Threat Search: 

ThreatExpert's Statistics for Trojan-PSW.Generic [PC Tools]:

Trojan-PSW.Generic [PC Tools] is also known as:
Threat AliasNumber of Incidents
Infostealer [Symantec]1,670
Packed.Win32.Krap.ah [Kaspersky Lab]845
Mal/EncPk-MA, Mal/FakeDouf-B [Sophos]586
Packed.Win32.Krap [Ikarus]475
Trojan:Win32/Opachki.A [Microsoft]386
Trojan.CryptRedol [Ikarus]350
Generic.dx!hca [McAfee]322
Mal/EncPk-LT, Mal/FakeAV-BX, Mal/FakeDouf-B, Mal/EncPk-MA [Sophos]239
Troj/Dloadr-CTC [Sophos]173
Backdoor:Win32/Bifrose.AE [Microsoft]150
BackDoor-CEP.gen.av [McAfee]147
Backdoor.Win32.Bifrose.fsi [Kaspersky Lab]146
Mal/Generic-A [Sophos]140
PWS:Win32/Fignotok.A [Microsoft]120
Win-Trojan/Dybalom.32768.B [AhnLab]83
Mal/Banspy-F [Sophos]79
Mal/Bifrose-Z, Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]72
Generic Dropper.ny [McAfee]67
not-a-virus:PSWTool.Win32.MailPassView.ck [Kaspersky Lab]63
Trojan-PSW.Win32.Dybalom.atk [Kaspersky Lab]60
Dropper/MailPass.632320 [AhnLab]56
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]48
Trojan-PSW.Win32.Dybalom.afm [Kaspersky Lab]48
Generic Downloader!hv.x [McAfee]45
PWS:Win32/Strpasseal.B [Microsoft]43
Win-Trojan/Downloader.20992.HH [AhnLab]43
Trojan-Downloader.Win32.Small.almj [Kaspersky Lab]41
Downloader-BTI [McAfee]40
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]30
Trojan.Win32.Refroso.abmg [Kaspersky Lab]22
Dropper/Decay.2132992 [AhnLab]16
Trojan-Dropper.Win32.Decay.bys [Kaspersky Lab]16
Trojan-PWS.Win32.Dybalom [Ikarus]16
Trojan:Win32/Lukicsel.E [Microsoft]15
Win-Trojan/Agent.535552.F [AhnLab]14
Generic Downloader.x [McAfee]13
Trojan-PSW.Win32.Agent.lta [Kaspersky Lab]13
Generic Downloader.z [McAfee]12
Trojan-Downloader.Win32.Small [Ikarus]12
Win-Trojan/Xema.variant [AhnLab]12
PWS:Win32/OnLineGames.GP [Microsoft]11
PWS:Win32/Stealer.M [Microsoft]10
Troj/GamPass-X [Sophos]10
TSPY_ONLINEG.SMX [Trend Micro]10
Mal/Generic-E [Sophos]9
Trojan.Win32.Delf.squ [Kaspersky Lab]9
Trojan.Win32.Lukicsel [Ikarus]9
Trojan-Banker.Win32.Banker [Ikarus]9
Trojan-PSW.Win32.Dybalom.bcx [Kaspersky Lab]9
Trojan-PSW.Win32.Dybalom.bfw [Kaspersky Lab]9
Backdoor:Win32/Bifrose.ACI [Microsoft]8
BackDoor-CEP.svr [McAfee]8
PWS-IMThief.gen.a [McAfee]8
Trojan-Spy.Win32.Zbot [Ikarus]8
Backdoor.Win32.Bifrose.fny [Kaspersky Lab]7
Backdoor:Win32/Syrutrk.A [Microsoft]7
BKDR_BIFROSE.MIC [Trend Micro]7
Dropper/Agent.29565 [AhnLab]7
Mal/Autorun-TR [Sophos]7
PWS-OnlineGames.gl [McAfee]7
Trojan.Generic [Ikarus]7
Trojan-PWS.Win32.Delf [Ikarus]7
Trojan-PWS.Win32.LdPinch [Ikarus]7
Generic PWS.ec [McAfee]6
PWS:Win32/Zbot.gen!W [Microsoft]6
Trojan:Win32/VB [Microsoft]6
Trojan-GameThief.Win32.OnLineGames.bnbo [Kaspersky Lab]6
Trojan-PSW.Win32.Dybalom.bnw [Kaspersky Lab]6
Trojan-Spy.Win32.Agent.bcid [Kaspersky Lab]6
Win-Trojan/Delf.18944.B [AhnLab]6
BackDoor-CEP!hv.a [McAfee]5
Gen.Trojan [Ikarus]5
PWS:Win32/Fignotok.B [Microsoft]5
PWS:Win32/Zbot.gen!R [Microsoft]5
TrojanDownloader:Win32/Troxen!rts [Microsoft]5
Trojan-GameThief.Win32.OnLineGames.bneb [Kaspersky Lab]5
Trojan-PSW.Win32.Agent.pfz [Kaspersky Lab]5
Trojan-PWS.Win32.Agent [Ikarus]5
Trojan-Spy.Win32.Zbot.gen [Kaspersky Lab]5
Virus.Win32.Agent [Ikarus]5
Generic PWS.bn [McAfee]4
Generic.dx!nkr [McAfee]4
Mal/Autorun-TR, Mal/Emogen-U [Sophos]4
Mal/Behav-059, Mal/Behav-059 [Sophos]4
Mal/Bifrose-R, Mal/Bifrose-E [Sophos]4
PWS.Win32 [Ikarus]4
PWS-LDPinch [McAfee]4
PWS-OnlineGames.gx [McAfee]4
PWS-Zbot.gen.i [McAfee]4
Troj/Gernid-Gen [Sophos]4
Trojan.Win32.Midgare.sdw [Kaspersky Lab]4
Trojan:Win32/Bumat!rts [Microsoft]4
Trojan-Downloader.Agent [Ikarus]4
Trojan-GameThief.Win32.Lmir.jgu [Kaspersky Lab]4
Trojan-PSW.Win32.Agent.ouo [Kaspersky Lab]4
Trojan-PSW.Win32.VB.abu [Kaspersky Lab]4
Trojan-Spy.Win32.Agent [Ikarus]4
TSPY_ZBOT.SM [Trend Micro]4
Win-Trojan/Agent.461312.L [AhnLab]4
Win-Trojan/MalIEShow.57344 [AhnLab]4

Trojan-PSW.Generic [PC Tools] has the following possible countries of origin:
OriginNumber of Incidents
Spain82
Brazil54
Israel44
Russian Federation27
China21
Germany8
Sweden7
Netherlands3
Republic of Korea2
United Kingdom2
France1
Iran1
Ireland1
Italy1
Turkey1

Trojan-PSW.Generic [PC Tools] is known to be created as:
%AppData%\bifrost\server.exe
%AppData%\pridl\pridl.exe
%AppData%\system of pc\server.exe
%AppData%\system32\system32.exe
%AppData%\updater.exe
%AppData%\windows\windows.exe
%CommonAppData%\scvhost.exe
%InternetCache%\33978.exe
%InternetCache%\34104.exe
%InternetCache%\78554949.exe
%Profiles%\localservice\ntuser.dll
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\hmonitor\hmonitor.exe
%ProgramFiles%\mirosoft\ccm.dll
%ProgramFiles%\specialoperationssoftware\autoyahoo\autoyahoo.exe
%ProgramFiles%\tueagles\gphook.dll
%ProgramFiles%\windows microso\server.exe
%ProgramFiles%\windows\windows.exe
%Programs%\startup\iexplore.exe
%Programs%\startup\scandisk.dll
%System%\0022.dll
%System%\0023.dll
%System%\ads\protectedstorage.dll
%System%\ahnxsds0.dll
%System%\atmacapp.dll
%System%\bb.exe
%System%\bifrost\server.exe
%System%\calc.dll
%System%\cheak_hook.dll
%System%\cltmon.exe
%System%\corpor.dll
%System%\cscripts.exe
%System%\dll\houmax32.exe
%System%\dnfwg.dll
%System%\firefox.exe
%System%\gallery.exe
%System%\intenat.exe
%System%\iovst.dll
%System%\j4eq4tvb.dll
%System%\kbupdate.dll
%System%\msnwabs.exe
%System%\nmdfgds0.dll
%System%\nmdfgds1.dll
%System%\nmdfgds2.dll
%System%\overlapp32.dll
%System%\qtplugin.exe
%System%\sdra64.exe
%System%\ss12b60094dll.dll
%System%\ss12c40088dll.dll
%System%\system of pc\server.exe
%System%\system32\system.exe
%System%\system32\system32.exe
%System%\systeme\wingard.exe
%System%\t311019.dll
%System%\telnetsvc32.exe
%System%\twex.exe
%System%\updattte.exe
%System%\vssms32.exe
%System%\win.exe
%System%\wininet.exe
%System%\winsecure.exe
%System%\winsrv32.exe
%System%\wmitpfs.dll
%System%\yahooui.exe
%Temp%\1.exe
%Temp%\12.exe
%Temp%\2ae4224e.exe
%Temp%\alanbiaa.exe
%Temp%\bn0d9w7zwf2d8fzm.exe
%Temp%\calc.dll
%Temp%\crs.exe
%Temp%\cryptedfile.exe
%Temp%\cvasds0.dll
%Temp%\cvasds1.dll
%Temp%\d.exe
%Temp%\decrypted.exe
%Temp%\dg.exe
%Temp%\dropp.exe
%Temp%\exe.exe
%Temp%\explore.exe
%Temp%\explorer.exe
%Temp%\f.exe
%Temp%\filetmp.exe
%Temp%\hack.exe
%Temp%\herss.exe
%Temp%\hideip-keygen.exe
%Temp%\installer-crack-keygen.exe
%Temp%\istealer.exe
%Temp%\istealer-server.exe
%Temp%\ixp000.tmp\1.exe
%Temp%\ixp000.tmp\60102_1.exe
%Temp%\ixp000.tmp\aa.exe
%Temp%\ixp000.tmp\server.exe
%Temp%\ixp000.tmp\spynet.exe
%Temp%\ixp000.tmp\themided.exe
%Temp%\ixp001.tmp\1.exe
%Temp%\ixp001.tmp\60102_1.exe
%Temp%\ixp002.tmp\spynet.exe
%Temp%\ixp003.tmp\spynet.exe
%Temp%\ixp005.tmp\spynet.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).