Posted: September 5, 2012

Win32:Necurs-E Description

Win32:Necurs-E is a rootkit that's designed to attack 32-bit Windows systems, although many rootkits similar to Win32:Necurs-E also include compatibility with 64-bit OSes. Win32:Necurs-E infections tend to use multiple PC threats to protect each other from deletion, and your anti-malware program may be able to detect but unable to delete Win32:Necurs-E initially. However, since rootkits like Win32:Necurs-E compromise critical system files habitually, malware researchers don't recommend deleting Win32:Necurs-E's files yourself. If your anti-malware scanner of choice experiences problems with removing Win32:Necurs-E, you should attempt a reboot in Safe Mode or a USB-based system boot, either of which can be used to assist with the removal of high-level threats like Win32:Necurs-E.

Win32:Necurs-E – Still Going Strong After a Year in the Wild

Win32:Necurs-E was widely-identified in mid-2011, although circumstantial evidence causes malware researchers to suspect that Win32:Necurs-E is still in distribution today, and there are no indications that Win32:Necurs-E's primary attacks have become outdated. Win32:Necurs-E, like most rootkits, is designed to compromise your PC's security by creating a backdoor vulnerability while avoiding detection by hiding its code in normal system files. Backdoor-related attacks by Win32:Necurs-E can include, but aren't limited to:

  • Win32:Necurs-E may grant remote attackers access to your PC through C&C servers. These servers can be used to make use of a damaging level of control over your computer and may also serve as sources for malicious files, or recipients for stolen information.
  • Win32:Necurs-E may install other PC threats; this is a common feature in most rootkits and can include many types of payloads, although particularly popular types include banking Trojans and rogue security programs.
  • Security programs may be blocked by Win32:Necurs-E to prevent you from removing Win32:Necurs-E or related infections safely. Often-blocked programs include anti-virus scanners, Task Manager, the Registry Editor and firewall managers.
  • Security features can be disabled through the Registry and other methods. This can result in an enhanced vulnerability to other attacks, particularly web browser and network-based ones.

Win32:Necurs-E: Countless Names for a Single Threat

While Win32:Necurs-E's attacks are potentially-severe, and its priority as a security risk shouldn't be underestimated, almost all prominent brands of anti-malware software have developed identification entries for Win32:Necurs-E. Aliases that can be used to detect Win32:Necurs-E include Trojan:WinNT/Necurs.A, Trojan.Necurs.5, TROJ_GEN.USBH17ACT, Trojan.ADH.2 and Mal/Necurs-A. malware researchers stress that Win32:Necurs-E isn't likely to be the only PC threat on a computer; at the very least, Trojan droppers like TrojanDropper:Win32/Necurs also have a high chance of infecting a Win32:Necurs-E-compromised PC. Anti-malware scans to remove Win32:Necurs-E should be strong enough to detect any other Trojans or other malware on your computer along with Win32:Necurs-E, or you may be unable to remove Win32:Necurs-E at all – or experience its reinstallation after Win32:Necurs-E is removed.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Win32:Necurs-E may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Rootkits Win32:Necurs-E

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.