Necurs rootkit can hide components from detection while also being capable of downloading additional malware, disabling a long list of security software and installing a backdoor. Necurs is capable eluding Windows built-in Kernel Patch Protection, which is supposed to prevent any modification of the kernel. Attackers can maintain remote access to a machine this way in order to monitor activity, send spam or install scareware. Black Hole and its many variants is likely the most prevalent of the exploit kits in circulation.
Source: https://threatpost.com/necurs-rootkit-infections-way-120712/77292/