Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with 2 strong viruses.


  • This topic is locked This topic is locked
5 replies to this topic

#1 Bikerful

Bikerful

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 13 February 2015 - 09:27 AM

Hello guys, I made this topic because my system got infected with 2 strong viruses as I know.

 

I got this 2 viruses named : Neshta Virus, and Virus Ramnit.

 

When I got neshta virus my system was blocked and I had no ability to open any .EXE file, I asked my friend about help and he told me to open my pc on safe mode and try to clean it up, and this is what I did and I was spamming my Google Chrome broswer and it was working, after I scanned my pc with Malware Bytes: Anti-Malware and it got the first virus named "Neshta" on svchost and I moved it to quarantine and after run my laptop into normal mode and worked but I had lag on opening .EXE files and also on startup I got an error named nvscap64 dll error, and also black CMD windows opening and closing fast, after this I scanned my pc with Rkill, Rogue killer, and some other malware scanners and they were showing my pc was clean, but I scanned it with malware bytes and it keeps detecting virus neshta on svchosts file.... After I puted in quarantine again and I wanted to play Counter-Strike 1.6, and when I opened this game my malware bytes anti malware was keep telling me that it detected a virus called ramnit (I searched on google about this and heard it's a hard to remove worm)

 

I got advices to format my pc, But I dont have the money to do it and also cant do it on home because I dont have the correct drivers and win 7 disc.

 

I would like all the advices you can tell me, and I will try them all if I can.



BC AdBot (Login to Remove)

 


#2 mikey11

mikey11

  • Members
  • 1,352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:01:35 AM

Posted 13 February 2015 - 10:38 AM

go into programs and see if it is listed there, if it is delete it,

 

use msconfig to see if its listed in your startup tab, if it is disable it,

 

then in normal boot mode run

 

- rkill

- adwcleaner

 

- after you clean the files that adwcleaner finds it will prompt you to reboot, do it

 

now run

 

- rkill

- malwarebytes

- hitmanpro



#3 AAE32

AAE32

  • Banned
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:35 AM

Posted 13 February 2015 - 11:02 AM

go into programs and see if it is listed there, if it is delete it,

 

use msconfig to see if its listed in your startup tab, if it is disable it,

 

then in normal boot mode run

 

- rkill

- adwcleaner

 

- after you clean the files that adwcleaner finds it will prompt you to reboot, do it

 

now run

 

- rkill

- malwarebytes

- hitmanpro

There is a reason why i'm sent him here. DO NOT Follow these insturctions OP.



#4 mikey11

mikey11

  • Members
  • 1,352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:01:35 AM

Posted 13 February 2015 - 11:16 AM

There is a reason why i'm sent him here. DO NOT Follow these insturctions OP.

 

 

 

 

:rolleyes:


Edited by mikey11, 13 February 2015 - 11:16 AM.


#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:12:35 AM

Posted 16 February 2015 - 02:42 PM

Hi Bikerful,
 
Please run this for me:
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 PM

Posted 23 February 2015 - 09:35 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users