Neshta.Virus.FileInfector.DDS

detection icon

Short bio

Neshta.Virus.FileInfector.DDS is Malwarebytes’ detection name for a family of viruses detected by Malwarebytes’ Katana engine.

The detection names are produced by Malwarebytes 4 and Malwarebytes business products. These generic malware detections are due to our new automated signature system called BytesTotal and specifically the DDS engine that are based on Machine Learning technology with 100% autonomous learning which don’t require any human interaction to correctly identify malware. These techniques are part of Malwarebytes’ Katana engine and were developed for automated mass detection of wide ranges of malware and adware.

Symptoms

To gain persistence, Virus.Neshta changes the default value for the registry key HKEY_CLASSES_ROOTexefileshellopencommand, to “%SystemRoot%svchost.com “%1″ %*”.

Aftermath

After removal of the infected files the system may be missing vital files for programs to run. Depending on the duration of the infection and the removed files, the system may even be inoperable.

Type and source of infection

Neshta.Virus.FileInfector.DDS spreads by adding the virus code to other executable files and has some basic options to gather and report system properties.

Protection

The Malwarebytes’ Katana engine detects unknown threats as Neshta.Virus.FileInfector.DDS by using generic detections, Machine Learning, and other Artificial Intelligence techniques to protect users from malware.

detection icon

Related blog content

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams