- Annoying Pop-up's
- Installs itself without permissions
- Shows commercial adverts
- Slow Computer
- System crashes
Win32/Nuqel.E is a Trojan infection that appears in fake system alerts and scans by scareware Antivirus System PRO and Spyware Protect 2009.
The pop-up message alert that Win32/Nuqel.E sends reads as follows:
“Antivirus System Pro alert. INFILTRATION ALERT: Your computer is being attacked by an internet virus. It could be a password-stealing attack, a Trojan-dropper or similar. DETAILS: Attack from 126.96.36.199, port 40771; Attacked port 22363; Threat Win32/Nuqel.E. Do you want to block this attack?”
“Spyware Protect 2009 alert. INFILTRATION ALERT. Your computer is being attacked by an Internet Virus. It could be a password-stealing attack, a Trojan-dropper or similar. DETAILS. Attack from: 188.8.131.52, port 34940. Attacked port: 50507. Threat: Win32/Nuqel.E. Do you want to block this attack?”
Win32/Nuqel.E will then deploy a damaging payload, which may delete files and may terminate security related files too.
Win32/Nuqel.E is also highly capable of downloading additional malware onto the infected computer system, usually from a remote internet website, which is ultimately executed on a local system.
It is important to bear in mind that Win32/Nuqel.E has a number of varying functions – all of which are aimed at compromising the infected computer system, the user’s privacy and challenging the integrity of the computer itself.
Another function Win32/Nuqel.E has been designed to implement is that Win32/Nuqel.E is known to use backdoor techniques to infiltrate a computer system, and remain undetected whilst embedded within the system, this way it can carry out its malicious intent - undeterred.
Win32/Nuqel.E will ensure that it disables the use of the security programs installed in the infected system, will open up obscure connections, in order to ensure access from a remote controller. Win32/Nuqel.E may also self-mutate, in order to avoid detection and the removal of its executables.
One should ensure that a fully functional and reliable anti-spyware application is installed on the infected computer system. This way you will be able to deal with this threat, and remove Win32/Nuqel.E and all its components from the infected system.