Application.Johnnie.197157 removal

The Application.Johnnie.197157 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Application.Johnnie.197157 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Application.Johnnie.197157?


File Info:
name: 010E4A6D1464758FC1E6.mlw
path: /opt/CAPEv2/storage/binaries/05ab5f6890c1f257ee178cb920b3c4d38a3fcf40b9959850a6025e9be0df85d9
crc32: 1478CF4B
md5: 010e4a6d1464758fc1e66602f534b4a8
sha1: 7c571ac27e9b5250b440f6110642a6e9ed10efa9
sha256: 05ab5f6890c1f257ee178cb920b3c4d38a3fcf40b9959850a6025e9be0df85d9
sha512: b88ced9cbcd439a31ed51adabb850c7ed41983d6823bd35ad119bad84f04af781421dfde5a631d88151b225d747fa5438d6ba363bd75cf5958f8d617a05f94af
ssdeep: 6144:9hg/XT1oSqLjeF2qZqeawhQM5Kh3PfcKrKywP:9OD1oSqLq4ah1KpdGyC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T129648D11B9808C71F936383849E9D7720D3DFC614A24DA1B67E8973E1F70191663ABBB
sha3_384: a1c661667dd5612ddc8b2ef116c674b8755c5e83322a6bc7f8cdf1a6e6908c21c1061ef572687cf30c23168789ec0e3f
ep_bytes: e80d050000e987feffff3b0d542d4300
timestamp: 2017-03-02 07:50:03

Version Info:
Comments: 
LegalCopyright: License: MPL 2
CompanyName: Mozilla Foundation
FileDescription: Firefox Software Updater
FileVersion: 51.0
ProductVersion: 51.0
InternalName: 
LegalTrademarks: Mozilla
OriginalFilename: updater.exe
ProductName: Firefox
BuildID: 20170302151931
Translation: 0x0000 0x04b0

Application.Johnnie.197157 also known as:

Lionic	Adware.Win32.FireBall.2!c
FireEye	Gen:Variant.Application.Johnnie.197157
McAfee	Artemis!010E4A6D1464
Cylance	Unsafe
K7AntiVirus	Adware ( 005336d51 )
Alibaba	AdWare:Win32/FireBall.6634be0d
K7GW	Adware ( 005336d51 )
Symantec	PUA.Gen.2
ESET-NOD32	a variant of Win32/Adware.ELEX.SO.gen
Paloalto	generic.ml
Kaspersky	not-a-virus:HEUR:AdWare.Win32.FireBall.gen
BitDefender	Gen:Variant.Application.Johnnie.197157
NANO-Antivirus	Riskware.Win32.FireBall.ewxdza
MicroWorld-eScan	Gen:Variant.Application.Johnnie.197157
Avast	Win32:Adware-gen [Adw]
Tencent	Malware.Win32.Gencirc.10ba76fe
Ad-Aware	Gen:Variant.Application.Johnnie.197157
Emsisoft	Gen:Variant.Application.Johnnie.197157 (B)
Zillya	Adware.FireBall.Win32.145
McAfee-GW-Edition	BehavesLike.Win32.Dropper.fh
Sophos	Generic PUA HM (PUA)
GData	Gen:Variant.Application.Johnnie.197157
Jiangmin	AdWare.FireBall.be
Avira	HEUR/AGEN.1120794
Gridinsoft	Ransom.Win32.Occamy.sa
Arcabit	Trojan.Application.Johnnie.D30225
Microsoft	Trojan:Win32/Occamy.C05
ALYac	Gen:Variant.Application.Johnnie.197157
VBA32	Adware.FireBall
Malwarebytes	Adware.Elex
TrendMicro-HouseCall	TROJ_GEN.R002H07KT21
Yandex	PUA.FireBall!lj2NKBjsWU8
Ikarus	PUA.ELEX.So
MaxSecure	Trojan.Malware.12230124.susgen
Webroot	W32.Adware.Gen
AVG	Win32:Adware-gen [Adw]
Cybereason	malicious.d14647

How to remove Application.Johnnie.197157?

Application.Johnnie.197157 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X