Trojan:Win32/Antavmu!pz removal instruction

The Trojan:Win32/Antavmu!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Antavmu!pz virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:Win32/Antavmu!pz?


File Info:
name: FE91FB336227232D685E.mlw
path: /opt/CAPEv2/storage/binaries/2fd56c188b8af767aebad6a672bc9090d7f0b68fb5e29614317ef8b998355aa7
crc32: 1AB72C53
md5: fe91fb336227232d685eb8c7b1bf475c
sha1: da22804bbff397e8c833a98a4a6e57926fee8f80
sha256: 2fd56c188b8af767aebad6a672bc9090d7f0b68fb5e29614317ef8b998355aa7
sha512: 8459441bb1997f5bd57107743e444db39f626234c2c2f244b6a5dc6d3a0ee1f6329d5a9f4cf3366f90e7f230fb82ef664e4cb0318e8b55b8b4a8fadb70db9da2
ssdeep: 1536:zvtAfslC6Q4cOeGVOQA8AkqUhMb2nuy5wgIP0CSJ+5yH2yG1GVoRx5:zvtAkhQlxTGdqU7uy5w9WMyHu5
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T12CB3BF51B8F0D430F48585B6897D7D73EE3FBE600B47A5A7E3D0A5958FF1060A90A22B
sha3_384: 364a65b5f42dca67302f566bb90e4eee3b65a1c07a963b6145974b5f078daa051d9428e376692034560ec51e835322d4
ep_bytes: 00000000000000000000000000000000
timestamp: 2011-02-04 23:50:58

Version Info:
0: [No Data]

Trojan:Win32/Antavmu!pz also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.KillFiles.tpMC
Elastic	malicious (high confidence)
ClamAV	Win.Malware.Antavmu-9791257-0
FireEye	Generic.mg.fe91fb336227232d
Skyhigh	BehavesLike.Win32.Generic.cm
Cylance	unsafe
Alibaba	Trojan:Win32/Antavmu.01ce3fc1
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Cynet	Malicious (score: 100)
Avast	Win32:TrojanX-gen [Trj]
TACHYON	Trojan/W32.Agent.110592.DOS
Sophos	ML/PE-A
Trapmine	malicious.moderate.ml.score
SentinelOne	Static AI – Suspicious PE
Google	Detected
Antiy-AVL	Trojan/Win32.Antavmu
Kingsoft	malware.kb.a.896
Xcitium	TrojWare.Win32.KillFiles.NEH@4qfvz0
Microsoft	Trojan:Win32/Antavmu!pz
GData	Win32.Trojan.Agent.9I0NWB
Varist	W32/Antavmu.I.gen!Eldorado
McAfee	Artemis!FE91FB336227
Malwarebytes	Generic.Malware.AI.DDS
TrendMicro-HouseCall	TROJ_GEN.R03BH01AK24
Rising	Trojan.KillFiles!1.F348 (CLASSIC)
Ikarus	Trojan.Win32.Antavmu
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Poison.BP!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Trojan:Win32/Antavmu!pz?

Trojan:Win32/Antavmu!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X