- Connects to the internet without permission
- Can't be uninstalled via Control Panel
JS/Nemucod.L has been classified as a Trojan downloader that could enter your computer without you even knowing it. The downloader is a dangerous infection that you should remove, provided that you have been infected with it. This infection can inject malicious codes to pave way for Trojans to arrive on your computer. This infection has been created by cyber criminals to perform various malicious activities such as stealing information, remotely controlling an infected computer, and so on. So, we recommend that you remove this infection using an anti-malware scanner.
JS/Nemucod.L is a new variant of JS/Nemucod.H, which has the same functionality. The downloader is known to be used by various cyber criminals to infect computers with Trojans, such as PWS:Win32/Fareit, Ransom:Win32/Crowti.A, and so on. But, to infect your computer, the Trojan downloader must connect to a remote host called davis.ru using port 80. When connected, the malware can do any of the following: Check for an Internet connection, download and run files, report a new infection to its author, receive configuration or other data, receive instructions from a hacker, search for your PC location, upload information taken from your PC, validate a digital certificate.
To find out if you are infected with JS/Nemucod.L check your computer for files at %TEMP%\1246549.exe, %TEMP%\2865241.exe, or files having similar suspicious designations. If you remove these files manually, the problem will not be solved, because by that time it will have had downloaded dangerous Trojans to other locations. So, as mentioned, you should get an anti-malware to remove it.
The infection is known to be distributed via spam mail attachments. The attachment is usually a Microsoft word or excel file that contains an exploit which is triggered upon opening the attachment. After infection, JS/Nemucod.L will hide itself in temp folders to avoid being detected and will also try to disable antimalware applications that could remove it. the infection will inject codes to your computers registry in order to run in the background as soon as you boot up your computer. The infection can perform a lot of malicious activities, such as randomly deleting and creating files.
As you can see, this infection poses a severe security threat. Cyber criminals can infect your computer with JS/Nemucod.L using spam mail. It will then download Trojans that will compromise the security of your personal files. Cyber criminals can use Trojans to take over control of your computer and steal information. Therefore, we recommend you to get an anti-malware scanner such as SpyHunter to remove this Trojan downloader and the Trojans accompanying it.