How to remove “Zusy.491867”?

The Zusy.491867 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.491867 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Zusy.491867?


File Info:
name: 86BDDDF290AC42A69E27.mlw
path: /opt/CAPEv2/storage/binaries/260cbba66930c050c042c9b8bdafe1f3abe22096529eb50f958cf5e6e8646278
crc32: 8BEF1774
md5: 86bdddf290ac42a69e2719e4693deccc
sha1: 71769c6fc6d622cd8d349c4ed8c428ed408fb903
sha256: 260cbba66930c050c042c9b8bdafe1f3abe22096529eb50f958cf5e6e8646278
sha512: 23b58d0da99981e3dbc67e5feffe4c2cd678a11550dd196cdb808139b895333767080c839d3ef12bfa37bda0b6f4a4fc0e478fa7205a9a9d825d00f530b165ed
ssdeep: 3072:/r7cj66rUPSHJpode3ZnsPC4PuCie2TMifFfyBB3B:8trUwIe3ZnV4Lie2TMifq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133E33861B6F00279E8F225B1667C731416AEB5A65B11E3CF03A01B9B98717C1DE383DB
sha3_384: e50b0d33f5a0489cba9e0bd124b69401830f45d111586b8906d09e8ed3e9cf623909f5063249529961cc68c48e262dce
ep_bytes: 6a7068d8160001e8420200008d458050
timestamp: 2005-01-28 09:26:26

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Windows Media Player Launcher
FileVersion: 10.00.00.3802
InternalName: WMLaunch.exe
LegalCopyright: (C) Microsoft Corporation.  All rights reserved.
OriginalFilename: WMLaunch.exe
ProductName: Microsoft(R) Windows Media Player
ProductVersion: 10.00.00.3802
Translation: 0x0409 0x04b0

Zusy.491867 also known as:

CyrenCloud	W32/Virut.U.gen!Eldorado
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.WrongInf.4!c
tehtris	Generic.Malware
Cynet	Malicious (score: 100)
FireEye	Generic.mg.86bdddf290ac42a6
Skyhigh	BehavesLike.Win32.Virut.ch
McAfee	Artemis!86BDDDF290AC
Cylance	unsafe
VIPRE	Gen:Variant.Zusy.491867
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/WrongInf.cf8b7641
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Zusy.D7815B
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
BitDefender	Gen:Variant.Zusy.491867
NANO-Antivirus	Virus.Win32.Sality.bgiylc
MicroWorld-eScan	Gen:Variant.Zusy.491867
Avast	Win32:WrongInf-A [Susp]
Ad-Aware	Gen:Variant.Zusy.491867
TACHYON	Trojan/W32.AntiAV.143360
Emsisoft	Gen:Variant.Zusy.491867 (B)
DrWeb	Trojan.Click1.58575
Sophos	ML/PE-A
SentinelOne	Static AI – Malicious PE
Kingsoft	malware.kb.a.978
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Zusy.491867
Varist	W32/Virut.U.gen!Eldorado
BitDefenderTheta	Gen:NN.ZexaF.36608.iq0@aeyXEnii
ALYac	Gen:Variant.Zusy.491867
MAX	malware (ai score=86)
TrendMicro-HouseCall	TROJ_GEN.R002H09KO23
MaxSecure	Trojan.Malware.218740023.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:WrongInf-A [Susp]
Cybereason	malicious.fc6d62
DeepInstinct	MALICIOUS

How to remove Zusy.491867?

Zusy.491867 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X