Trojan

Trojan-Dropper.Win32.Dropback.lp removal instruction

Malware Removal

The Trojan-Dropper.Win32.Dropback.lp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan-Dropper.Win32.Dropback.lp virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Trojan-Dropper.Win32.Dropback.lp?


File Info:

crc32: 06C49413
md5: 8e437da3d9b48bf6e54b8182b1842a1d
name: winlog.exe
sha1: b56ff711b575d77a19f7b6b2eb132133ca6a1eb4
sha256: 3c630ef685a02e611037b6ae52a89d10355620ca159dd3fa136ca294ef2e7f7a
sha512: 8abeefa519086efc717ee13e7741ae704d57849ff5826714d1fb34c99cede200b857863027a3355970b40a386836e7d2894c7f3402aa24be6dc5f26862c2d9df
ssdeep: 24576:uziOpl4G7ZFryG/TCIeKIQPV7aNDUsYEelQ:uGpG7ZFD76DU2elQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: (C) 2007-2015
InternalName: Worker Acyclic
FileVersion: 7.4.2.789
CompanyName: PGWARE LLC
PrivateBuild: 7.4.2.789
LegalTrademarks: (C) 2007-2015
ProductName: Worker Acyclic
Languages: English
ProductVersion: 7.4.2.789
FileDescription: Typographic Prayer
OriginalFilename: Worker Acyclic.exe
Translation: 0x0409 0x04b0

Trojan-Dropper.Win32.Dropback.lp also known as:

MicroWorld-eScanTrojan.GenericKD.33567613
McAfeeArtemis!8E437DA3D9B4
AegisLabTrojan.Multi.Generic.4!c
SangforMalware
K7AntiVirusTrojan ( 005636d41 )
BitDefenderTrojan.GenericKD.33567613
K7GWTrojan ( 005636d41 )
ArcabitTrojan.Generic.D200337D
BitDefenderThetaGen:NN.ZexaF.34104.fr0@aGtlBUli
CyrenW32/Trojan.WOVN-7438
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HCGU
TrendMicro-HouseCallTROJ_GEN.R049H0CCR20
AvastWin32:Trojan-gen
KasperskyTrojan-Dropper.Win32.Dropback.lp
AlibabaTrojanDropper:Win32/Dropback.b98b17a7
TencentWin32.Trojan-dropper.Dropback.Eckh
Ad-AwareTrojan.GenericKD.33567613
F-SecureTrojan.TR/Crypt.Agent.rdrby
DrWebTrojan.PWS.Stealer.23680
McAfee-GW-EditionBehavesLike.Win32.Worm.th
SentinelOneDFI – Suspicious PE
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.8e437da3d9b48bf6
SophosMal/Generic-S
APEXMalicious
WebrootTrojan.Dropper.Gen
AviraTR/Crypt.Agent.rdrby
FortinetW32/Kryptik.HCGU!tr
Endgamemalicious (high confidence)
MicrosoftTrojan:Win32/Occamy.C
ZoneAlarmTrojan-Dropper.Win32.Dropback.lp
ALYacSpyware.Ursnif
MalwarebytesTrojan.Dropper
PandaTrj/CI.A
RisingDropper.Dropback!8.11750 (CLOUD)
IkarusTrojan-Banker.UrSnif
GDataTrojan.GenericKD.33567613
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_80% (W)
Qihoo-360Trojan.Generic

How to remove Trojan-Dropper.Win32.Dropback.lp?

Trojan-Dropper.Win32.Dropback.lp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment