Backdoor

Backdoor:Win32/Lanfiltrator.P removal instruction

Malware Removal

The Backdoor:Win32/Lanfiltrator.P is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor:Win32/Lanfiltrator.P virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Backdoor:Win32/Lanfiltrator.P?


File Info:

name: E7D533C276C664FD92E6.mlw
path: /opt/CAPEv2/storage/binaries/51a8a211e5662e8fd4029b89d44720100f2bbb5deab3c2e62ff917249afec412
crc32: 7A643550
md5: e7d533c276c664fd92e6c5d0a00badd8
sha1: 14eae18a40dbfdd8961d2ce005d59d7f097f88c6
sha256: 51a8a211e5662e8fd4029b89d44720100f2bbb5deab3c2e62ff917249afec412
sha512: f7e176a923c2d01520d9f887266922fd1da93c7538887c224ad865638cb6c8d451a349899c82a681c7ed47f0ddc206f56e84e4140c206c176225bda0c9e4938e
ssdeep: 12288:sKwZ75AdVxALIrEDpWxtvUmUSVeS0uPwXOZuoVrCWQLfLQx:s3+VKXPmU7S0owXOZ52WQjQx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T181D47E66BE819937C8F21A385C97A3F49827BE101D3825437BE71F0C8E397657F19286
sha3_384: d8c4aa9f5a8711eae49bf1ddb04f9a412f1b38c364dee559ceda8d22fb952357f2bbcd066bdbf6e6696214e69d94c154
ep_bytes: 558bec83c4f4b818324800e8e832f8ff
timestamp: 1992-06-19 22:22:17

Version Info:

CompanyName: Microsoft Corporation
FileDescription: Generic Host Process for Win32 Services
FileVersion: 5.0.2134.1
InternalName: svchost.exe
LegalCopyright: Copyright (C) Microsoft Corp. 1981-1999
LegalTrademarks:
OriginalFilename: svchost.exe
ProductName: Microsoft(R) Windows (R) 2000 Operating System
ProductVersion: 5.00.2134.1
Translation: 0x0409 0x04e4

Backdoor:Win32/Lanfiltrator.P also known as:

LionicTrojan.Win32.LanFiltrator.m!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.AV-Killer.LG0@aGVQgqbi
CMCGeneric.Win32.e7d533c276!MD
SkyhighBehavesLike.Win32.Dropper.hh
McAfeeBackDoor-ANC
MalwarebytesLanFiltrator.Backdoor.RAT.DDS
ZillyaBackdoor.LanFiltrator.Win32.53
SangforTrojan.Win32.Save.a
AlibabaTrojan:Win32/AntiAV.c78cefde
K7GWTrojan ( 000020d71 )
K7AntiVirusTrojan ( 000020d71 )
ArcabitTrojan.AV-Killer.EDC60C
VirITBackdoor.Lanfiltrator.11.A
SymantecBackdoor.Lanfilt.B
ESET-NOD32Win32/LanFiltrator.11
TrendMicro-HouseCallBKDR_LANFILTRA.I
Paloaltogeneric.ml
ClamAVWin.Trojan.Killav-81
KasperskyHEUR:Trojan-Spy.Win32.KeyLogger.gen
BitDefenderGen:Trojan.AV-Killer.LG0@aGVQgqbi
NANO-AntivirusTrojan.Win32.LanFiltrator.dizs
AvastWin32:KillAV-XB [Trj]
TencentMalware.Win32.Gencirc.13b0f867
EmsisoftGen:Trojan.AV-Killer.LG0@aGVQgqbi (B)
GoogleDetected
F-SecureBackdoor.BDS/LANFilt.11.Srv
DrWebBackDoor.Lanfilt.10
VIPREGen:Trojan.AV-Killer.LG0@aGVQgqbi
TrendMicroBKDR_LANFILTRA.I
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.e7d533c276c664fd
SophosTroj/Bnksa-Fam
SentinelOneStatic AI – Suspicious PE
JiangminBackdoor/LANFiltrator.11
WebrootW32.Backdoor.Gen
VaristW32/Hupigon.E.gen!Eldorado
AviraBDS/LANFilt.11.Srv
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/Win32.LanFiltrator
KingsoftWin32.Troj.Unknown.a
XcitiumBackdoor.Win32.LanFiltrator.11@45×0
MicrosoftBackdoor:Win32/Lanfiltrator.P
ZoneAlarmHEUR:Trojan-Spy.Win32.KeyLogger.gen
GDataGen:Trojan.AV-Killer.LG0@aGVQgqbi
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Lanfiltrator.R159077
VBA32TScope.Trojan.Delf
ALYacGen:Trojan.AV-Killer.LG0@aGVQgqbi
Cylanceunsafe
PandaBck/LanFiltrator
RisingTrojan.KillAV!1.66BF (CLASSIC)
YandexTrojan.GenAsa!SEwAcTixW00
IkarusBackdoor.Win32.LanFiltrator
MaxSecureTrojan.Malware.1178958.susgen
FortinetW32/Bdoor.ANC!tr.bdr
BitDefenderThetaAI:Packer.DD8A33111D
AVGWin32:KillAV-XB [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/LanFiltrator

How to remove Backdoor:Win32/Lanfiltrator.P?

Backdoor:Win32/Lanfiltrator.P removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment