Should I remove “Trojan:Win32/Antavmu!pz”?

The Trojan:Win32/Antavmu!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Antavmu!pz virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Antavmu!pz?


File Info:
name: E95FD023BF8FCF4BEF63.mlw
path: /opt/CAPEv2/storage/binaries/5141bd7072c8e70b260e781cd9beb470223f2ffa67b416394e26d6e79a0c62df
crc32: 1D271834
md5: e95fd023bf8fcf4bef635eb443d2c608
sha1: a7a8c9ae1a47482430c1d871f814235db09d719f
sha256: 5141bd7072c8e70b260e781cd9beb470223f2ffa67b416394e26d6e79a0c62df
sha512: cad2e6e92b2e626230c5f7e964471a23bbf422a7fa59d504d343e3c751a2c197b74e45f30cd49132b9263b7d13720e6bf9b6c3c59b2ec4174383da69a20acc38
ssdeep: 1536:zvec2PUdwS/2YOQA8AkqUhMb2nuy5wgIP0CSJ+5ytoyG1G/GRx5:zveXPUur9GdqU7uy5w9WMyt85
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T193B3AF51B5F0D430F48484B6893DBE73EE3EBA640B576167E3C4A565CEF11A0A90B21B
sha3_384: 25546ba291eca769eeda98ba6f04998ec8b57bc84a4cce882abfd85a7f25f9269207552032a46185492c2068d727ca5e
ep_bytes: 00000000000000000000000000000000
timestamp: 2011-02-04 23:50:58

Version Info:
0: [No Data]

Trojan:Win32/Antavmu!pz also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
Skyhigh	BehavesLike.Win32.Generic.cm
Malwarebytes	Generic.Malware.AI.DDS
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Antavmu-9791257-0
Avast	Win32:TrojanX-gen [Trj]
Sophos	ML/PE-A
Ikarus	Trojan.Win32.Antavmu
Antiy-AVL	Trojan/Win32.Antavmu
Kingsoft	malware.kb.a.890
Microsoft	Trojan:Win32/Antavmu!pz
Xcitium	TrojWare.Win32.KillFiles.NEH@4qfvz0
GData	Win32.Trojan.Agent.VQRJAX
Varist	W32/Kryptik.LIG.gen!Eldorado
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R03BH01AK24
Rising	Trojan.KillFiles!1.F348 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Poison.BP!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (D)

How to remove Trojan:Win32/Antavmu!pz?

Trojan:Win32/Antavmu!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X