Backdoor

Backdoor.Win32.Poison.clhd removal tips

Malware Removal

The Backdoor.Win32.Poison.clhd is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Poison.clhd virus can do?

  • Sample contains Overlay data
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Backdoor.Win32.Poison.clhd?



File Info:

name: 42578668EC0B3039AA93.mlw
path: /opt/CAPEv2/storage/binaries/c012aa4e2bfd06eff4c1e8c0873c9a1b729a3a6b360f6fd9ecea87ddc2b65721
crc32: 04E99F3E
md5: 42578668ec0b3039aa937a3a48e7a36e
sha1: 156eb93b7469eb378c0cfbde1e7bc807976d28c9
sha256: c012aa4e2bfd06eff4c1e8c0873c9a1b729a3a6b360f6fd9ecea87ddc2b65721
sha512: a262aa5c3ac0df28e7dc7fbd59f161437a248989f39bd4ceaec5c7b46151b4472b3c814909efc3426262deb66cfb28d357431dc9e638523f81a03304585d1658
ssdeep: 1536:d2W5E5rNqd09RqVFljcckr2E5QeXtY8GGESXx3iNtjub3NUt3FQ1s:p5E5rQTVFljc87eXGQEShPWt1Q1s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17BA302013A89D55BC0254E349AF7E2F6EE14EA750A120E472F807E7F2D377391B21728
sha3_384: eb0035e2a686d49ab385110f3becc2f5c3198679b8cde7ed39e0d704221ae4845da2cd818baeebc752299a2ee23ca1f6
ep_bytes: b8c91808008d889e123c008941018b54
timestamp: 2011-05-12 10:55:01


Version Info:

Translation: 0x0409 0x04b0
Comments: yn
CompanyName: Xh5Mv
FileDescription: N5uHfN
LegalCopyright: cDm1
LegalTrademarks: gbvH5Hz0ZP
ProductName: ZvEzRlAH
FileVersion: 3.25.0026
ProductVersion: 3.25.0026
InternalName: XserverX
OriginalFilename: XserverX.exe

Backdoor.Win32.Poison.clhd also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Refroso.l2u1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Heur.ManBat.1
FireEyeGeneric.mg.42578668ec0b3039
McAfeeArtemis!42578668EC0B
CylanceUnsafe
ZillyaBackdoor.Poison.Win32.52222
SangforBackdoor.Win32.Poison.Vebq
K7AntiVirusTrojan ( 003678211 )
AlibabaBackdoor:Win32/Poison.62e6a5e8
K7GWTrojan ( 003678211 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.ManBat.1
VirITTrojan.Win32.Inject.CWX
CyrenW32/SuspPack.DO.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.TG
APEXMalicious
KasperskyBackdoor.Win32.Poison.clhd
BitDefenderGen:Heur.ManBat.1
NANO-AntivirusTrojan.Win32.Dwn.grmdu
AvastWin32:VB-ACBV [Trj]
TencentPacked.Win32.Crashcompact.a
Ad-AwareGen:Heur.ManBat.1
EmsisoftGen:Heur.ManBat.1 (B)
ComodoTrojWare.Win32.Kryptik.~NTG@1pel9l
F-SecureTrojan.TR/Crypt.PEPM.Gen
DrWebBackDoor.Poison.767
VIPREGen:Heur.ManBat.1
TrendMicroTROJ_GEN.R002C0RHV22
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
Trapminemalicious.high.ml.score
SophosMal/EncPk-BQ
IkarusBackdoor.Win32.Poison
JiangminBackdoor.Poison.bz
WebrootW32.Worm.Kolab.Gen
GoogleDetected
AviraTR/Crypt.PEPM.Gen
MAXmalware (ai score=100)
MicrosoftTrojan:Win32/Wacatac.B!ml
ViRobotBackdoor.Win32.A.Poison.104456
ZoneAlarmBackdoor.Win32.Poison.clhd
GDataGen:Heur.ManBat.1
CynetMalicious (score: 100)
Acronissuspicious
VBA32Backdoor.Poison
ALYacGen:Heur.ManBat.1
TACHYONTrojan/W32.Agent.104456.J
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_GEN.R002C0RHV22
RisingBackdoor.Poison!8.2D7 (CLOUD)
YandexBackdoor.Poison!dKPuiOake1s
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.3372303.susgen
BitDefenderThetaAI:Packer.D01465D420
AVGWin32:VB-ACBV [Trj]
Cybereasonmalicious.8ec0b3
PandaTrj/CI.A

How to remove Backdoor.Win32.Poison.clhd?

Backdoor.Win32.Poison.clhd removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment