In this article, I am going to clarify the way the AntiAV trojan injected into your computer, and the best way to clear away AntiAV trojan virus.
What is AntiAV trojan?
| Name | AntiAV |
| Infection Type | Trojan |
| Symptoms |
|
| Similar behavior | Skeeeyah, Delf, Staser, DorkBot, FormBook, Turla |
| Fix Tool |
See If Your System Has Been Affected by AntiAV trojan |
The name of this sort of malware is an allusion to a popular tale regarding Trojan Horse, that was put to work by Greeks to get in the city of Troy and win the battle. Like a fake horse that was left for trojans as a present, AntiAV trojan virus is distributed like something legit, or, at least, effective. Malicious applications are hiding inside of the AntiAV trojan virus, like Greeks within a massive wooden dummy of a horse.1Trojan viruses are one of the leading malware kinds by its injection frequency for quite a long period of time. And currently, throughout the pandemic, when malware got significantly active, trojan viruses boosted their activity, too. You can see lots of messages on diverse resources, where people are complaining concerning the AntiAV trojan virus in their computers, and asking for help with AntiAV trojan virus clearing.
Trojan AntiAV is a kind of virus that infiltrates right into your PC, and then performs different harmful features. These features depend upon a type of AntiAV trojan: it can serve as a downloader for many other malware or as a launcher for another destructive program which is downloaded along with the AntiAV trojan. Over the last two years, trojans are also dispersed via e-mail add-ons, and in the majority of situations used for phishing or ransomware infiltration.
AntiAV2 also known as
| Bkav | W32.AIDetectVM.malware2 |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Trojan.GenericKDZ.70469 |
| McAfee | Packed-GCZ!D0E03D0C0430 |
| Cylance | Unsafe |
| VIPRE | Trojan.Win32.Generic!BT |
| Sangfor | Malware |
| BitDefender | Trojan.GenericKDZ.70469 |
| K7GW | Trojan ( 0056fc4c1 ) |
| K7AntiVirus | Trojan ( 005707af1 ) |
| TrendMicro | Mal_Tofsee |
| Cyren | W32/Kryptik.CBG.gen!Eldorado |
| Symantec | ML.Attribute.HighConfidence |
| APEX | Malicious |
| Avast | Win32:MalwareX-gen [Trj] |
| ClamAV | Win.Dropper.Tofsee-9775671-0 |
| Kaspersky | HEUR:Trojan.Win32.AntiAV.gen |
| NANO-Antivirus | Trojan.Win32.AntiAV.hymkum |
| Ad-Aware | Trojan.GenericKDZ.70469 |
| Emsisoft | Trojan.GenericKDZ.70469 (B) |
| Comodo | Malware@#11j2tc04ijttl |
| F-Secure | Trojan.TR/ATRAPS.Gen2 |
| DrWeb | Trojan.Siggen10.37668 |
| Zillya | Trojan.AntiAV.Win32.13052 |
| Invincea | Mal/Generic-S |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.vm |
| FireEye | Generic.mg.d0e03d0c0430e4df |
| Sophos | Mal/Generic-S |
| Ikarus | Trojan.Win32.Glupteba |
| Jiangmin | Trojan.AntiAV.djf |
| Avira | TR/ATRAPS.Gen2 |
| MAX | malware (ai score=86) |
| Antiy-AVL | Trojan/Win32.AntiAV |
| Microsoft | Trojan:Win32/Wacatac.DD!ml |
| Arcabit | Trojan.Generic.D11345 |
| ZoneAlarm | HEUR:Trojan.Win32.AntiAV.gen |
| GData | Win32.Backdoor.Tofsee.G87YFI |
| Cynet | Malicious (score: 100) |
| AhnLab-V3 | Trojan/Win32.MalPe.R352520 |
| Acronis | suspicious |
| VBA32 | Trojan.Tiggre |
| ALYac | Trojan.GenericKDZ.70469 |
| Malwarebytes | Trojan.MalPack |
| Panda | Trj/GdSda.A |
| ESET-NOD32 | a variant of Win32/Kryptik.HGMA |
| TrendMicro-HouseCall | Mal_Tofsee |
| Rising | Trojan.Kryptik!1.CC68 (CLASSIC) |
| Yandex | Trojan.AntiAV!4RtLRgTW2ps |
| SentinelOne | DFI – Suspicious PE |
| Fortinet | W32/GenKryptik.ETIF!tr |
| AVG | Win32:MalwareX-gen [Trj] |
| Cybereason | malicious.1b4814 |
| Qihoo-360 | Win32/Trojan.Anti.11d |
Domains that associated with AntiAV:
| 0 | microsoft-com.mail.protection.outlook.com |
| 1 | 181.86.68.138.dnsbl.sorbs.net |
| 2 | 181.86.68.138.bl.spamcop.net |
| 3 | 181.86.68.138.zen.spamhaus.org |
| 4 | 181.86.68.138.sbl-xbl.spamhaus.org |
| 5 | 181.86.68.138.cbl.abuseat.org |
| 6 | msr.pool.gntl.co.uk |
| 7 | www.amazon.com |
| 8 | www.instagram.com |
| 9 | ip.pr-cy.hacklix.com |
What are the symptoms of AntiAV trojan?
- Executable code extraction;
- Injection (inter-process);
- Injection (Process Hollowing);
- Creates RWX memory;
- A process attempted to delay the analysis task.;
- Attempts to connect to a dead IP:Port (18 unique times);
- Starts servers listening on 0.0.0.0:4374;
- Reads data out of its own binary image;
- A process created a hidden window;
- Drops a binary and executes it;
- Performs some HTTP requests;
- Unconventionial language used in binary resources: Georgian;
- Uses Windows utilities for basic functionality;
- Enumerates services, possibly for anti-virtualization;
- Executed a process and injected code into it, probably while unpacking;
- Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config;
- Installs itself for autorun at Windows startup;
- A possible cryptomining command was executed;
- Attempts to interact with an Alternate Data Stream (ADS);
- Anomalous binary characteristics;
The frequent sign of the AntiAV trojan virus is a progressive appearance of various malware – adware, browser hijackers, and so on. Because of the activity of these malicious programs, your computer comes to be really lagging: malware utilizes large amounts of RAM and CPU capacities.
An additional noticeable impact of the AntiAV trojan virus visibility is unfamiliar processes showed in task manager. In some cases, these processes may try to simulate system processes, but you can understand that they are not legit by checking out the genesis of these processes. Quasi system applications and AntiAV trojan’s processes are always listed as a user’s programs, not as a system’s.
How to remove AntiAV trojan virus?
- Download and install Loaris Trojan Remover.
- Open Loaris and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Approve the reset pressing “Yes” button in the appeared window.
- Restart your computer.
To eliminate AntiAV trojan and also be sure that all extra malware, downloaded with the help of this trojan, will certainly be cleaned, too, I’d advise you to use Loaris Trojan Remover.
AntiAV trojan virus is incredibly difficult to remove manually. Its paths are really difficult to track, as well as the modifications implemented by the AntiAV trojan are hidden deeply inside of the system. So, the chance that you will make your system 100% clean of trojans is extremely low. And do not ignore malware that has been downloaded and install with the help of the AntiAV trojan virus. I think these arguments suffice to ensure that deleting the trojan virus by hand is a bad concept.
AntiAV removal guide
To spot and delete all viruses on your personal computer using Loaris Trojan Remover, it’s better to utilize Standard or Full scan. Removable scan, as well as Custom, will check only specified directories, so these types of scans cannot provide the full information.
You can spectate the detects during the scan process goes. Nonetheless, to execute any actions against spotted malicious items, you need to wait until the scan is finished, or to stop the scan.
To choose the special action for each detected viruses, choose the arrow in front of the name of detected viruses. By default, all malware will be moved to quarantine.
How to remove AntiAV Trojan?
Name: AntiAV
Description: Trojan AntiAV is a kind of virus that infiltrates into your computer, and after that performs different destructive functions. These features depend upon a type of AntiAV trojan: it can act as a downloader for many other malware or as a launcher for another destructive program which is downloaded in addition to the AntiAV trojan. During the last two years, trojans are also dispersed via e-mail attachments, and most of situations utilized for phishing or ransomware infiltration.
Operating System: Windows
Application Category: Trojan
User Review
( votes)
