Virus.Neshta

Short bio

This is the detection for the Neshta family of viruses, targeting Windows systems which has been around since at least 2010.

Symptoms

To gain persistence, Virus.Neshta changes the default value for the registry key HKEY_CLASSES_ROOT\exefile\shell\open\command, to “%SystemRoot%\svchost.com “%1″ %*”.

Type and source of infection

Virus.Neshta spreads by adding the virus code to other executable files.

Protection

Malwarebytes blocks Virus.Neshta by using real-time protection.

block Virus.Neshta

Malwarebytes blocks Virus.Neshta

Remediation

Malwarebytes can detect and remove Virus.Neshta without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click MBSetup.exe and follow the prompts to install the program.
  3. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
  4. Click on the Get started button.
  5. Click Scan to start a Threat Scan.
  6. Click Quarantine to remove the found threats.
  7. Reboot the system if prompted to complete the removal process.

Related blog content

10 easy ways to prevent malware infection

10 easy steps to clean your infected computer

How to tell if you’re infected with malware

Know your threats: the nine scariest malware monsters

Select your language