Virus.Neshta

Short bio

This is the detection for the Neshta family of viruses, targeting Windows systems which has been around since at least 2010.

Symptoms

To gain persistence, Virus.Neshta changes the default value for the registry key HKEY_CLASSES_ROOT\exefile\shell\open\command, to “%SystemRoot%\svchost.com “%1″ %*”.

Type and source of infection

Virus.Neshta spreads by adding the virus code to other executable files.

Protection

Malwarebytes blocks Virus.Neshta by using real-time protection.

block Virus.Neshta

Malwarebytes blocks Virus.Neshta

Remediation

Malwarebytes can detect and remove Virus.Neshta without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

Related blog content

10 easy ways to prevent malware infection

10 easy steps to clean your infected computer

How to tell if you’re infected with malware

Know your threats: the nine scariest malware monsters

Select your language