Trojan:Win32/Antavmu!pz removal instruction

The Trojan:Win32/Antavmu!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Antavmu!pz virus can do?

Uses Windows utilities for basic functionality
Reads data out of its own binary image
Drops a binary and executes it
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Antavmu!pz?


File Info:
name: 0AB953EE146EDE01D4E3.mlw
path: /opt/CAPEv2/storage/binaries/20874f83d97023320fd0aef4610d5926873ea8e0863e9a44aff8ed40f18e5266
crc32: D7C100DA
md5: 0ab953ee146ede01d4e36162aed8ba1e
sha1: d7499904f39502d79dd5487cf3ba02db87f1d3db
sha256: 20874f83d97023320fd0aef4610d5926873ea8e0863e9a44aff8ed40f18e5266
sha512: 218e2218736aa23560fcc07f26c268811c68958419d32f61601826822b8e2d4ec43be6473fa78744407b765fe938d92207ee3346237368ecebae0254d7109af0
ssdeep: 1536:zvdtbD/STEiCoOQA8AkqUhMb2nuy5wgIP0CSJ+5yYB8GMGlZ5G:zvdtPS7CtGdqU7uy5w9WMyYN5G
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15283BF52B9F0D430F04585B6897D7D73FE3EAA600B47A26793D0A5648EF11609E0F36B
sha3_384: 018ddfac5359d8a73b7e35f5dda34c22447574ee1ca357a7afa20db80fbc2cf761f0eac5b64d968301f423ac44b50646
ep_bytes: eb1066623a432b2b484f4f4b90e92811
timestamp: 2011-02-04 23:50:58

Version Info:
0: [No Data]

Trojan:Win32/Antavmu!pz also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Trojan.FileInfector.eGW@aiJEZzn
FireEye	Generic.mg.0ab953ee146ede01
CAT-QuickHeal	Trojan.AntavmuPMF.S19778283
Skyhigh	BehavesLike.Win32.Dropper.lh
ALYac	Gen:Trojan.FileInfector.eGW@aiJEZzn
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Gen:Trojan.FileInfector.eGW@aiJEZzn
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 001f4e2b1 )
K7GW	Trojan ( 001f4e2b1 )
Cybereason	malicious.4f3950
VirIT	Trojan.Win32.Generic.AFFA
Symantec	Trojan.Dropper
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/KillFiles.NEH
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Antavmu-9791257-0
Kaspersky	Trojan.Win32.KillFiles.dobe
BitDefender	Gen:Trojan.FileInfector.eGW@aiJEZzn
NANO-Antivirus	Trojan.Win32.MlwGen.dglvxb
SUPERAntiSpyware	Trojan.Agent/Gen-Injector
Avast	Win32:TrojanX-gen [Trj]
Tencent	Trojan.Win32.Killfiles.wa
Sophos	Mal/Antavmu-A
F-Secure	Trojan.TR/Crypt.ZPACK.Gen7
DrWeb	Trojan.MulDrop6.10374
Zillya	Trojan.KillFiles.Win32.30327
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Trojan.FileInfector.eGW@aiJEZzn (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanDownloader.NSIS.ff
Webroot	W32.Infector
Varist	W32/Antavmu.C.gen!Eldorado
Avira	TR/Crypt.ZPACK.Gen7
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Win32.Antavmu
Kingsoft	malware.kb.a.997
Microsoft	Trojan:Win32/Antavmu!pz
Xcitium	TrojWare.Win32.KillFiles.NEH@4qfvz0
Arcabit	Trojan.FileInfector.ECA2F2
ZoneAlarm	Trojan.Win32.KillFiles.dobe
GData	Gen:Trojan.FileInfector.eGW@aiJEZzn
Google	Detected
AhnLab-V3	Trojan/Win32.Antavmu.R25058
Acronis	suspicious
McAfee	GenericRXHL-ZT!0AB953EE146E
TACHYON	Trojan/W32.Agent.81408.AAO
VBA32	BScope.Trojan.Downloader
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Trojan.Win32.Antavmu.d (CLASSIC)
Yandex	Trojan.GenAsa!mLg/yf6hjK0
Ikarus	Trojan.Win32.Antavmu
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Antavmu.JWS!tr
BitDefenderTheta	AI:Packer.ED5D5D581E
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Antavmu!pz?

Trojan:Win32/Antavmu!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X