MSDDN.VBS is unknown, suspect

August 8, 2012 by NightWatcher
Filed under: unknown 
: Solved!

Fix it immediately:

MSDDN.VBS is unknown, probably legitimate.
If the file MSDDN.VBS is located on your computer, download UnHackMe for free to fix the problem with MSDDN.VBS.

Malware Analysis of MSDDN.VBS
Full path on a computer: %AppData%\msddn.vbs

Detected by UnHackMe:

Item Name: Security
Author: Unknown
Related File: %PROFILE%\NEBP.VBE
Type: Explorer Run

Item Name: Tasker
Author: Unknown
Related File: %PROFILE%\SEC.VBE
Type: Scheduled Tasks

Item Name: Parker
Author: Unknown
Related File: %APPDATA%\MSDDN.VBS
Type: Scheduled Tasks

INFOSAPI.DLL
Default location: C:\Arquivos de programas\infosapi.DLL

Removal Results: Success
Number of reboot: 1

MSDDN.VBS is known as:

unknown.suspect

MSDDN.VBS hash:

  • MD5: b06cf08f57922598ac35f6835d503724
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect MSDDN.VBS presence?

Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Security: “Wscript.exe /B “%Profile%\nebp.vbe”"
Folders:
  • C:\Arquivos de programas
Files:
  • %AppData%\msddn.vbs
  • %Temp%\dbcache.cab
  • %Temp%\infosapi.DLL
  • %Profile%\nebp.vbe
  • %Profile%\sec.vbe
  • %AllUsersProfile%\0
  • %AllUsersProfile%\idt
  • %WinDir%\Tasks\Parker.job
  • %WinDir%\Tasks\Tasker.job
  • C:\Arquivos de programas\infosapi.DLL


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: MSDDN.VBS, suspect, unknown

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.