Troj/Natas-A

    Category: Viruses and Spyware
    Type: Trojan
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Troj/Natas-A will attempt to repeatedly logon to a predefined server.

    The dropper of Troj/Natas-A drops the Trojan into %windows%\plugin\csrss.exe

    and sets the following registry entry:

    HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\[random clsid]\
    Stubpath = %windows%\plugin\csrss.exe

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection