How to remove “Zusy.88312”?

The Zusy.88312 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.88312 virus can do?

Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX

How to determine Zusy.88312?


File Info:
crc32: 9FF1495F
md5: 3bba4373f38404243d6de06b30460703
name: 3BBA4373F38404243D6DE06B30460703.mlw
sha1: a2898185cbb259eb9bbf620b0f45c675a139daf6
sha256: 7ee93dc73f9eb81978b08e55514cb5618387a7203ba4d322043c6718b51c5531
sha512: c7cbade5f09e13d095d85f54d0a0c85e055aa6d5513c771e435ec66f9d6f3cd323e8a3dc6eb1539938d139885b313cf6993ec0d5c9b87dd75b4f51385ac2b697
ssdeep: 6144:cGVXZy6pS/xVKyV76goMjNW07enil+JjtTO+m:bXZnpkMoWMZW0t+JjtT2
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: Copyright 2010-2016 ChowFaye.Com. All Rights Reserved.
InternalName:                                                                                
FileVersion: 0, 0, 0, 0
CompanyName:                                                                                
PrivateBuild: 
LegalTrademarks:                                                                                
Comments:                                                                                
ProductName:                                                                                
SpecialBuild: 
ProductVersion: 0, 0, 0, 0
FileDescription: Tmall.Com
OriginalFilename:                                                                                
Translation: 0x0409 0x04b0

Zusy.88312 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
DrWeb	Trojan.KillProc.40244
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Skeeyah.20605
ALYac	Gen:Variant.Zusy.88312
Cylance	Unsafe
Zillya	Trojan.Hosts2.Win32.591
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Bulta.ffb428a7
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.3f3840
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Malware.Zusy-9783036-0
Kaspersky	HEUR:Trojan-Banker.Win32.ClipBanker.gen
BitDefender	Gen:Variant.Zusy.88312
NANO-Antivirus	Trojan.Win32.KillProc.ebuhkx
MicroWorld-eScan	Gen:Variant.Zusy.88312
Tencent	Malware.Win32.Gencirc.10b547e4
Ad-Aware	Gen:Variant.Zusy.88312
Comodo	ApplicUnwnt@#131exaqdudelg
BitDefenderTheta	Gen:NN.ZexaF.34670.nmLfaOdz@Cai
VIPRE	Trojan.Win32.Generic!BT
FireEye	Generic.mg.3bba4373f3840424
Emsisoft	Gen:Variant.Zusy.88312 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanSpy.Carberp.etn
Avira	ADWARE/Taranis.3958
Microsoft	Program:Win32/Wacapew.C!ml
AegisLab	Trojan.Win32.Hosts2.4!c
GData	Gen:Variant.Zusy.88312
McAfee	GenericRXAA-AA!3BBA4373F384
MAX	malware (ai score=83)
VBA32	Trojan.Hosts2
Malwarebytes	Malware.Heuristic.1003
Panda	Trj/Genetic.gen
Rising	Trojan.Hosts2!8.2FB (CLOUD)
Yandex	Trojan.GenAsa!8o9Zq9Rwh5A
Ikarus	Trojan.Win32.Bulta
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Hosts2.WAZ!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Adware.Generic.HgIASQwA

How to remove Zusy.88312?

Zusy.88312 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X