Threat Search: 

ThreatExpert's Statistics for Trojan-Spy.Pophot.WX [PC Tools]:

Trojan-Spy.Pophot.WX [PC Tools] is also known as:
Threat AliasNumber of Incidents
Spy-Agent.br.ini [McAfee]37
W32.Hitapop [Symantec]33
Spy-Agent.br.dll [McAfee]32
TrojanSpy:Win32/Hitpop.gen!C [Microsoft]31
Mal/Pophot-A [Sophos]26
TrojanSpy:Win32/Hitpop.AE!dll [Microsoft]19
Mal/Behav-024, Mal/Emogen-P [Sophos]14
Trojan.Hitpop.J [Ikarus]10
Downloader-AZN [McAfee]8
Generic PWS.y [McAfee]7
Trojan-Spy.Win32.Pophot.bze [Ikarus]6
Trojan-Spy.Win32.Pophot.bze [Kaspersky Lab]6
Infostealer.Gampass [Symantec]5
Mal/Pophot-B [Sophos]5
Trojan-Spy.Win32.Pophot.brr [Kaspersky Lab]5
Trojan-Spy.Win32.Pophot.gjd [Kaspersky Lab]5
Trojan Horse [Symantec]4
Trojan-Spy.Win32.Pophot.btg [Kaspersky Lab]4
Trojan-Spy.Win32.Pophot.bzi [Kaspersky Lab]4
Trojan-Spy.Win32.Pophot.bzk [Kaspersky Lab]4
Mal/Emogen-P [Sophos]3
TROJ_DELF.IVK [Trend Micro]3
Downloader-AZN.gen [McAfee]2
New Malware.aj [McAfee]2
Trojan-Spy.Win32.Pophot.bnn [Kaspersky Lab]2
Trojan-Spy.Win32.Pophot.brh [Kaspersky Lab]2
Trojan-Spy.Win32.Pophot.bsf [Kaspersky Lab]2
Trojan-Spy.Win32.Pophot.cdu [Kaspersky Lab]2
Infostealer.Onlinegame [Symantec]1
Mal/Generic-A, Mal/Pophot-A [Sophos]1
TROJ_POPHOT.JB [Trend Micro]1
Trojan-Spy.Win32.Agent.pn [Ikarus]1
Trojan-Spy.Win32.Pophot.azu [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.bkg [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.bre [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.brq [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cdv [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cfj [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cgs [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cgt [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.chn [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.chx [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cwd [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cxb [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.cxw [Kaspersky Lab]1
Trojan-Spy.Win32.Pophot.ger [Kaspersky Lab]1
TrojanSpy:Win32/Hitpop.AH [Microsoft]1
TrojanSpy:Win32/Hitpop.gen!D [Microsoft]1
TSPY_POPHOT.JD [Trend Micro]1

Trojan-Spy.Pophot.WX [PC Tools] has the following possible country of origin:
OriginNumber of Incidents
China4

Trojan-Spy.Pophot.WX [PC Tools] is known to be created as:
%System%\2.exe
%System%\blink.exe
%System%\blinktool.exe
%System%\evg.exe
%System%\inf\rundll33.exe
%System%\inf\scrsyszy080519.scr
%System%\inf\scrsyszy080714.scr
%System%\inf\scrszyys16_080618.dll
%System%\inf\scrszyys16_080714.dll
%System%\inf\scrszyys16_080816.dll
%System%\inf\scrszyys16_080915.dll
%System%\inf\scsys16_080507.dll
%System%\inf\scsys16_080714.dll
%System%\inf\scsys16_080727.dll
%System%\inf\scsys16_080816.dll
%System%\inf\scsys16_080828.dll
%System%\inf\scsys16_080831.dll
%System%\inf\scsys16_080902.dll
%System%\inf\scsys16_080906.dll
%System%\inf\scsys16_080908.dll
%System%\inf\scsys16_080909.dll
%System%\inf\scsys16_080919.dll
%System%\inf\scsys16_081006.dll
%System%\inf\scsys16_081010.dll
%System%\inf\scsys16_081015.dll
%System%\inf\scsys16_081016.dll
%System%\inf\scsys16_081027.dll
%System%\inf\sppdcrs080507.scr
%System%\inf\svch0st.exe
%System%\inf\svchoct.exe
%System%\inf\svchosd.exe
%System%\inf\svchost.exe
%System%\inf\svchostc.exe
%System%\inf\svchosts.exe
%System%\inf\svchowb.exe
%System%\inf\svczynt.exe
%System%\lwfdfia16_080507.dll
%System%\lwizyy16_080618.dll
%System%\lwizyy16_080714.dll
%System%\lwizyy16_080816.dll
%System%\lwizyy16_080915.dll
%System%\mdccasys32_080507.dll
%System%\mwiszcyys32_080618.dll
%System%\mwiszcyys32_080714.dll
%System%\mwiszcyys32_080816.dll
%System%\nnrun.exe
%System%\onestep.exe
%System%\r03007.exe
%System%\r05004.exe
%System%\r18022.exe
%System%\r18025.exe
%System%\r21014.exe
%System%\r23010.exe
%System%\zumie.exe
%UserProfile%\keenfinder.exe
%UserProfile%\nnrun.exe
%UserProfile%\onestep.exe
%UserProfile%\searchin1.exe
%UserProfile%\seekeen.exe
%UserProfile%\zumie.exe
%Windir%\dcbdcatys32_080703a.dll
%Windir%\dcbdcatys32_080725a.dll
%Windir%\dcbdcatys32_080726a.dll
%Windir%\dcbdcatys32_080727a.dll
%Windir%\dcbdcatys32_080828a.dll
%Windir%\dcbdcatys32_080906a.dll
%Windir%\system\sgcxcxxaspf080507.exe
%Windir%\system\zayjhxpres080519.exe
%Windir%\system\zayjhxpres080714.exe
%Windir%\wftadfi16_080714a.dll
%Windir%\wftadfi16_080727a.dll
%Windir%\wftadfi16_080816a.dll
%Windir%\wftadfi16_080828a.dll
%Windir%\wftadfi16_080831a.dll
%Windir%\wftadfi16_080902a.dll
%Windir%\wftadfi16_080906a.dll
%Windir%\wftadfi16_080908a.dll
%Windir%\wftadfi16_080909a.dll
%Windir%\wftadfi16_080919a.dll
%Windir%\wftadfi16_081006a.dll
%Windir%\wftadfi16_081010a.dll
%Windir%\wftadfi16_081015a.dll
%Windir%\wftadfi16_081016a.dll
%Windir%\wftadfi16_081027a.dll
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.