Trunlow
Trunlow, also known as Psyme, is a trojan designed to steal user passwords. It is distributed through specific links found in malicious web pages and pop-ups able to exploit certain Internet Explorer vulnerabilities.
File System Modifications
- The following files were created in the system:
# File Name 1 a4d22.vbs 2 cucu.dll 3 cucu.exe 4 dc50.vbs 5 dp.exe 6 m.exe 7 mp.exe 8 winupdate.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunMicrosoftEventlog=%Windir%winupdate.exe
I have a brand new usb-kingston-16 G datatraveler inserted inmy usb-port and my anti-virus (trend Micro) spots and deletes the program m.exe on that (fresh out the package) usb-stick,
XP cannot access the drive anymore, what now???