Backdoor

How to remove “Backdoor:Win32/Ppdoor.AV”?

Malware Removal

The Backdoor:Win32/Ppdoor.AV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor:Win32/Ppdoor.AV virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Backdoor:Win32/Ppdoor.AV?


File Info:

name: FD6834114A196FD879CA.mlw
path: /opt/CAPEv2/storage/binaries/049f334c2c4cfa0c47aec858af06a29c945b28c506b282adf68217eff1cba4cd
crc32: 05E339EE
md5: fd6834114a196fd879ca02939f587c19
sha1: 3a236c7f8200fc1544298bec13c3f2179623cc4e
sha256: 049f334c2c4cfa0c47aec858af06a29c945b28c506b282adf68217eff1cba4cd
sha512: 94281b600ef49bc026cbf4971edc6ef2021a67c596238b2ca302dd20b3b3ec998802dfa68def1a08bc255eac8c5391f788d83ddf4f244106b59241fa72f84888
ssdeep: 1536:TxpcLUBDwxdaQLPetC1p8bFHRa0f271SY5coN/Qdp1M6l4gs:z+LPYCv8bxHY5/OLxWgs
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1AD8302AC4A2A36F3E7444AF7319736DACE0089E39C77B750AB226556E1E359CDA41301
sha3_384: b3702e425702587407a9c297732b7d3ef52932349250ad87c91feab22ee90179c0c7f9831bd1ce06bcd14a770d401c97
ep_bytes: 600f8314000000dcea8d2dcef63430dc
timestamp: 2000-07-22 02:16:20

Version Info:

0: [No Data]

Backdoor:Win32/Ppdoor.AV also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGenPack:Generic.PPDoor.1.30B6D0D9
FireEyeGeneric.mg.fd6834114a196fd8
CAT-QuickHealBackdoor.Ppdoor.gen
SkyhighBehavesLike.Win32.PWSZbot.mc
McAfeeBackDoor-CHC.b
Cylanceunsafe
ZillyaVirus.Bayan.Win32.1
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 000022ce1 )
AlibabaBackdoor:Win32/Bayan-based.614a208d
K7GWTrojan ( 000022ce1 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0CCS24
KasperskyVirus.Win32.Bayan-based
BitDefenderGenPack:Generic.PPDoor.1.30B6D0D9
NANO-AntivirusTrojan.Win32.Bayan.fpxp
AvastWin32:Trojan-gen
EmsisoftGenPack:Generic.PPDoor.1.30B6D0D9 (B)
GoogleDetected
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebBackDoor.Srvlite.152
VIPREGenPack:Generic.PPDoor.1.30B6D0D9
TrendMicroTROJ_GEN.R002C0CCS24
Trapminemalicious.high.ml.score
CMCGeneric.Win32.fd6834114a!MD
SophosMal/EncPk-ABFO
IkarusBackdoor.Win32.PPdoor
WebrootW32.Downloader.Gen
AviraTR/Crypt.XPACK.Gen
Antiy-AVLVirus/Win32.Bayan-based
Kingsoftmalware.kb.a.999
MicrosoftBackdoor:Win32/Ppdoor.AV
XcitiumMalware@#2jcpj4nbqx4kv
ArcabitGenPack:Generic.PPDoor.1.30B6D0D9
ZoneAlarmVirus.Win32.Bayan-based
GDataGenPack:Generic.PPDoor.1.30B6D0D9
CynetMalicious (score: 100)
VBA32BackDoor.Srvlite
ALYacGenPack:Generic.PPDoor.1.30B6D0D9
MAXmalware (ai score=100)
RisingBackdoor.Ppdoor!8.2D9A (TFE:1:eRFVygUYecD)
YandexTrojan.PPdoor!Cmy4nWs7kYg
MaxSecureVirus.Bayan.Based
FortinetW32/XPack.FSK!tr
BitDefenderThetaAI:Packer.C0F973E01E
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Bayan-based

How to remove Backdoor:Win32/Ppdoor.AV?

Backdoor:Win32/Ppdoor.AV removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment