Trojan.Win32.Cosmu.xxs
Trojan.Win32.Cosmu.xxs (or Mal/SillyFDC-A) is another malicious Trojan horse that represents a security risk for a compromised PC system or a network environment. Trojan.Win32.Cosmu.xxs should not be taken lightly and contains characteristics of a severe security risk. Trojan.Win32.Cosmu.xxs penetrates the system without the user's knowledge or permission and easily contacts a remote server to download other harmful parasites onto the infected computer. Symptoms may include your computer screen flipping upside down or inverting and documents or messages printing on your printer by themselves. For the safety of your computer, Trojan.Win32.Cosmu.xxs should be removed immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %DesktopDir%\Unused Desktop Shortcuts .scr 2 %MyDocuments%\My eBooks .scr 3 %MyDocuments%\My Music .scr 4 %MyDocuments%\My Pictures .scr 5 %Temp%\Ev~NeN^e.eXe 6 %Windir%\addins .scr 7 %Windir%\AppPatch .scr 8 %Windir%\Cache .scr 9 %Windir%\Config .scr 10 %Windir%\Connection Wizard .scr 11 %Windir%\Cursors .scr 12 %Windir%\Debug .scr 13 %Windir%\dns .scr 14 %Windir%\Driver Cache .scr 15 %Windir%\ehome .scr 16 %Windir%\Help .scr 17 %Windir%\ime .scr 18 %Windir%\inf .scr 19 %Windir%\java .scr 20 %Windir%\Media .scr 21 %Windir%\Microsoft.NET .scr 22 %Windir%\msagent .scr 23 %Windir%\msapps .scr 24 %Windir%\mui .scr 25 %Windir%\Offline Web Pages .scr 26 %Windir%\pchealth .scr 27 %Windir%\PeerNet .scr 28 %Windir%\Provisioning .scr 29 %Windir%\Registration .scr 30 %Windir%\repair .scr 31 %Windir%\Resources .scr 32 %Windir%\security .scr 33 %Windir%\SoftwareDistribution .scr 34 %Windir%\srchasst .scr 35 %Windir%\system .scr 36 %Windir%\system32 .scr 37 %Windir%\Temp .scr 38 %Windir%\twain_32 .scr 39 %Windir%\Web .scr 40 %Windir%\WinSxS .scr 41 [file and pathname of the sample #1]
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.