Johnnie.255459 removal tips

The Johnnie.255459 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Johnnie.255459 virus can do?

Executable code extraction
Creates RWX memory
Reads data out of its own binary image
A process created a hidden window
Creates an excessive number of UDP connection attempts to external IP addresses
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
EternalBlue behavior
Generates some ICMP traffic
Collects information to fingerprint the system

Related domains:

mbfce24rgn65bx3g.we0sgd.com

mbfce24rgn65bx3g.y8lkjg5.net

How to determine Johnnie.255459?


File Info:
crc32: CA51DA1F
md5: 61a4a791e48d817f58ba15057708edfc
name: 61A4A791E48D817F58BA15057708EDFC.mlw
sha1: 916db7929744a73cbcd54894b4a8f905e19141d0
sha256: a25bd79fb1d44e78d9997e24b77042661d7abeb00734b0c49158d38e923db429
sha512: 9e93352db69bd177c246bc73643579727966dcb91e8c7c121188abf1e9f75b345a878abef1d040c4db8fd5909a8fd672de268611f64f24e31b8362dd45106559
ssdeep: 6144:jXk5hOqBlpBnJ2ukfJtxosXlaYeQ/9T0XXEHH0gDgJSDQeO:zk5hOqBlpBJ2ukh91aYx0XUn0r6QeO
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9HWorks.  All rights reserved.
InternalName: Clearerror Decisin
FileVersion: 5.5.6.5
CompanyName: HWorks
PrivateBuild: 5.5.6.5
LegalTrademarks: Copyright xa9HWorks.  All rights reserved.
Comments: Lines Celk Anthropological Typeddataset 1950s
ProductName: Clearerror Decisin
ProductVersion: 5.5.6.5
FileDescription: Lines Celk Anthropological Typeddataset 1950s
OriginalFilename: Clearerror Decisin.exe
Translation: 0x0409 0x04b0

Johnnie.255459 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 004f78ba1 )
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Johnnie.255459
Cylance	Unsafe
Zillya	Trojan.Filecoder.Win32.7641
Sangfor	Trojan.Win32.Injector.GE
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 004f78ba1 )
Cybereason	malicious.1e48d8
Symantec	Trojan Horse
ESET-NOD32	Win32/Filecoder.NHQ
APEX	Malicious
Avast	FileRepMalware
Kaspersky	Trojan-Ransom.Win32.SageCrypt.czi
BitDefender	Gen:Variant.Johnnie.255459
NANO-Antivirus	Trojan.Win32.SageCrypt.enonkv
MicroWorld-eScan	Gen:Variant.Johnnie.255459
Tencent	Win32.Trojan.Raas.Auto
Ad-Aware	Gen:Variant.Johnnie.255459
Sophos	Mal/Generic-S
Comodo	Malware@#14797astr64e6
BitDefenderTheta	Gen:NN.ZexaF.34692.xq1@aWet6Vpi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Mal_Cerber-23
McAfee-GW-Edition	BehavesLike.Win32.Dropper.fc
FireEye	Generic.mg.61a4a791e48d817f
Emsisoft	Gen:Variant.Johnnie.255459 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.SageCrypt.ge
Webroot	W32.Trojan.Gen
Avira	TR/Crypt.ZPACK.sjwds
eGambit	Unsafe.AI_Score_93%
Microsoft	Ransom:Win32/Milicry!rfn
Arcabit	Trojan.Johnnie.D3E5E3
AegisLab	Trojan.Win32.SageCrypt.j!c
ZoneAlarm	Trojan-Ransom.Win32.SageCrypt.czi
GData	Gen:Variant.Johnnie.255459
AhnLab-V3	Win-Trojan/Sagecrypt.Gen
McAfee	Artemis!61A4A791E48D
MAX	malware (ai score=100)
VBA32	Hoax.SageCrypt
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/CI.A
TrendMicro-HouseCall	Mal_Cerber-23
Rising	Ransom.FileCryptor!8.1A7 (CLOUD)
Yandex	Trojan.SageCrypt!gM/dBhyLwL8
Ikarus	Trojan-Spy.Remcos
Fortinet	W32/Filecoder.NHQ!tr
AVG	FileRepMalware
Paloalto	generic.ml

How to remove Johnnie.255459?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Johnnie.255459 removal tips