Trojan

NSIS/TrojanDownloader.Agent.NBS.Gen removal guide

Malware Removal

The NSIS/TrojanDownloader.Agent.NBS.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NSIS/TrojanDownloader.Agent.NBS.Gen virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Attempts to masquerade or mimic a legitimate process or file name

How to determine NSIS/TrojanDownloader.Agent.NBS.Gen?



File Info:

name: 5736B8F6C07ED39F78CE.mlw
path: /opt/CAPEv2/storage/binaries/142d8d6112e89e0b5015c62f69f18189d0d86e13652da11032a7773f92282a1d
crc32: 037B99DA
md5: 5736b8f6c07ed39f78ce3dca8a9ac8bc
sha1: bf3ab61eb009cbc3b280dfe172790da7b929e535
sha256: 142d8d6112e89e0b5015c62f69f18189d0d86e13652da11032a7773f92282a1d
sha512: 1722a3938a876725ade9563a01b01e0d13b656f78008ba1f5b8fa86c9e504c7fff41707efc86aee5c2893b1d4b08863d57d217a77f12c43b412daf319b3645db
ssdeep: 6144:ON3W7Y7DayxZ+TsWE5ZeDy1eKmx4VksyPoCrz2a2pR98sgzXDyVQ4EYc0PnW:8AY7NLeDAeyNy3VyRKsgD6Q4BO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D8B41263B65AC457CE8A12B58C97EBB6E339AE005D254F6B37193F3F2B32241D506344
sha3_384: fa559cfa50b0a57eedbe16ca2e5dbcff20c7e83c2dcfbe8d474fe8f842707d8360a6cf4b2e7a20f6d311b848128d7da0
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-02-21 19:46:17


Version Info:

Comments: 13456
CompanyName: The 63063 Company
FileDescription: Installer
FileVersion: 6.2.5.1
LegalCopyright: Copyright (C)  2000-2009 The 63063 Company.
LegalTrademarks: 
ProductName: b 11484412
ProductVersion: 
Translation: 0x0409 0x0000

NSIS/TrojanDownloader.Agent.NBS.Gen also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.Y!c
MicroWorld-eScanDropped:Trojan.GenericKD.1749260
FireEyeDropped:Trojan.GenericKD.1749260
CAT-QuickHealTrojanDownloader.Troxen
SkyhighGenDownloader.x!cti
McAfeeArtemis!5736B8F6C07E
MalwarebytesGeneric.Trojan.Downloader.DDS
SangforDownloader.NSIS.Agent.Vgel
K7AntiVirusTrojan-Downloader ( 0011e62d1 )
AlibabaTrojanDownloader:Win32/Generic.792c5ec7
K7GWTrojan-Downloader ( 0011e62d1 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.Startpage.MHY
SymantecTrojan.Gen.6
Elasticmalicious (high confidence)
ESET-NOD32NSIS/TrojanDownloader.Agent.NBS.Gen
APEXMalicious
TrendMicro-HouseCallTROJ_SPNR.0BBD13
ClamAVWin.Downloader.Nistio-9823899-0
KasperskyTrojan-Downloader.NSIS.Agent.cu
BitDefenderDropped:Trojan.GenericKD.1749260
NANO-AntivirusTrojan.Win32.Agent.bjqen
AvastNSIS:Downloader-AK [Drp]
TACHYONTrojan-Downloader/W32.Agent.538826
EmsisoftDropped:Trojan.GenericKD.1749260 (B)
F-SecureHeuristic.HEUR/AGEN.1338472
DrWebTrojan.Siggen2.43744
VIPREDropped:Trojan.GenericKD.1749260
TrendMicroTROJ_SPNR.0BBD13
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
IkarusTrojan-Downloader.NSIS.Agent
JiangminTrojanDownloader.NSIS.y
ALYacDropped:Trojan.GenericKD.1749260
WebrootW32.Downloader.Troxen
VaristW32/Risk.XIXF-1806
AviraDR/Dldr.NSIS.Agent.CU.7
Antiy-AVLTrojan[Downloader]/Win32.AdLoad.gen
KingsoftWin32.Troj.Undef.a
MicrosoftTrojan:Win32/Rimod!rfn
XcitiumMalware@#cqv16dfxu16i
ArcabitTrojan.Generic.D1AB10C
ZoneAlarmTrojan-Downloader.NSIS.Agent.cu
GDataDropped:Trojan.GenericKD.1749260
CynetMalicious (score: 100)
VBA32TrojanDownloader.Agent
GoogleDetected
MAXmalware (ai score=100)
Cylanceunsafe
PandaTrj/CI.A
TencentNsis.Trojan-Downloader.Ader.Kjgl
SentinelOneStatic AI – Suspicious PE
FortinetMalware_fam.B
AVGNSIS:Downloader-AK [Drp]
Cybereasonmalicious.6c07ed
DeepInstinctMALICIOUS
alibabacloudTrojan[downloader]:Win/Agent.NBS

How to remove NSIS/TrojanDownloader.Agent.NBS.Gen?

NSIS/TrojanDownloader.Agent.NBS.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment