ThreatExpert's Statistics for Trojan.Banker [PC Tools]:

Trojan.Banker [PC Tools] is also known as:

Threat Alias	Number of Incidents
Infostealer.Bancos [Symantec]	19
PWS-Banker.gen.i [McAfee]	13
Infostealer.Banpaes [Symantec]	11
TrojanSpy:Win32/Banker [Microsoft]	9
Trojan.Win32.Dropper [Ikarus]	6
Trojan-Banker.Win32.Banker [Ikarus]	6
TrojanDropper:Win32/Tiebho.B [Microsoft]	6
Mal/Generic-A [Sophos]	5
TrojanSpy:Win32/Agent [Microsoft]	5
Infostealer.Bancos!gen [Symantec]	4
Troj/Banker-BNX [Sophos]	4
Troj/Banker-BQI [Sophos]	4
Troj/Mesoto-D [Sophos]	4
Trojan-Banker.Win32.Banbra [Ikarus]	4
Trojan-Banker.Win32.Banker.bix [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.biy [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.fme [Kaspersky Lab]	4
Trojan-Spy.Win32.Banker.byu [Kaspersky Lab]	4
Win-Trojan/Agent.296448 [AhnLab]	4
Win-Trojan/Banker.201728.B [AhnLab]	4
Win-Trojan/Banker.634368.E [AhnLab]	4
Generic Downloader.x!t [McAfee]	3
PWS-Banker.gen.c [McAfee]	3
Generic Dropper!k [McAfee]	2
Infostealer.Banker.B [Symantec]	2
Possible_Mlwr-7 [Trend Micro]	2
Trojan-Spy.Win32.Banker.xf [Kaspersky Lab]	2
TSPY_BANKER.ABQ [Trend Micro]	2
Backdoor.Win32.Agent.dbz [Kaspersky Lab]	1
BKDR_AGENT.AASP [Trend Micro]	1
Email-Worm.Win32.Locksky [Ikarus]	1
Generic PWS.o [McAfee]	1
Generic.Banker.OT [Ikarus]	1
Generic.cd [McAfee]	1
Generic.dc [McAfee]	1
Generic.dh [McAfee]	1
Generic.dx!p [McAfee]	1
Infostealer.Tarno.D [Symantec]	1
Keylog-Stawin [McAfee]	1
Mal/Banspy-F, Mal/Behav-248, Mal/EncPk-BW, Mal/Banspy-I, Mal/Banspy-G, Mal/Reload-A, Troj/Bnkmr-Fam [Sophos]	1
Mal/Behav-053, Troj/Bnksa-Fam [Sophos]	1
Mal/HckPk-A, Mal/Packer, Mal/TibsPak [Sophos]	1
Mal_Banker [Trend Micro]	1
Mal_Infostl [Trend Micro]	1
Mal_Looksky [Trend Micro]	1
Possible_Banld-2 [Trend Micro]	1
Possible_Virus [Trend Micro]	1
PWS:Win32/Agent [Microsoft]	1
PWS-Banker!sys [McAfee]	1
PWS-Banker.dldr [McAfee]	1
PWS-Banker.f [McAfee]	1
PWS-Banker.gen.aa [McAfee]	1
PWS-Banker.gen.ba [McAfee]	1
PWS-Banker.gen.bb [McAfee]	1
PWS-Banker.gen.h [McAfee]	1
PWS-Banker.gen.q [McAfee]	1
Troj/Agent-JPX [Sophos]	1
Troj/Agent-JPY [Sophos]	1
Troj/Bancban-FB [Sophos]	1
Troj/Banker-EOY [Sophos]	1
Troj/Haxdoor-M [Sophos]	1
Troj/Stawin-B [Sophos]	1
TROJ_BANLOAD.BYB [Trend Micro]	1
TROJ_Generic [Trend Micro]	1
TROJ_TARNO.R [Trend Micro]	1
Trojan.Win32.FraudPack.lrs [Kaspersky Lab]	1
Trojan.Win32.FraudPack.lrt [Kaspersky Lab]	1
Trojan.Win32.FraudPack.lse [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.a [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.add [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.ahy [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.akyl [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.bcf [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.em [Kaspersky Lab]	1
Trojan-Banker.Win32.Banker.enw [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.efw [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.efz [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.ega [Kaspersky Lab]	1
TrojanDownloader:Win32/Vxidl.gen!A [Microsoft]	1
Trojan-Spy.Win32.Banbra [Ikarus]	1
Trojan-Spy.Win32.Bancos.zm [Ikarus]	1
Trojan-Spy.Win32.Banker.A [Ikarus]	1
Trojan-Spy.Win32.Banker.anv [Ikarus]	1
Trojan-Spy.Win32.Banker.axj [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.ccc [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.cgc [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.ek [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.im [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.jj [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.kb [Kaspersky Lab]	1
Trojan-Spy.Win32.Banker.kd [Kaspersky Lab]	1
TrojanSpy:Win32/Banker.AHY [Microsoft]	1
TrojanSpy:Win32/Banker.EK [Microsoft]	1
TrojanSpy:Win32/Sparsay.gen!A [Microsoft]	1
TSPY_BANKER.CIR [Trend Micro]	1
TSPY_BANKER.EK [Trend Micro]	1
TSPY_BANKER.EY [Trend Micro]	1
TSPY_BANKER.FMC [Trend Micro]	1
W32.Looksky!gen [Symantec]	1
W32/Loosky.gen@MM [McAfee]	1

Trojan.Banker [PC Tools] has the following possible countries of origin:

Origin		Number of Incidents
	Brazil	24
	Germany	3
	Russian Federation	2

Trojan.Banker [PC Tools] is known to be created as:

%CommonPrograms%\startup\system32.exe

%CommonPrograms%\startup\windows32.exe

%System%\iesprt.sys

%System%\java sp\csrss.exe

%System%\java sp\mlsass.dll

%System%\mshelp.exe

%System%\ssmaze.scr

%System%\system32.exe

%System%\wmedia32.exe

%Temp%\1.exe

%Temp%\306e37d9.exe

%Temp%\af57eaae.exe

%UserProfile%\xrt_gthk.exe

%Windir%\config\svchost.exe

%Windir%\process.exe

%Windir%\svchosts.scr

Notes:

%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.