 |  |  |  |  |  |  |  |
I need help!!!!
 |
•
•
Join Date: Dec 2006
Posts: 1,001
Reputation: 
Solved Threads: 48
0
#3 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91 
Does anybody know smth about it??? Wright me here please!
Are you infected with it? If so, let us know and we can advise you further.
PP
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
0
#4 Oct 28th, 2009
No, I must do my work. It is a home-task)) Google cant help me. I find there only tables with the viruses((
•
•
Join Date: Dec 2006
Posts: 1,001
Reputation:
Solved Threads: 48
0
#5 Oct 28th, 2009
•
•
•
•
Originally Posted by Alex91
No, I must do my work. It is a home-task)
If you need a sample of that particular malware, I can't help you.
•
•
•
•
Originally Posted by SOPHOS
Troj/Cosmu-A is a Trojan for the Windows platform.
Troj/Cosmu-A communicates via HTTP with the following locations:
kaderap . com
When Troj/Cosmu-A is installed the following files are created:
<User>\Local Settings\Application Data\Microsoft\mqtgsvc.exe
<System>\drivers\cisvc.exe
<System>\drivers\cmstp.exe
<Temp>\cisvc.exe
The following registry entries are created to run cisvc.exe and cmstp.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
CmSTP
<System>\drivers\cmstp.exe /waitservice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Cisvc
<Temp>\cisvc.exe /waitservice
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
<System>\drivers\cisvc.exe
The following registry entry is set:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
MqtgSVC
<Root>\DOCUME~1\support\LOCALS~1\APPLIC~1\MICROS~1\mqtgsvc.exe /waitservice
In some sort of crude sense, which no vulgarity, no humor, no overstatement can quite extinguish, the physicists have known sin; and this is a knowledge which they cannot lose.
~ J. Robert Oppenheimer
ASAP
~ J. Robert Oppenheimer
ASAP
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Malware -hacked by blaze 2008
- Next Thread: Virus where control panel won't open
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
adobe adware anti-malware anti-virussitesaccessissue antivirus attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial commercials conficker connect control crosssitescripting cyber cybercrime ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween herss.exe hijack hosting internet kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile nazi news obama onlinethreats panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus rootkit sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec threat trojan unwanted update usa virus viruses vista volume warning windows worm yahoo zero-day
