Categories: Malware

Ser.Mikey.2217 removal tips

The Ser.Mikey.2217 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ser.Mikey.2217 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Reads data out of its own binary image
A process created a hidden window
Executed a process and injected code into it, probably while unpacking
Attempts to delete volume shadow copies
A system process is generating network traffic likely as a result of process injection
Installs itself for autorun at Windows startup
Attempts to modify browser security settings
Creates a copy of itself
Harvests information related to installed mail clients
Uses suspicious command line tools or Windows utilities

How to determine Ser.Mikey.2217?


File Info:
crc32: 21DDEF41md5: 9af78224d1d4d36ab72b52cd5dbe0736name: 9AF78224D1D4D36AB72B52CD5DBE0736.mlwsha1: cdc754f5094aa53ceaf08d65e94d78011049bb2asha256: e0a0be87af007022a6117b332263c3496c5455cfa2b442390c2d16343556391dsha512: bd1d93f6b7e739cf08a5d1005dca62829bb25884f9653ffabb37fe38bb0d8cab7be35889a851d0a6c26055a083c6b5c5d9a46bebfc040b10a6af88acd2415d37ssdeep: 6144:oJJEtnTxhAp080KqKoePaiihVLndGbpa1t2UWfwkSHcfVd+3mcbcI9fYb8phbMs:oJKtnTx7KqKoe8YY1gTMabV99type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2004InternalName: baseFileVersion: 1.0.1.15CompanyName: PrivateBuild: LegalTrademarks: Comments: ProductName: Wireless MonitorProductDate: Sep 23 2004SpecialBuild: ProductVersion: 1.0.1.15FileDescription: WLAN Monitor MFC ApplicationOriginalFilename: base.EXETranslation: 0x0409 0x04b0

Ser.Mikey.2217 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
DrWeb	Trojan.PWS.Panda.7708
CAT-QuickHeal	Trojan.Obfuscator.19843
McAfee	PWSZbot-FAHX!9AF78224D1D4
Cylance	Unsafe
Zillya	Trojan.Rack.Win32.13
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:Win32/Teerac.4060e504
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.4d1d4d
Symantec	Ransom.Cryptolocker
ESET-NOD32	Win32/Filecoder.TorrentLocker.A
APEX	Malicious
TotalDefense	Win32/Tnega.AXFU
Avast	Win32:Malware-gen
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Ransom.Win32.Rack.ao
BitDefender	Gen:Variant.Ser.Mikey.2217
NANO-Antivirus	Trojan.Win32.Rack.dkjwzh
MicroWorld-eScan	Gen:Variant.Ser.Mikey.2217
Tencent	Malware.Win32.Gencirc.114cb8cf
Ad-Aware	Gen:Variant.Ser.Mikey.2217
Sophos	Mal/Generic-R + Troj/Ransom-AOQ
Comodo	Malware@#1i2w1odkt0iab
BitDefenderTheta	Gen:NN.ZexaF.34628.Hu0@aSh1JCoi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_CRYPLOCK.VVPT
McAfee-GW-Edition	PWSZbot-FAHX!9AF78224D1D4
FireEye	Generic.mg.9af78224d1d4d36a
Emsisoft	Gen:Variant.Ser.Mikey.2217 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan/Cutwail.ij
Webroot	W32.InfoStealer.Zeus
Avira	HEUR/AGEN.1113554
eGambit	Generic.PSW
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Ransom:Win32/Teerac.A
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Ser.Mikey.2217
TACHYON	Ransom/W32.Rack.544768
AhnLab-V3	Trojan/Win32.Cutwail.R128404
VBA32	TrojanRansom.Rack
MAX	malware (ai score=100)
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_CRYPLOCK.VVPT
Rising	Ransom.Rack!8.2ED (CLOUD)
Yandex	Trojan.GenAsa!TmYjKk7E4jA
Ikarus	Trojan.Win32.Filecoder
Fortinet	W32/Rack.AO!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.TorrentLocker.HgIASOcA