Malware

Zusy.486768 removal instruction

Malware Removal

The Zusy.486768 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.486768 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Zusy.486768?



File Info:

name: E46F4F7DC3A223A1DDB6.mlw
path: /opt/CAPEv2/storage/binaries/ea25ab1a0fc97b6c8755d24f453e604649b203825eecdf04a1c4f6b8057c2284
crc32: 2A632386
md5: e46f4f7dc3a223a1ddb6fc95f9242273
sha1: 4f8f2f2f74de99592d489fc32e989a1ba60af123
sha256: ea25ab1a0fc97b6c8755d24f453e604649b203825eecdf04a1c4f6b8057c2284
sha512: 28d1080cd41a923fd5737bd5c9c1f8514867c5224ea73a691214085070fe1bc809f374a35194ca5367136b51b1ba9018060c875b134dc13ae13f874522589666
ssdeep: 12288:6u6DtjtE1RgYH/JoTtvk1kY3kVgYCDcSQlU:6u6U1TH/uTe1k1zmb
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10894E00472E0C4B2D927147D51AA4EB14DB9BCBE1425C89F27FC396E1EF23C9919839B
sha3_384: 9164ac10027707a08cd6ef97958620197965fc16443763fb54a8e8c18603c770ea5f5f6c3ec8ef197bb6b365203df1a1
ep_bytes: e8b28a0000e995feffff8bff558bec83
timestamp: 2019-12-11 10:16:22


Version Info:

CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2410.7
Full Version: 1.8.0_241-b07
InternalName: java
LegalCopyright: Copyright © 2019
OriginalFilename: java.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2410.7
Translation: 0x0000 0x04b0

Zusy.486768 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.486768
ALYacGen:Variant.Jaik.72577
SangforTrojan.Win32.Save.a
ESET-NOD32a variant of Win32/Patched.IP
APEXMalicious
BitDefenderGen:Variant.Zusy.486768
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
EmsisoftGen:Variant.Zusy.486768 (B)
VIPREGen:Variant.Jaik.72577
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
FireEyeGeneric.mg.e46f4f7dc3a223a1
SophosML/PE-A
IkarusVirus.Win32.Expiro
GDataGen:Variant.Zusy.486768
Antiy-AVLTrojan/Win32.Patched
ArcabitTrojan.Jaik.D11B81
ZoneAlarmHEUR:Backdoor.Win32.Convagent.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
MAXmalware (ai score=84)
Cylanceunsafe
RisingTrojan.Generic@AI.82 (RDML:4rosVVbMjNlVVbUWRpfIIw)
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Zusy.486768?

Zusy.486768 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment