Dmitry Sokolov recommends UnHackMe!
UnHackMe is a powerful tool against malware.UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!
W32.NeshtaB.PE also known as PE_NESHTA.A, Win32.Neshta.B, PE:Win32.Netsha.a!411233.
Malware Analysis of W32.NeshtaB.PE
Created files:
%Profile%\TSRGW\98525.FOT
%Profile%\TSRGW\98530.VFE
%Profile%\TSRGW\987060.exe
%Profile%\TSRGW\99311.NAM
%Profile%\TSRGW\9961.KNE
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\TSRGW: “C:\DOCUME~1\ADMINI~1\TSRGW\start.vbs”
HKLM\Software\Classes\exefile\shell\open\command\: “%WinDir%\svchost.com “%1″ %*”
Detected by UnHackMe:
987060.EXE
Default location: %PROFILE%\TSRGW\987060.EXE
UnHackMe
removes malware invisible for your antivirus!
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.