Softpedia >Windows >Antivirus >Removal Tools >  Worm.Zimuse.Gen
Worm.Zimuse.Gen icon

Worm.Zimuse.Gen

4.5/5 12
Certified 100% CLEAN Freeware   

This is a useful tool for erasing the Zimuse virus from any system #Zimuse antivirus  #Zimuse remover  #Zimuse worm  #Zimuse  #Antivirus  #Remover  

Description

Free Download

Worm.Zimuse.Gen screenshot

Worm.Zimuse.Gen is a removal utility that targets the Zimuze malware infection.

The malware comes as an application with a WinZip icon in order to trick the user into running it. To look even more as a a self-extracting archive it displays a dialog box asking for a password in order to successfully unzip the package contents.

Once executed the application checks the command line parameters and if there is a switch '/Z' then it proceeds to delete all the files , all the registry keys it and all the services it has created during a previous infection.

If no disinfection switch is given then it takes the following actions: * it checks if it's set to run at startup up, by checking the presence of a key named 'Dump' in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. * if no previous infection is found then it infects the computer.

Infection of the computer consists in: * dropping the files - %system32%\drivers\mstart.sys and creates and runs a service named 'mstart' from this file; - %program-files%\Dump\dump.exe"

- %Temp%\Dump.ini - %Temp%\Regini.exe - %system32%\drivers\mstart.sys - %system32%\drivers\mseu.sys - %Temp%\mseu.ini (used for installation of mseu.sys service) - %system32%\mseus.exe - %Temp%\mseus.ini (used for installation of mseus.exe service) - %system32%\tokset.dll - %system32%\ainf.inf - %Temp%\instdrv.exe (which is a clean file used to install services) - %system_drive%\IQTest\iqtest.exe (in some versions) - %system_drive%\IQTest\readme.txt (in some versions)

* sets dump.exe file dropped earlier to run at startup (this is the flag of infection) * deletes the following files (which were used for services instalation) - %Temp%\Regini.exe - %Temp%\Dump.ini - %Temp%\mseu.ini - %Temp%\mseus.ini - %Temp%\instdrv.exe

The malware is inactive for the first 10 days (first variant) and 7 days (second variant). After this period of time, from the moment of infection, it proceeds to infect all usb drives attached to the computer using the classical autorun.inf technique.

After 40 days from the infection (first variant) and 20 days (second variant) the malware goes and overwrites the MBR (master boot record) with garbage rendering the computer un-bootable.

Worm.Zimuse.Gen 1.22

 add to watchlist add to download basket send us an update REPORT
  runs on:
Windows All
  file size:
201 KB
  filename:
zimuse-removal-tool.exe
  1 screenshot:
Worm.Zimuse.Gen - Worm.Zimuse.Gen will scan and remove the malware in no time.
  main category:
Antivirus
  developer:
  visit homepage

Windows Sandbox Launcher

Set up the Windows Sandbox parameters to your specific requirements, with this dedicated launcher that features advanced parametrization
Windows Sandbox Launcher

ShareX

Capture your screen, create GIFs, and record videos through this versatile solution that includes various other amenities: an OCR scanner, image uploader, URL shortener, and much more
ShareX

Bitdefender Antivirus Free

Feather-light and free antivirus solution from renowned developer that keeps the PC protected at all times from malware without requiring user configuration
Bitdefender Antivirus Free

Zoom Client

The official desktop client for Zoom, the popular video conferencing and collaboration tool used by millions of people worldwide
Zoom Client

4k Video Downloader

Export your favorite YouTube videos and playlists with this intuitive, lightweight program, built to facilitate downloading clips from the popular website
4k Video Downloader

Context Menu Manager

Customize Windows’ original right-click context menu using this free, portable and open-source utility meant to enhance your workflow
Context Menu Manager

IrfanView

With support for a long list of plugins, this minimalistic utility helps you view images, as well as edit and convert them using a built-in batch mode
IrfanView

Microsoft Teams

Effortlessly chat, collaborate on projects, and transfer files within a business-like environment by employing this Microsoft-vetted application
Microsoft Teams

7-Zip

An intuitive application with a very good compression ratio that can help you not only create and extract archives, but also test them for errors
7-Zip

calibre

Effortlessly keep your e-book library thoroughly organized with the help of the numerous features offered by this efficient and capable manager
calibre

% discount
Microsoft Teams
  • Microsoft Teams
  • 7-Zip
  • calibre
  • Windows Sandbox Launcher
  • ShareX
  • Bitdefender Antivirus Free
  • Zoom Client
  • 4k Video Downloader
  • Context Menu Manager
  • IrfanView
TRY
essentials
Click to load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy