Ser.Zusy.4408 removal

The Ser.Zusy.4408 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ser.Zusy.4408 virus can do?

Reads data out of its own binary image
Drops a binary and executes it
Authenticode signature is invalid
Creates a copy of itself
Deletes executed files from disk

How to determine Ser.Zusy.4408?


File Info:
name: E7C8097F3A61380DDE50.mlw
path: /opt/CAPEv2/storage/binaries/b99c70a15be26d4138ffd605480cdf984f0edeba9aff17fb27115c80087c0cd8
crc32: 34584DD9
md5: e7c8097f3a61380dde50a4e59d167afb
sha1: e9a95f4c6df394605dba0994970c5eb6750fec73
sha256: b99c70a15be26d4138ffd605480cdf984f0edeba9aff17fb27115c80087c0cd8
sha512: 9079877e911a9683611d4c09ca0f98c74b5fb7bdb980ab126745971e456c5ace944f194871b06a0d6b30299e5fc6f9f388b60cda0a398ef47e01462d068b83ac
ssdeep: 6144:LOYWr1PgmZCZ0FbuOyeTg0opb9JU9cEHTOg:LOJ1PbC0uVf0ozu/TO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10E448E14ED0051A5E1915674A7AE96B6EC3F86E033BD9D0BAAD53E0A3870316FD3F318
sha3_384: f06191c84e723ce6de2c5da612f47c8bdb73c254e02d29a048c5d210cb95daa73e72b200f62b6776c999fc757c2a2885
ep_bytes: 83ec0cc70518d1450001000000e83e96
timestamp: 2014-08-16 07:50:49

Version Info:
0: [No Data]

Ser.Zusy.4408 also known as:

Bkav	W32.BRBTTc.Worm
Lionic	Trojan.Win32.Bayrob.4!c
Cynet	Malicious (score: 100)
FireEye	Generic.mg.e7c8097f3a61380d
CAT-QuickHeal	TrojanSpy.Nivdort.WR8
McAfee	Trojan-FIIE!E7C8097F3A61
Malwarebytes	Generic.Malware/Suspicious
Zillya	Trojan.Bayrob.Win32.40376
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 004e2ee21 )
Alibaba	Malware:Win32/km_2ed0c.None
K7GW	Trojan ( 004e2ee21 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	AI:Packer.8D2F7D401E
Cyren	W32/Nivdort.K.gen!Eldorado
Symantec	Trojan.Bayrob!g10
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Bayrob.CD
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Bayrob.gen
BitDefender	Gen:Variant.Ser.Zusy.4408
NANO-Antivirus	Trojan.Win32.Bayrob.ednnbt
MicroWorld-eScan	Gen:Variant.Ser.Zusy.4408
Avast	Win32:Evo-gen [Trj]
Tencent	Malware.Win32.Gencirc.13ea2e95
TACHYON	Trojan/W32.Bayrob.273408.C
Sophos	Troj/Bayrob-BV
Baidu	Win32.Trojan.Bayrob.e
F-Secure	Heuristic.HEUR/AGEN.1344379
DrWeb	Trojan.Bayrob.58
VIPRE	Gen:Variant.Ser.Zusy.4408
TrendMicro	TROJ_BAYROB.SMX
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Ser.Zusy.4408 (B)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Ser.Zusy.4408
Jiangmin	Trojan.Bayrob.ove
Avira	HEUR/AGEN.1344379
Antiy-AVL	Trojan/Win32.Bayrob
Arcabit	Trojan.Ser.Zusy.D1138
ViRobot	Trojan.Win.Z.Bayrob.273408.A
ZoneAlarm	HEUR:Trojan.Win32.Bayrob.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.R178732
Acronis	suspicious
VBA32	BScope.Trojan.Diple
ALYac	Gen:Variant.Ser.Zusy.4408
MAX	malware (ai score=87)
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_BAYROB.SMX
Rising	Trojan.Bayrob!1.A9BF (CLASSIC)
Ikarus	Trojan.Win32.Bayrob
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Bayrob.BR!tr
AVG	Win32:Evo-gen [Trj]
Cybereason	malicious.c6df39
DeepInstinct	MALICIOUS

How to remove Ser.Zusy.4408?

Ser.Zusy.4408 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X