Malware

Zusy.490066 removal instruction

Malware Removal

The Zusy.490066 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.490066 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Zusy.490066?



File Info:

name: 100E9BDE083BC56E0F82.mlw
path: /opt/CAPEv2/storage/binaries/16ca64d2621420ab7f8617f40fefb5a8e8fab755a52366690e2a14792c6670db
crc32: 636C72C1
md5: 100e9bde083bc56e0f826f354f1d34d1
sha1: 98cdf5ff5ad8d2ccc532c158c5847b5401a7d4b5
sha256: 16ca64d2621420ab7f8617f40fefb5a8e8fab755a52366690e2a14792c6670db
sha512: c2890a7ac7b76fa6c1d5b4902786aa9823d180b714b8c56c47edafa3167ab536b3a4f8c70a8ea5e44a0f796d2808de8742ac107bcb65c6adba5ed80f76b1fefa
ssdeep: 24576:ONrAqIZBs7FzlI/gcsbz5sGQiFOu8MRdmgfseyRq0HCl0Xfncu0qYXUaiXbb6SUn:O5/NBciFL8e6PCl0/c9fUawbWvqQd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B7A58E13E68280B2E5143A7072BA2B397A749FF64D344AA3E7A0FDB81D71771D66710C
sha3_384: 9c082ec982894e5869e4608b6129475aeb6d9565163392fd6f743da4791386d79be1433b12c10e221b4391d8ce2c92c6
ep_bytes: 558bec6aff6860215d006894ca520064
timestamp: 2012-05-08 08:13:30


Version Info:

FileVersion: 1.7.5.5
FileDescription: 我要刷微博
ProductName: 我要刷微博
ProductVersion: 1.7.5.5
CompanyName: 敢想敢为
LegalCopyright: 敢想敢为 版权所有
Comments: 版权为敢想敢为所有
Translation: 0x0804 0x04b0

Zusy.490066 also known as:

BkavW32.AIDetectMalware
CyrenCloudW32/OnlineGames.HG.gen!Eldorado
LionicTrojan.Win32.Generic.lqH9
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.490066
FireEyeGeneric.mg.100e9bde083bc56e
SkyhighBehavesLike.Win32.Generic.vh
ALYacGen:Variant.Zusy.490066
Cylanceunsafe
SangforTrojan.Win32.Agent.Vpw0
K7AntiVirusTrojan ( 005246d51 )
K7GWTrojan ( 005246d51 )
Cybereasonmalicious.f5ad8d
BitDefenderThetaGen:NN.ZexaF.36608.cs0@aSwE4ihH
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Malware.Trojanx-9951053-0
BitDefenderGen:Variant.Zusy.490066
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Zusy.490066
EmsisoftGen:Variant.Zusy.490066 (B)
VIPREGen:Variant.Zusy.490066
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
VaristW32/OnlineGames.HG.gen!Eldorado
Antiy-AVLTrojan/Win32.FlyStudio.a
MicrosoftTrojan:Win32/Wacatac.B!ml
XcitiumTrojWare.Win32.Agent.OSCF@5rs7jr
ArcabitTrojan.Zusy.D77A52
GDataWin32.Trojan.PSE.11SCEUB
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5495002
McAfeeArtemis!100E9BDE083B
MAXmalware (ai score=85)
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_GEN.R002H09IP23
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/CoinMiner.PHP!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Zusy.490066?

Zusy.490066 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment