Virus.Win32.Nimnul.a
Virus.Win32.Nimnul.a is a malicious computer trojan that is able to change system files via infecting, prepending, or overwriting them. Virus.Win32.Nimnul.a creates outbound traffic thoroughly existing network vulnerability. Virus.Win32.Nimnul.a may enable the attacker gain remote access to a compromised computer in the background. Virus.Win32.Nimnul.a connects to a remote server to allow downloading and installing malicious files without your awareness and consent. Virus.Win32.Nimnul.a can create lots of spamming to distribute throughout every corner. Virus.Win32.Nimnul.a is also created to infect Windows 32 bit executable programs and system environments.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Internet Explorer\complete.dat 2 %ProgramFiles%\Internet Explorer\dmlconf.dat 3 %ProgramFiles%\Microsoft\DesktopLayer.exe 4 %Temp%\7.tmp 5 %Windir%\Temp\8.tmp
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Apple Computer, Inc.\QuickTime\QuickTimeUpdateInProgressHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/x-macpaintHKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\video/quicktimeHKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrolHKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\international[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]Userinit =[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] CurrentLevel = 1601 =HKEY..\..\..\..{RegistryKeys}Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATIONHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_D61AD500\0000QuickTime Task = ""[file and pathname of the sample #1]" -atboottime"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.