Trojan.Win32.Cosmu.ist
Trojan.Win32.Cosmu.ist is a computer trojan that runs secretly in the background without the computer user's knowledge. Trojan.Win32.Cosmu.ist can start an HTTP server on a random TCP port. This is then used to download the Trojan.Win32.Cosmu.ist executable file to other PCs. Trojan.Win32.Cosmu.ist infiltrates the system without the user's consent or knowledge and easily connects a remote server to download other malicious malware onto the targeted system. Trojan.Win32.Cosmu.ist runs in the background and enables remote access to the affected computer system.
File System Modifications
- The following files were created in the system:
# File Name 1 c:\RECYCLER\check_4_online.dlx 2 c:\RECYCLER\IP.dlx 3 c:\RECYCLER\send_ok.dlx 4 ECYCLER\try_2_send.dlx
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\ipconfigHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\ipconfig\DEBUGHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.