high
Summary
Summary
Action- More Information
| Detected by | All Sophos products |
|---|---|
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/NSUpdate-A is a COM DLL downloader which can be used to download and install/run new software.
Troj/NSUpdate-A is typically used to download and run premium rate dialler applications for accessing sites containing adult material. Dialler applications are typically installed to a new sub-folder of the Program Files folder named dialers\.
When Troj/NSUpdate-A is first installed it is registered as a COM object, creating registry entries under:
HKCR\CLSID\(A0F0D762-D1DE-43af-B70E-D87864743EB3)
HKCR\Interface\(1A57C835-1699-4017-8602-1D29717D953C)
HKCR\Interface\(6DDF4D89-1F0F-4EA3-931F-CAA996061547)
HKCR\TypeLib\(09E3040C-6B25-4EA0-A4FE-E3741A66E794)
HKCR\NSLiteUpdate.NSLiteUpdateCtrl.1
HKCR\NSLiteUpdate.NSLiteUpdateCtrl
Troj/NSUpdate-A may be installed on the computer by browsing certain domains with an ActiveX enabled browser. The following URLs have been linked to Troj/NSUpdate-A: mtreexxx.nl, xbs.mtreexxx.nl, xbs.paomtree.com and xbs.mtree.com.
Other software components related to Troj/NSUpdate-A may install files with the following names:
actalert.exe
blss.exe
cln4380.tmp
installer.exe
iopti130.dll
istbar.dll
muldist.inf
muldist.ocx
nem207.dll
nem214.dll
opti130.dll
opti130.dll
optimiser.msg
optimize.exe
safesurfing.dll
safesurfing.exe
ssuninstall.exe
ssupdate.exe
ssurf022.dll
stmtdlr.exe
unidist.inf
unidist.ocx
view_sex_now.exe
|
