Virus.Win32.Nimnul.a

By GoldSparrow in Trojans

Virus.Win32.Nimnul.a is a dangerous trojan infection which creates a start-up registry entry to run automatically every time you start your computer. Virus.Win32.Nimnul.a changes Internet settings and redirects your web browser to unwanted websites. Virus.Win32.Nimnul.a may change your desktop background and adds strange web shortcuts to the desktop, which usually leads to advertisement web pages or adult websites. Virus.Win32.Nimnul.a is able to modify other files by infecting, pretending, or overwriting them with its own body. Virus.Win32.Nimnul.a is able to install spy or keylogger programs which are used to steal private information, such as credit card details, login number, password, etc. Virus.Win32.Nimnul.a is also used by rogue anti-spyware applications to download themselves to affected computers.

File System Details

Virus.Win32.Nimnul.a may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%ProgramFiles%\Microsoft\DesktopLayer.exe
Name: %ProgramFiles%\Microsoft\DesktopLayer.exe Type: Executable File
2.	%ProgramFiles%\Internet Explorer\dmlconf.dat
Name: %ProgramFiles%\Internet Explorer\dmlconf.dat Type: Data file
3.	%Windir%\Temp\8.tmp
Name: %Windir%\Temp\8.tmp Type: Temporary File
4.	%Temp%\7.tmp
Name: %Temp%\7.tmp Type: Temporary File
5.	%ProgramFiles%\Internet Explorer\complete.dat
Name: %ProgramFiles%\Internet Explorer\complete.dat Type: Data file

Registry Details

Virus.Win32.Nimnul.a may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\image/x-macpaint

Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_D61AD500\0000

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] CurrentLevel = 1601 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]Userinit =

HKEY_LOCAL_MACHINE\SOFTWARE\Apple Computer, Inc.\QuickTime\QuickTimeUpdateInProgress

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\video/quicktime

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\international

QuickTime Task = ""[file and pathname of the sample #1]" -atboottime"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Virus.Win32.Nimnul.a

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen