Related blog content
10 easy ways to prevent malware infection
10 easy steps to clean your infected computer
Virus.Neshta is Malwarebytes’ detection name for the Neshta family of viruses which has been around since at least 2010, targeting Windows systems.
To gain persistence, Virus.Neshta changes the default value for the registry key HKEY_CLASSES_ROOT\exefile\shell\open\command, to “%SystemRoot%\svchost.com “%1″ %*”.
After removal of the infected files the system may be missing vital files for programs to run. Depending on the duration of the infection and the removed files, the system may even be inoperable.
Virus.Neshta spreads by adding the virus code to other executable files.
Malwarebytes blocks Virus.Neshta by using real-time protection.
Malwarebytes can detect and remove Virus.Neshta without further user interaction.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Select your language