Virus.Neshta.A
Virus.Neshta.A is a virus that infects executable files on your PC, and activates every time an executable file is launched. Virus.Neshta.A will also attempt to make contact with anonymous criminals that have been confirmed to be links to propagating various types of malicious software; this remote contact can result in remote attacks, password theft, loss of control over your PC or the installation of other harmful software. For the sake of your PC privacy and stability, you should delete Virus.Neshta.A as soon as you notice Virus.Neshta.A, by using an updated and trustworthy anti-malware scanner.
Virus.Neshta.A – Elderly But Still Going Strong as a Threat to Your Executables
Virus.Neshta.A was originally seen in 2008, but has been updated as recently as 2011, making updates for your own security software and browsers crucial to protect your PC. Virus.Neshta.A, like all viruses, propagates by infecting other files with Virus.Neshta.A's own code. Executable (or .exe) files are targeted by Virus.Neshta.A and affixed with Virus.Neshta.A's own malicious code, until all .exe files on your PC have been infected.
You may be able to notice a Virus.Neshta.A infection by checking the file sizes of an .exe, or looking at the date a file was last modified. Other indicators of an active Virus.Neshta.A infection may be scarce, since Virus.Neshta.A is designed to hide itself and avoid creating obvious visual clues that Virus.Neshta.A is on your PC.
Virus.Neshta.A's hiding efforts are enhanced by Virus.Neshta.A's preference for laying low in your Windows system folder, as well as the original virus file's name: svchost.com, which is similar to a native Windows component that uses the same name with an .exe file type extension.
Virus.Neshta.A: Building Links Between Criminals and Your PC
Virus.Neshta.A will launch itself automatically whenever an .exe file is launched. Aside from basic .exe infections, the only baseline behavior that Virus.Neshta.A engages in is making unauthorized contact with link-on.tu1.ru, a website that has been blacklisted for trafficking in malicious software for years.
Virus.Neshta.A will transmit basic information about your PC to this anonymous criminal, who may then use Virus.Neshta.A to engage in remote attacks that can control your PC, steal passwords, install threats or other types of malicious behavior.
Virus.Neshta.A also uses malicious script files to accomplish the above actions. This script may be detected as a separate threat by the name of PWS:Win32/Ldpinch.gen!LogA. In addition, Virus.Neshta.A has half a dozen aliases of Virus.Neshta.A's own: W32/Bloat-A, PE_NESHTA.A, Virus.Win32.Neshta.a, W32/HLLP.41472.e, W32.Neshuta and W32/Neshta.A.
Since Virus.Neshta.A creates Registry alterations, infects multiple files, and is generally difficult to detect and delete manually, it's strongly encouraged that you use automated security programs to find and remove Virus.Neshta.A from your PC.
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN XTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ XTray.exe
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.