win32 neshta

Hi

I am really scared of what happened to my computer now. I have got win32 neshta on it and followed your comprehensive Malware Removal Guide.

I have made all steps and I was on the part where I run SuperAntiSpyware. I got a blue screen and after that my computer starts up really slow and I am not able to do anything on it because its so slow and doesnt react to what I do. Please help me what to do!!!

Thanks in advance

 

Ok, now I have tried to run all the scans.

Here are some problems I encountered:

MBAM_ERROR_UPDATING (12007, 0, WINHTPSENDREQUEST) after install of MB.exe (in safe mode) Because of this I downloaded update on other computer manually.

When running Combofix it complained about F-Secure running. But I could not stop it because I was in Windows safe mode. (F-Secure wouldn´t start and there was no icon to click on) So Combofix didn't run properly.

On start of rootrepeal it stated "error-invalid PE image found!"
Root repeal never finished because it hang up on something. It let it be on for days and run it twice.

I have added logs below but for above reason ComboFix.txt and RRlog.txt is missing.

It all started when I got win32 neshta on my main computer it then infected also my laptop (that is the computer having big issues now). I found your malware removal guide when I googled win32 neshta and started to go through it. I didn't notice anything weird until somewhere around when I should run SuperAntiSpyware. I got a bluescreen when running SuperAntiSpyware and my computer started to act very weird. I am not able to use it at all in normal mode, it reacts extremely slow but I can but into safe mode.

Please help me to find the problem. Dont know if it is a virus or if something went wrong when I was going through your guide. I really appreciate your help since I dont know what to do!

 

I have tried run ComboFix and as I remember I followed the instructions but of course I can try run it again.

The problem is that it complains about me having F-Secure (Telia säker) activated. I wanted to close it but I couldn´t find out how to do because I was in safe mode. I dont know if thats the reason but it didnt run as described in instructions.

 

I have already read those instructions. But in safe mode there is no icons to disable the AV. I tried to start the program to unable it but it wouldnt start.

I dont know if I should run the program even if it complains about the AV or what I should do to disable it.

 

Actually I was able to run combofix.exe in normal mode after letting the computer be on over the night. Then I also could disable AV.

Here is the log

 

Excuse me for my bad english but I didnt understand you really. You mean if my AV is reporting malware? Actually its hard to tell because my computer is not working so I can make a scan nor use it since I started your cleaning procedure.

What path you mean and what file because it used to be a lot of files?

Why didnt Combo work? It seemed to run properly this time actually. Only thing is that my AV was activated on restart so I think it blocked combo until I was able to release it due to my unusable computer.

 

I just want to report that problem is solved!

When I got infected by win32 neshta I was going through your malware removal guide. At some point my computer stopped to work at all and with that I mean you have to wait hours for just one click and nothing seemed to work on the computer. When I ran F-Secure scan it reported some infected files but the scan took days and before it was finished the computer got blue screen and rebooted.

As I stumbled in the dark I uninstalled F-secure to see what happened and suddenly the computer worked again. I haven't had any problems with F-Secure before and computer has never been that slow. So my guess is that something when I was going through the removal guide went wrong and made F-secure act weird.

I have now scanned computer with Avast and its clean and now it responds normally. Maybe it should be good for you to know what happened to me.

Thanks for your help!
/Klas