Troj/Cosiam-F

Category: Viruses and Spyware Protection available since:02 Apr 2006 00:00:00 (GMT)
Type: Trojan Last Updated:02 Apr 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Cosiam-F is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/Cosiam-F includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/Cosiam-F copies itself to &ltSystem&gt\tetriz3.exe and creates the file &ltSystem&gt\bin29a.log.

The following registry entries are created to run tetriz3.exe on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
tetriz3
&ltSystem&gt\tetriz3.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
tetriz3
&ltSystem&gt\tetriz3.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
tetriz3
&ltSystem&gt\tetriz3.exe

Registry entries are created under:

HKLM\SOFTWARE\Microsoft\

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy