Malware

Johnnie.2955 removal

Malware Removal

The Johnnie.2955 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Johnnie.2955 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Attempts to delete volume shadow copies
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

rrpproxy.net
dd24.net
key-systems.net
keydrive.lu

How to determine Johnnie.2955?



File Info:

crc32: 36505962
md5: caa6ce665a010073546db46fc557b2d5
name: CAA6CE665A010073546DB46FC557B2D5.mlw
sha1: 161d1caa8908a3d4699bc04118935b6043dfcada
sha256: 41dd357152625c674f0d880d7ec2055f8ca3b14d253e83d22b3116a002bb2852
sha512: b3e1872857d4941ac3b8b26d230b1639ed41c5e62a5c091b051e1935b4f108f170ee9452067cefd515ab710c4c3871abe680e879ab4cfaef0a63e45066c2f911
ssdeep: 6144:s9eAiz7xhQZxkRpvtRak3sqPR8yRmL2ytyga98rbY6fKk62AZ:2z6dhQZxItRb3vRmJHK+TgZ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: All rights reserved. Audiophile Inventory (http://audiventory.com)
InternalName: Gesture Describes
FileVersion: 3.9.1.139
CompanyName: Audiophile Inventory (http://audiventory.com)
FileDescription: Listservs Insights Explored Stove Loves
LegalTrademarks: All rights reserved. Audiophile Inventory (http://audiventory.com)
Comments: Listservs Insights Explored Stove Loves
ProductName: Gesture Describes
ProductVersion: 3.9.1.139
PrivateBuild: 3.9.1.139
OriginalFilename: Gesture Describes
Translation: 0x0409 0x04b0

Johnnie.2955 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3ef1 )
LionicTrojan.Win32.PornoAsset.j!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.3953
CynetMalicious (score: 100)
ALYacGen:Variant.Johnnie.2955
CylanceUnsafe
ZillyaTrojan.PornoAsset.Win32.22940
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Genasom.ali1000102
K7GWTrojan ( 0055e3ef1 )
Cybereasonmalicious.65a010
SymantecRansom.TeslaCrypt
ESET-NOD32Win32/Filecoder.Crysis.D
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.PornoAsset.cvxt
BitDefenderGen:Variant.Johnnie.2955
NANO-AntivirusTrojan.Win32.Encoder.edhcxn
MicroWorld-eScanGen:Variant.Johnnie.2955
TencentWin32.Trojan.Pornoasset.Tayo
Ad-AwareGen:Variant.Johnnie.2955
SophosMal/Kryptik-DC
ComodoMalware@#37cwmyzv57br6
BitDefenderThetaGen:NN.ZexaF.34790.vq0@a4Kfjrii
VIPRETrojan.Win32.Generic!BT
TrendMicroMal_MiliCry-1h
McAfee-GW-EditionBehavesLike.Win32.Trojan.fc
FireEyeGeneric.mg.caa6ce665a010073
EmsisoftGen:Variant.Johnnie.2955 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.PornoAsset.aee
WebrootW32.Compromisedrdp.Ransomware
AviraHEUR/AGEN.1128638
Antiy-AVLTrojan/Generic.ASMalwS.190ABB3
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Dynamer!ac
ZoneAlarmTrojan-Ransom.Win32.PornoAsset.cvxt
GDataGen:Variant.Johnnie.2955
TACHYONRansom/W32.PornoAsset.355328
Acronissuspicious
McAfeeArtemis!CAA6CE665A01
MAXmalware (ai score=86)
VBA32Hoax.PornoAsset
PandaTrj/GdSda.A
TrendMicro-HouseCallMal_MiliCry-1h
RisingTrojan.Generic@ML.100 (RDML:zaKFWBK0kTiOZc8iuD0GPg)
YandexTrojan.PornoAsset!RLEHCNIePbA
IkarusTrojan.Win32.Filecoder
FortinetW32/PornoAsset.CVXT!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.PornoAsset.HgIASOkA

How to remove Johnnie.2955?

Johnnie.2955 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment