Worm

Worm:Win32/Nsane.A removal instruction

Malware Removal

The Worm:Win32/Nsane.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm:Win32/Nsane.A virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Network activity detected but not expressed in API logs
  • Attempts to identify installed AV products by registry key

How to determine Worm:Win32/Nsane.A?



File Info:

crc32: F1FE3D20
md5: 1a5e36204f702a11a73a2f4fcb32b319
name: nod_fix.exe
sha1: 9bc68f23a1a255c6c8090e3a4b76a1962c7c81bd
sha256: b74d1b4fb337f735ced23bc226bbff623ce363518b77e25f2a29c30a1a7c9007
sha512: edb3580cb7c8e90939213a6fda65f486042df4093534b98f4d9a60760aa88aff6ce5d705e0422a27e1d7869d5735618786ce7a91f322bc46010f8c01fdd896ec
ssdeep: 6144:WMapniPeRbz1qnbu9pAj/c4evYW/Ey2b9iws42538Dq:BapniPeRb5qapAj/YvH/Edu
type: PE32 executable (GUI) Intel 80386, for MS Windows, InnoSetup self-extracting archive


Version Info:

InternalName: 
FileVersion: NOD32 FiX v1.9      
CompanyName: nsane productions                                           
Comments: This installation was built with Inno Setup: http://www.innosetup.com
ProductName: 
ProductVersion: 
FileDescription: Makes your NOD32 trial last forever.                        
OriginalFilename: 
Translation: 0x0409 0x04e4

Worm:Win32/Nsane.A also known as:

DrWebWin32.HLLW.Autoruner1.33608
CAT-QuickHealWorm.Nsane
MalwarebytesCrackTool.Agent
VIPRETrojan.1
K7AntiVirusRiskware ( 004c6b181 )
K7GWRiskware ( 004c6b181 )
TrendMicroCrackingApps_NSane
SymantecSecurityRisk.gen1
GDataWin32.Trojan.Agent.A5TSN0
AlibabaWorm:Win32/Nsane.e3372cb0
SophosNodFix (PUA)
ComodoApplicUnsaf@#2jxs6wo26vgyo
McAfee-GW-EditionW32/Nsane!p2p
MAXmalware (ai score=100)
Endgamemalicious (high confidence)
MicrosoftWorm:Win32/Nsane.A
McAfeeW32/Nsane!p2p
CylanceUnsafe
ESET-NOD32Win32/RiskWare.HackAV.AI
TrendMicro-HouseCallCrackingApps_NSane
YandexWorm.Nsane!twE84Fz5cbE
FortinetW32/Nsane!worm.p2p
WebrootW32.Trojan.Worm.Gen.X

How to remove Worm:Win32/Nsane.A?

Worm:Win32/Nsane.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment