W32/AutoUpdater.A
| W32/AutoUpdater.A |
Destructivity:  Spreading: Overall risk:
|
| • Detected by virus detection files published: 6/6/2002 | • Type: Backdoor |
| • Virus characteristics first published: 6/6/2002 | • Spreading mechanism: Webpage |
| • Virus characteristics latest update: 12/17/2003 | • Overall risk: None |
| • Alias: TROJ_SUA.A, Downloader-W, Backdoor.AutoUpder, Troj/DLoader-A | • Payload: |
| • Infection type: Microsoft Windows 95/98/98 SE/ME/NT 4/2000/XP/2003/Vista |
| Virus type |
Spreading mechanism |
Destructivity and payload |
Additional descriptions |
Detection and removal |
||||||||||
|
This is a tool which installs an additional toolbar to your browser. As it turns out, this software seems to be silently installed by a number of websites through known browser security holes. Once installed, the initial component will download and install other components belonging to the package. The full functionality of the tool is still somewhat unclear, but it is a fact that at least in some cases it installs completely silently without any user notification at all. There are a number of files installed by this tool: mnsvc.exe (initial download component) ausvc.exe absr.exe auupg.exe bvt.exe We have so far not been able to pinpoint any overtly malicious action conducted by this tool, but we consider the silent installation of it as worrisome. We may remove detection later if the tool changes behaviour. The scanner will detect these as belonging to the group "aggressive commercials"; a group of software encompassing among other things adware and spyware. |
||||||||||||||