PUA

NSIS:Agent-KLU [PUP] removal

Malware Removal

The NSIS:Agent-KLU [PUP] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What NSIS:Agent-KLU [PUP] virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine NSIS:Agent-KLU [PUP]?


File Info:

crc32: C907DE03
md5: 4f5845504e4286111de6088e64cce615
name: 4F5845504E4286111DE6088E64CCE615.mlw
sha1: a2589046fdda8feb42ace381ebf0c037e0598c6c
sha256: 737c61f37037010d09ed8979ba7361f62ef8454df482a8bb2b74efa5fd12ae68
sha512: 415969822c2ac91345ea37eed95539200c1c7802f79eb561719f7f373b9a6d2485dc2ff3c264ae6cc7b864f5abcc02106759f27add1a1df98423e891712237ea
ssdeep: 196608:1lZPqSbLk83ro5QeNXGZ+sbrOznU/yFWeA:FCS39b0vHwrOzn3WP
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:

FileVersion: 1.0.8654.1180
ProductVersion: 1.0.8654.1180
Translation: 0x0409 0x04e4

NSIS:Agent-KLU [PUP] also known as:

LionicRiskware.Win32.Generic.1!c
Elasticmalicious (high confidence)
DrWebAdware.Searcher.2925
CynetMalicious (score: 100)
CAT-QuickHealAdWare.NSIS.Shopro.A
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (D)
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/SpeedBit.G potentially unwanted
APEXMalicious
AvastNSIS:Agent-KLU [PUP]
Kasperskynot-a-virus:AdWare.NSIS.Agent.hb
NANO-AntivirusTrojan.Nsis.Dwn.dgyjuw
SophosGeneric ML PUA (PUA)
VIPRETrojan.Win32.Generic!BT
FireEyeGeneric.mg.4f5845504e428611
SentinelOneStatic AI – Suspicious PE
WebrootPua.Gen
AviraADWARE/Adware.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
ArcabitPUP.Adware.Shopro
GDataNSIS.Application.Crypted.C
VBA32Adware.Agent
AVGNSIS:Agent-KLU [PUP]
Paloaltogeneric.ml

How to remove NSIS:Agent-KLU [PUP]?

NSIS:Agent-KLU [PUP] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment