Trojan

Trojan.Win32.Starter.anwi removal tips

Malware Removal

The Trojan.Win32.Starter.anwi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Starter.anwi virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • A scripting utility was executed
  • Attempts to execute a powershell command with suspicious parameter/s
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs

How to determine Trojan.Win32.Starter.anwi?



File Info:

crc32: F96FC025
md5: 91ffcb9b1fe54d69ab44071878baeedb
name: broadcaster-setup.exe
sha1: 85dc5fa20e8eb17ec2ba504cffbdf4c0f6e1246d
sha256: 122c7b3652841f0230e47abf61633e72438ef7d3a3b7a7c54295ee5affbdd695
sha512: 2d52146cd5e5d213dd130125ffa9b1cf2893fe121938e83a3810fc1860bbcdbe5eb5517a31bbf39dfabf6b3f0a7b9c2a042f172d92830459f386f3a496f5a7db
ssdeep: 12288:6TcFngzqfSoeMb01JQntLOBIy3C52mkSEFvyWUB40dv:kcVkKSoetI32mkBvyXB40dv
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 2020 FuneralVue
InternalName: broadcaster.sfx
FileVersion: 1.4.0.0
CompanyName: FuneralVue
ProductName: FuneralVue Broadcaster
ProductVersion: 1.4.0.0
FileDescription: FuneralVue Broadcaster Setup
OriginalFilename: broadcaster-setup.exe
Translation: 0x0409 0x04b0

Trojan.Win32.Starter.anwi also known as:

CylanceUnsafe
AegisLabTrojan.Win32.Starter.4!c
AlibabaTrojan:Win32/Starter.fc91b33c
SymantecML.Attribute.HighConfidence
KasperskyTrojan.Win32.Starter.anwi
SophosMal/Generic-S
MicrosoftTrojan:Win32/Zpevdo.B
ZoneAlarmTrojan.Win32.Starter.anwi
AVGFileRepMalware
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_60% (W)
Qihoo-360Win32/Trojan.3ad

How to remove Trojan.Win32.Starter.anwi?

Trojan.Win32.Starter.anwi removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment