 |  |  |  |  |  |  |  |
I need help!!!!
 |
•
•
Join Date: Dec 2006
Posts: 1,002
Reputation: 
Solved Threads: 48
0
#3 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91 
Does anybody know smth about it??? Wright me here please!
Are you infected with it? If so, let us know and we can advise you further.
PP
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
0
#4 Oct 28th, 2009
No, I must do my work. It is a home-task)) Google cant help me. I find there only tables with the viruses((
•
•
Join Date: Dec 2006
Posts: 1,002
Reputation:
Solved Threads: 48
0
#5 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91
No, I must do my work. It is a home-task)
If you need a sample of that particular malware, I can't help you.
•
•
•
•
Originally Posted by SOPHOS
Troj/Cosmu-A is a Trojan for the Windows platform.
Troj/Cosmu-A communicates via HTTP with the following locations:
kaderap . com
When Troj/Cosmu-A is installed the following files are created:
<User>\Local Settings\Application Data\Microsoft\mqtgsvc.exe
<System>\drivers\cisvc.exe
<System>\drivers\cmstp.exe
<Temp>\cisvc.exe
The following registry entries are created to run cisvc.exe and cmstp.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
CmSTP
<System>\drivers\cmstp.exe /waitservice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Cisvc
<Temp>\cisvc.exe /waitservice
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
<System>\drivers\cisvc.exe
The following registry entry is set:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
MqtgSVC
<Root>\DOCUME~1\support\LOCALS~1\APPLIC~1\MICROS~1\mqtgsvc.exe /waitservice
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Malware -hacked by blaze 2008
- Next Thread: Virus where control panel won't open
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adobe adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile parents patch pdf phishing police policeprovirusmba-mblockedinternetaccess president pro problem redirect report research risk rogueantivirus rootkit samhain sans search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista volume vulnerability war warning windows worm yahoo zero-day zeroday
