About “Zusy.452834” infection

The Zusy.452834 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.452834 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Zusy.452834?


File Info:
name: FB57F8D036DBAC013716.mlw
path: /opt/CAPEv2/storage/binaries/ae1716600c9df7a61a58cfe0ccff735899e975835362d882d74c19687211202a
crc32: 9D621DC8
md5: fb57f8d036dbac013716be9da3b137a8
sha1: 114cbb59b65bda8d4b46eab5f7f9bcd779ed506c
sha256: ae1716600c9df7a61a58cfe0ccff735899e975835362d882d74c19687211202a
sha512: bd19b5bedf78eaf5aa2147fbb2a4e2f38e553f3be2dcf32d8f63a39aed544b501df58b1f9bdbaeae452fc061db51cdaeb8d84e820b8d20046778c7970ac27c01
ssdeep: 3072:nUWVPvSG+DrGPFhFCai7Z6BO3j5g+7OqqtGUp:nUQSwy7Z643jZ4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T120C35B2F79618072F41426FAC2B237389B7CDB1324B188ABDBA0FD717C29511B61657B
sha3_384: 7702b79cb586ad82ad878d04095dcb2dafde84f972cc27ac4f47af2cebc9d32a9ed8168117e3f6db56bab748b79c231e
ep_bytes: 558bec6aff6850424100684cd0400064
timestamp: 2015-08-19 12:45:59

Version Info:
FileVersion: 3.0.0.0
FileDescription: Remote Desktop Connection
ProductName: MultiDesk
ProductVersion: 3.0.0.0
CompanyName: MultiDesk
LegalCopyright: Copyright 2013 syvik.com. All rights reserved.
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Zusy.452834 also known as:

Bkav	W32.AIDetectMalware
DrWeb	Trojan.Baidu.443
MicroWorld-eScan	Gen:Variant.Zusy.452834
FireEye	Generic.mg.fb57f8d036dbac01
McAfee	GenericRXDP-AQ!FB57F8D036DB
Malwarebytes	Malware.AI.3933779844
VIPRE	Gen:Variant.Zusy.452834
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Riskware ( 004cf9be1 )
K7GW	Riskware ( 004cf9be1 )
Cybereason	malicious.036dba
BitDefenderTheta	AI:Packer.9FA07B5C1F
VirIT	Trojan.Win32.Baidu.RB
Cyren	W32/Chindo.O.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/RiskWare.Chindo.P
APEX	Malicious
Cynet	Malicious (score: 99)
BitDefender	Gen:Variant.Zusy.452834
NANO-Antivirus	Trojan.Win32.Baidu.dwbmki
Avast	Win32:Generic-WX [Trj]
Tencent	Riskware.Win32.Chindo.ka
F-Secure	Heuristic.HEUR/AGEN.1342545
TrendMicro	PAK_Xed-21
McAfee-GW-Edition	BehavesLike.Win32.Infected.cm
Emsisoft	Gen:Variant.Zusy.452834 (B)
GData	Win32.Application.PSE.1ETEWJE
Jiangmin	Trojan.GenericKD.ajo
Avira	HEUR/AGEN.1342545
MAX	malware (ai score=84)
Arcabit	Trojan.Zusy.D6E8E2
Google	Detected
AhnLab-V3	Trojan/Win.AQ.R560840
ALYac	Gen:Variant.Zusy.452834
TACHYON	Trojan/W32.Agent.126976.DIT
Cylance	unsafe
TrendMicro-HouseCall	PAK_Xed-21
Rising	HackTool.Chindo!8.13995 (TFE:1:YT088xoTnwJ)
Yandex	Trojan.GenAsa!QfcZNROyZHc
Ikarus	PUA.BlackMoon
MaxSecure	Dropper.Dinwod.frindll
Fortinet	W32/Wacatac.B!tr
AVG	Win32:Generic-WX [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Zusy.452834?

Zusy.452834 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X