Should I remove "Mikey.112966"?

The Mikey.112966 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Mikey.112966 virus can do?

Attempts to connect to a dead IP:Port (2 unique times)
Presents an Authenticode digital signature
Creates RWX memory
A process attempted to delay the analysis task.
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Reads data out of its own binary image
Drops a binary and executes it
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
A system process is generating network traffic likely as a result of process injection
Installs itself for autorun at Windows startup
Collects information about installed applications
Attempts to modify browser security settings
Attempts to create or modify system certificates
Anomalous binary characteristics

Related domains:

api.zcjczj.cn

config.zcjczj.cn

con2.zcjczj.cn

pv.sohu.com

ip.ws.126.net

info.zcjczj.cn

media.zcjczj.cn

pm.myapp.com

ocsp.dcocsp.cn

How to determine Mikey.112966?


File Info:
crc32: 1018A3EA
md5: eaac6c32b6272d3b7fd4d05841c1cce6
name: evapicturesetup-4792.exe
sha1: 4b56e9d5ac9a40ac6ead360e1d4614eb713e8af1
sha256: c8d3924acd75e7ac05b6d02d63c9db528d0dff32e8757807d744bccaf907825f
sha512: 0690aa8966f367fe0f47ae9b5fdf5f991738f42623c7081f2eb983b33db8d0a229f14cdc99f0c9d154e997e1e675cec1156ec40759ad3e3e175f458b91ced3f4
ssdeep: 98304:idJcUQLUGrupm8ECV+jZ+JErGKHiTb7rzVkDrByk5an0QPAiOb:2PGZKm8EHjZ+GrGKCnDyRcBe
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Setup Engine Copyright xa9 2004-2018 Indigo Rose Corporation
InternalName: suf_launch
FileVersion: 9.5.2.0
LegalTrademarks: Setup Factory is a trademark of Indigo Rose Corporation.
Comments: Created with Setup Factory
ProductName: Setup Factory Runtime
ProductVersion: 9.5.2.0
FileDescription: Setup Application
OriginalFilename: suf_launch.exe
Translation: 0x0409 0x04e4

Mikey.112966 also known as:

MicroWorld-eScan	Gen:Variant.Mikey.112966
FireEye	Gen:Variant.Mikey.112966
ALYac	Gen:Variant.Mikey.112966
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan-Downloader ( 0055f6a61 )
BitDefender	Gen:Variant.Mikey.112966
K7GW	Trojan-Downloader ( 0055f6a61 )
Cybereason	malicious.2b6272
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
Kaspersky	HEUR:Trojan-Downloader.Win32.Chindo.vho
AegisLab	Trojan.Win32.Chindo.a!c
Ad-Aware	Gen:Variant.Mikey.112966
Comodo	Malware@#2htdetit8f7f7
F-Secure	Heuristic.HEUR/AGEN.1107653
DrWeb	Trojan.DownLoader33.44104
Zillya	Downloader.Chindo.Win32.1252
Invincea	Mal/Generic-S
Sophos	Mal/Generic-S
Ikarus	Trojan.Indiloadz
Avira	HEUR/AGEN.1137534
Arcabit	Trojan.Mikey.D1B946
ZoneAlarm	HEUR:Trojan-Downloader.Win32.Chindo.vho
GData	Gen:Variant.Mikey.112966
McAfee	Artemis!EAAC6C32B627
MAX	malware (ai score=85)
VBA32	BScope.Trojan.Ekstak
ESET-NOD32	multiple detections
TrendMicro-HouseCall	TROJ_GEN.R002H0CIF20
Rising	Adware.Agent!1.C1FF (CLASSIC)
Fortinet	W32/Ursu.789031!tr
AVG	Win32:DropperX-gen [Drp]
Paloalto	generic.ml
Qihoo-360	Generic/Trojan.585

How to remove Mikey.112966?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Mikey.112966”?