Backdoor

How to remove “Backdoor.PoisonIvy.HJ”?

Malware Removal

The Backdoor.PoisonIvy.HJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor.PoisonIvy.HJ virus can do?

  • A process attempted to delay the analysis task.
  • Performs some HTTP requests
  • Anomalous binary characteristics

Related domains:

1.rodion11.z8.ru
2ip.ru
edgedl.me.gvt1.com

How to determine Backdoor.PoisonIvy.HJ?


File Info:

crc32: 8435B8B9
md5: 7ea2df545ee957bea941360d11934792
name: 7EA2DF545EE957BEA941360D11934792.mlw
sha1: 08bd99d40a8f9f282ebfa5283082fb915188fe90
sha256: ddab95793475d417c1b4896591b34f54f96c7ec1bc2b7db69d8775e31143b016
sha512: 907e97a29f3491af3e9546856b6bc9aaca855bbf62e81561e8b5faa4709a9ac90660a01acbce80f88463310a37a8b5ac4e326be83a2d6acd542150348e542031
ssdeep: 96:lS3voy5uInBiIl7d1Cn1YrPHyjgafTBPDmu4oaUWTeJglhbTvYBnS3gEiaeZe9:lpXInpCWSgafZDmuDaU8eJC5epEDge
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Backdoor.PoisonIvy.HJ also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.Packed.1455
CynetMalicious (score: 100)
ALYacBackdoor.PoisonIvy.HJ
ZillyaBackdoor.Poison.Win32.40148
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
Cybereasonmalicious.45ee95
CyrenW32/Risk.YGDS-6379
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Agent.RYK
APEXMalicious
AvastWin32:Malware-gen
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderBackdoor.PoisonIvy.HJ
NANO-AntivirusTrojan.Win32.Agent.dacbwa
MicroWorld-eScanBackdoor.PoisonIvy.HJ
TencentWin32.Backdoor.Poison.Alss
Ad-AwareBackdoor.PoisonIvy.HJ
SophosMal/Generic-S
BitDefenderThetaAI:Packer.4E0FE8B21E
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Infected.zm
FireEyeGeneric.mg.7ea2df545ee957be
EmsisoftBackdoor.PoisonIvy.HJ (B)
SentinelOneStatic AI – Suspicious PE
JiangminBackdoor/Poison.ixo
WebrootW32.Malware.Gen
AviraTR/Agent.7680.90
eGambitUnsafe.AI_Score_83%
Antiy-AVLTrojan/Generic.ASMalwS.2508B2A
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitBackdoor.PoisonIvy.HJ
GDataBackdoor.PoisonIvy.HJ
McAfeeArtemis!7EA2DF545EE9
MAXmalware (ai score=87)
VBA32suspected of Trojan.Downloader.gen
PandaTrj/CI.A
RisingTrojan.Generic@ML.97 (RDML:yDIDV8Jc3z9s8Wi8rM7utw)
FortinetW32/Poison.BOXQ!tr.bdr
AVGWin32:Malware-gen

How to remove Backdoor.PoisonIvy.HJ?

Backdoor.PoisonIvy.HJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment