Trojan:Win32/Antavmu!pz removal tips

The Trojan:Win32/Antavmu!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Antavmu!pz virus can do?

Uses Windows utilities for basic functionality
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Antavmu!pz?


File Info:
name: 479A18A9FC348E6B8195.mlw
path: /opt/CAPEv2/storage/binaries/ca9b48f56417b02c2d36fba8a4bc0d3a6e7428c7ae7f8cc3160e3c2d3cdaad55
crc32: E8A3B049
md5: 479a18a9fc348e6b8195604db3386f24
sha1: 9cadb169e52e3465c7da7a69fba0439b410854e6
sha256: ca9b48f56417b02c2d36fba8a4bc0d3a6e7428c7ae7f8cc3160e3c2d3cdaad55
sha512: 8dea4dca62c9d2f6a1270a55cc22a9ffc07b5792792e2bffd3bb114e38e7e80c75f55abe26c035653f3f2dfafdf3bf9b4d23590c2d7f143a2d37b5e21be41853
ssdeep: 1536:hb0N76ILyK5QPqfhVWbdsmA+RjPFLC+e5h70ZGUGf2g:hwJ4NPqfcxA+HFsh7Og
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C4739F61B9D0C030F08485B2593D6A73FE3EAD640A5793F79B94F5B4CEE41D0A60B26B
sha3_384: 08cb2ab0aac7813a74481362b86318f54512ba269960991a58c8ef3942992f85a08e31e9afe668cc6b286533dc68df7f
ep_bytes: a11bf14000c1e002a31ff14000526a00
timestamp: 2011-01-11 01:44:56

Version Info:
0: [No Data]

Trojan:Win32/Antavmu!pz also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen8.42052
MicroWorld-eScan	Gen:Trojan.FileInfector.eGW@aKDb32o
CAT-QuickHeal	Trojan.AntavmuPMF.S31541431
Skyhigh	BehavesLike.Win32.Dropper.lh
McAfee	PWS-OnlineGames.kz
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Trojan.KillFiles.Win32.33221
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 001f4e2b1 )
K7GW	Trojan ( 001f4e2b1 )
Cybereason	malicious.9e52e3
Arcabit	Trojan.FileInfector.EC4F1B
BitDefenderTheta	AI:Packer.2D4DD5B71E
VirIT	Trojan.Win32.Generic.ABFQ
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/KillFiles.NEH
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Poison-10016370-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Trojan.FileInfector.eGW@aKDb32o
NANO-Antivirus	Trojan.Win32.Antavmu.dhwgp
Avast	Win32:TrojanX-gen [Trj]
Tencent	Trojan.Win32.Agent.mgr
Emsisoft	Gen:Trojan.FileInfector.eGW@aKDb32o (B)
F-Secure	Trojan.TR/Antavmu.doena
VIPRE	Gen:Trojan.FileInfector.eGW@aKDb32o
Sophos	Mal/Antavmu-A
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Generic.hrpwg
Varist	W32/Antavmu.D.gen!Eldorado
Avira	TR/Antavmu.doena
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Win32.Antavmu
Kingsoft	malware.kb.a.994
Xcitium	TrojWare.Win32.KillFiles.NEH@4qfvz0
Microsoft	Trojan:Win32/Antavmu!pz
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Trojan.FileInfector.eGW@aKDb32o
Google	Detected
AhnLab-V3	Trojan/Win32.Antavmu.R25058
VBA32	BScope.Trojan.Downloader
TACHYON	Trojan/W32.Antavmu.74752.E
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Trojan.Win32.Antavmu.b (CLASSIC)
Yandex	Trojan.GenAsa!mLg/yf6hjK0
Ikarus	Trojan.Antavmu
MaxSecure	Trojan.Malware.3411146.susgen
Fortinet	W32/KillFiles.NEH!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Antavmu!pz?

Trojan:Win32/Antavmu!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X