 |  |  |  |  |  |  |  |
I need help!!!!
 |
•
•
Join Date: Dec 2006
Posts: 1,017
Reputation: 
Solved Threads: 49
0
#3 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91 
Does anybody know smth about it??? Wright me here please!
Are you infected with it? If so, let us know and we can advise you further.
PP
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
0
#4 Oct 28th, 2009
No, I must do my work. It is a home-task)) Google cant help me. I find there only tables with the viruses((
•
•
Join Date: Dec 2006
Posts: 1,017
Reputation:
Solved Threads: 49
0
#5 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91
No, I must do my work. It is a home-task)
If you need a sample of that particular malware, I can't help you.
•
•
•
•
Originally Posted by SOPHOS
Troj/Cosmu-A is a Trojan for the Windows platform.
Troj/Cosmu-A communicates via HTTP with the following locations:
kaderap . com
When Troj/Cosmu-A is installed the following files are created:
<User>\Local Settings\Application Data\Microsoft\mqtgsvc.exe
<System>\drivers\cisvc.exe
<System>\drivers\cmstp.exe
<Temp>\cisvc.exe
The following registry entries are created to run cisvc.exe and cmstp.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
CmSTP
<System>\drivers\cmstp.exe /waitservice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Cisvc
<Temp>\cisvc.exe /waitservice
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
<System>\drivers\cisvc.exe
The following registry entry is set:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
MqtgSVC
<Root>\DOCUME~1\support\LOCALS~1\APPLIC~1\MICROS~1\mqtgsvc.exe /waitservice
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Malware -hacked by blaze 2008
- Next Thread: Virus where control panel won't open
Views: 259 | Replies: 4
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial conficker control cybercrime cyberwarfare ddos education email europe exam exploit explorer facebook fake fancheckvirus firefox gtaiv halloween herss.exe hijack hosting ie8 internet iphone links logfiles malware mcafee microsoft mobile msn nazi news norton obama onlinethreats paedophile panel parents patch pc pdf policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus rootkit samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista vulnerability war warning windows worm yahoo zero-day zeroday
