C12987638FDDD132738966FA740793DC7BB4D27079423
sha3_384: 42ce0e73c40295e6a342cb77acc06e0ee293c49c6c58bf13f37f3b3609bb6b0daa504d2461be6b98438e934ffa5669a8
ep_bytes: 558bec6aff68e0c74100680089410064
timestamp: 2016-04-02 22:13:44

Version Info:
CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.7.0.3900
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2016 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: April 1, 2016
ProductName: 7-Zip SFX
ProductVersion: 1.7.0.3900
Translation: 0x0000 0x04b0

Zusy.394255 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Zusy.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.394255
FireEye	Gen:Variant.Zusy.394255
ALYac	Gen:Variant.Zusy.394255
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Wacatac.B
K7AntiVirus	Trojan ( 005803551 )
Alibaba	Packed:Win32/Generic.349f9a70
K7GW	Trojan ( 005803551 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.7zip.CP suspicious
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Zusy.394255
Ad-Aware	Gen:Variant.Zusy.394255
Emsisoft	Gen:Variant.Zusy.394255 (B)
McAfee-GW-Edition	BehavesLike.Win32.Generic.wc
Sophos	Mal/Generic-R + Troj/Agent-BGQN
GData	Gen:Variant.Zusy.394255
Jiangmin	HackTool.Agent.dhf
Avira	TR/Patched.Gen
Arcabit	Trojan.Zusy.D6040F
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!01CDA6F84816
MAX	malware (ai score=80)
Malwarebytes	Trojan.Dropper.Generic
Rising	Malware.AbnormalStub/SFX!1.D758 (CLASSIC)
Yandex	Riskware.Agent!DUnGc5Ho1PE
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.120057981.susgen
Fortinet	W32/Agent.ACXU!tr
BitDefenderTheta	Gen:NN.ZexaF.34212.nt3@aCyPqJm
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen

How to remove Zusy.394255?

Zusy.394255 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X