About “Zusy.483265” infection

The Zusy.483265 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.483265 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Zusy.483265?


File Info:
name: 237FDB7CCDD89D1B9E50.mlw
path: /opt/CAPEv2/storage/binaries/3ec54a9430394267566a1a09e128d4fea6a5aa1c7d6eed855566c1aefe29cf43
crc32: C73899F4
md5: 237fdb7ccdd89d1b9e504f2ca17551e6
sha1: 97510c594e14869fbe6cd95ea669c0c515730008
sha256: 3ec54a9430394267566a1a09e128d4fea6a5aa1c7d6eed855566c1aefe29cf43
sha512: 8ed8354735557469826ecb981faef2248bd289e7708564f71d8072f0cfd38891e0fad6d569cc6d276c9bbca875fb58bca378d83e997a936ade9b324052b68f07
ssdeep: 49152:zNfj3C3ttwnjSUb0LlF1ymBZmwBP2VKV7IzXcJMs/OFC+Wu:FS3ttwjfIBF1ymBZm+2VKmGOFCg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12006C081BB50C0E3D92519305467E7766636ED2A6B105F8763E4FE3F3E33242982727A
sha3_384: 1755c1cc0998553724464dc13fe56cf407f0f8fc78693d4c277891b42164ab45f96cd60eba6e51754671dfc71e71c178
ep_bytes: 558bec6aff68c0a2740068d49f490064
timestamp: 2010-02-12 02:27:09

Version Info:
FileVersion: 6.0.6.1
FileDescription: 系统防U盘复制软件2010 Beta1
ProductName: 系统防U盘复制软件
ProductVersion: 6.0.6.1
CompanyName: 范磊
LegalCopyright: Copyright 2009-2010 fan lei 
Comments: Copyright fan lei
Translation: 0x0804 0x04b0

Zusy.483265 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Zusy.483265
Skyhigh	BehavesLike.Win32.Generic.wh
McAfee	Artemis!237FDB7CCDD8
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Agent.V9s3
K7AntiVirus	Trojan ( 005246d51 )
K7GW	Trojan ( 005246d51 )
Cybereason	malicious.94e148
Arcabit	Trojan.Zusy.D75FC1
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
Cynet	Malicious (score: 100)
ClamAV	Win.Malware.Trojanx-9951053-0
BitDefender	Gen:Variant.Zusy.483265
Sophos	Generic Reputation PUA (PUA)
F-Secure	Trojan:W32/DelfInject.R
VIPRE	Gen:Variant.Zusy.483265
Emsisoft	Gen:Variant.Zusy.483265 (B)
Ikarus	Trojan.Win32
Varist	W32/Trojan.CLL.gen!Eldorado
Antiy-AVL	Trojan/Win32.FlyStudio.a
Xcitium	Worm.Win32.Dropper.RA@1qraug
Microsoft	Trojan:Win32/Wacatac.A!ml
GData	Win32.Application.PSE.1OV7PVV
Google	Detected
ALYac	Gen:Variant.Zusy.483265
VBA32	BScope.Trojan.Spambot
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CAB24
Rising	Trojan.Generic@AI.100 (RDML:q6apFkdXcX1VGobd+J+Tgw)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/FlyApplication
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Zusy.483265?

Zusy.483265 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X