Win32/Nsag is a family of data-stealing trojans. A Win32/Nsag trojan is created when certain malicious software injects code into wininet.dll, a Windows system file. When a user tries to send data to a website, code in Win32/Nsag may cause code in other malicious software on the computer to capture the user data and send it to an attacker.
Use the following free Microsoft software to detect and remove this threat:
Win32/Nsag is created when certain code is injected into wininet.dll, which is a Windows system file. The wininet.dll file exports the Windows API function HttpSendRequestA, which is used in sending user data to Web sites. When a program tries to call HttpSendRequestA to send user data to a Web site, code in Win32/Nsag redirects the call to another malicious dynamic-link library (DLL) that Win32/Nsag loads.