Click on screenshot to zoom
Danger level 8
Type: Trojans
Common infection symptoms:
  • Annoying Pop-up's
  • Installs itself without permissions
  • Shows commercial adverts
  • Slow Computer
  • System crashes

Win32/Nuqel.E

Win32/Nuqel.E is a Trojan infection that appears in fake system alerts and scans by scareware Antivirus System PRO and Spyware Protect 2009.

The pop-up message alert that Win32/Nuqel.E sends reads as follows:

“Antivirus System Pro alert. INFILTRATION ALERT: Your computer is being attacked by an internet virus. It could be a password-stealing attack, a Trojan-dropper or similar. DETAILS: Attack from 235.157.169.3, port 40771; Attacked port 22363; Threat Win32/Nuqel.E. Do you want to block this attack?”

Or:

“Spyware Protect 2009 alert. INFILTRATION ALERT. Your computer is being attacked by an Internet Virus. It could be a password-stealing attack, a Trojan-dropper or similar. DETAILS. Attack from: 84.154.14.114, port 34940. Attacked port: 50507. Threat: Win32/Nuqel.E. Do you want to block this attack?”
Win32/Nuqel.E tends to be distributed along the following channels: via emails, malicious web pages, Inter Relay Chat channels (IRC) and some peer-to-peer networks.

Win32/Nuqel.E will then deploy a damaging payload, which may delete files and may terminate security related files too.

Win32/Nuqel.E is also highly capable of downloading additional malware onto the infected computer system, usually from a remote internet website, which is ultimately executed on a local system.

It is important to bear in mind that Win32/Nuqel.E has a number of varying functions – all of which are aimed at compromising the infected computer system, the user’s privacy and challenging the integrity of the computer itself.

Another function Win32/Nuqel.E has been designed to implement is that Win32/Nuqel.E is known to use backdoor techniques to infiltrate a computer system, and remain undetected whilst embedded within the system, this way it can carry out its malicious intent - undeterred.

Win32/Nuqel.E will ensure that it disables the use of the security programs installed in the infected system, will open up obscure connections, in order to ensure access from a remote controller. Win32/Nuqel.E may also self-mutate, in order to avoid detection and the removal of its executables.

One should ensure that a fully functional and reliable anti-spyware application is installed on the infected computer system. This way you will be able to deal with this threat, and remove Win32/Nuqel.E and all its components from the infected system.

Download Spyware Removal Tool to Remove* Win32/Nuqel.E
  • Quick & tested solution for Win32/Nuqel.E removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Win32/Nuqel.E

Files associated with Win32/Nuqel.E infection:

regsvr.exe

Win32/Nuqel.E processes to kill:

regsvr.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.