Zusy.533984 removal instruction

The Zusy.533984 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.533984 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Uses Windows utilities to create a scheduled task
Deletes executed files from disk

How to determine Zusy.533984?


File Info:
name: 36232D84D7A542CBDA18.mlw
path: /opt/CAPEv2/storage/binaries/4aa5bcde4d6ff85d0449ab319fd38e83159938e65159d645aa23b4131fe55ef2
crc32: 35CFDAA7
md5: 36232d84d7a542cbda18d54467878e55
sha1: 082b2233f7d1750ff6c9748329d940f74dfde21b
sha256: 4aa5bcde4d6ff85d0449ab319fd38e83159938e65159d645aa23b4131fe55ef2
sha512: 1ef94719908d9b6c7a2670380379f16dbed1fd0d3e908fc637a1fe9ff8ebea5b5154a489c0510b0d9ebbd669a26068d34fe1655cf701d6c526d745ee652d4fa4
ssdeep: 1536:X77ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfUwlblO6:XXFfHgTWmCRkGbKGLeNTBfU6bj
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T149937C45F3E242F7EAF2053200A6716FA735A2288734D8DBC74C2D429943AD1A73D3E9
sha3_384: 1f6e6c60619872c651ad3292ac2f6df544030cb234d1f8d68626af2bc52db41079cda285e6574915cac8697433fa7d99
ep_bytes: 68ac00000068000000006868804100e8
timestamp: 2018-02-01 20:18:05

Version Info:
0: [No Data]

Zusy.533984 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.36232d84d7a542cb
Skyhigh	BehavesLike.Win32.Generic.nh
McAfee	Artemis!36232D84D7A5
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.3f7d17
BitDefenderTheta	Gen:NN.ZexaF.36744.fuW@aWFY5Um
BitDefender	Gen:Variant.Zusy.533984
MicroWorld-eScan	Gen:Variant.Zusy.533984
TACHYON	Trojan/W32.SchoolBoy.93184
Sophos	Generic ML PUA (PUA)
VIPRE	Gen:Variant.Zusy.533984
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Zusy.533984 (B)
GData	Gen:Variant.Zusy.533984
Google	Detected
Arcabit	Trojan.Zusy.D825E0
Varist	W32/Agent.CRE.gen!Eldorado
ALYac	Gen:Variant.Zusy.533984
MAX	malware (ai score=85)
Malwarebytes	Generic.Malware/Suspicious
TrendMicro-HouseCall	TROJ_GEN.R002H09AJ24
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.233017481.susgen
Fortinet	W32/PossibleThreat
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Zusy.533984?

Zusy.533984 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X