ThreatExpert's Statistics for Trojan-Spy.Pophot.WX [PC Tools]:

Trojan-Spy.Pophot.WX [PC Tools] is also known as:

Threat Alias	Number of Incidents
Spy-Agent.br.ini [McAfee]	37
W32.Hitapop [Symantec]	33
Spy-Agent.br.dll [McAfee]	32
TrojanSpy:Win32/Hitpop.gen!C [Microsoft]	31
Mal/Pophot-A [Sophos]	26
TrojanSpy:Win32/Hitpop.AE!dll [Microsoft]	19
Mal/Behav-024, Mal/Emogen-P [Sophos]	14
Trojan.Hitpop.J [Ikarus]	10
Downloader-AZN [McAfee]	8
Generic PWS.y [McAfee]	7
Trojan-Spy.Win32.Pophot.bze [Ikarus]	6
Trojan-Spy.Win32.Pophot.bze [Kaspersky Lab]	6
Infostealer.Gampass [Symantec]	5
Mal/Pophot-B [Sophos]	5
Trojan-Spy.Win32.Pophot.brr [Kaspersky Lab]	5
Trojan-Spy.Win32.Pophot.gjd [Kaspersky Lab]	5
Trojan Horse [Symantec]	4
Trojan-Spy.Win32.Pophot.btg [Kaspersky Lab]	4
Trojan-Spy.Win32.Pophot.bzi [Kaspersky Lab]	4
Trojan-Spy.Win32.Pophot.bzk [Kaspersky Lab]	4
Mal/Emogen-P [Sophos]	3
TROJ_DELF.IVK [Trend Micro]	3
Downloader-AZN.gen [McAfee]	2
New Malware.aj [McAfee]	2
Trojan-Spy.Win32.Pophot.bnn [Kaspersky Lab]	2
Trojan-Spy.Win32.Pophot.brh [Kaspersky Lab]	2
Trojan-Spy.Win32.Pophot.bsf [Kaspersky Lab]	2
Trojan-Spy.Win32.Pophot.cdu [Kaspersky Lab]	2
Infostealer.Onlinegame [Symantec]	1
Mal/Generic-A, Mal/Pophot-A [Sophos]	1
TROJ_POPHOT.JB [Trend Micro]	1
Trojan-Spy.Win32.Agent.pn [Ikarus]	1
Trojan-Spy.Win32.Pophot.azu [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.bkg [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.bre [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.brq [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cdv [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cfj [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cgs [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cgt [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.chn [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.chx [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cwd [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cxb [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.cxw [Kaspersky Lab]	1
Trojan-Spy.Win32.Pophot.ger [Kaspersky Lab]	1
TrojanSpy:Win32/Hitpop.AH [Microsoft]	1
TrojanSpy:Win32/Hitpop.gen!D [Microsoft]	1
TSPY_POPHOT.JD [Trend Micro]	1

Trojan-Spy.Pophot.WX [PC Tools] has the following possible country of origin:

Origin		Number of Incidents
	China	4

Trojan-Spy.Pophot.WX [PC Tools] is known to be created as:

%System%\2.exe

%System%\blink.exe

%System%\blinktool.exe

%System%\evg.exe

%System%\inf\rundll33.exe

%System%\inf\scrsyszy080519.scr

%System%\inf\scrsyszy080714.scr

%System%\inf\scrszyys16_080618.dll

%System%\inf\scrszyys16_080714.dll

%System%\inf\scrszyys16_080816.dll

%System%\inf\scrszyys16_080915.dll

%System%\inf\scsys16_080507.dll

%System%\inf\scsys16_080714.dll

%System%\inf\scsys16_080727.dll

%System%\inf\scsys16_080816.dll

%System%\inf\scsys16_080828.dll

%System%\inf\scsys16_080831.dll

%System%\inf\scsys16_080902.dll

%System%\inf\scsys16_080906.dll

%System%\inf\scsys16_080908.dll

%System%\inf\scsys16_080909.dll

%System%\inf\scsys16_080919.dll

%System%\inf\scsys16_081006.dll

%System%\inf\scsys16_081010.dll

%System%\inf\scsys16_081015.dll

%System%\inf\scsys16_081016.dll

%System%\inf\scsys16_081027.dll

%System%\inf\sppdcrs080507.scr

%System%\inf\svch0st.exe

%System%\inf\svchoct.exe

%System%\inf\svchosd.exe

%System%\inf\svchost.exe

%System%\inf\svchostc.exe

%System%\inf\svchosts.exe

%System%\inf\svchowb.exe

%System%\inf\svczynt.exe

%System%\lwfdfia16_080507.dll

%System%\lwizyy16_080618.dll

%System%\lwizyy16_080714.dll

%System%\lwizyy16_080816.dll

%System%\lwizyy16_080915.dll

%System%\mdccasys32_080507.dll

%System%\mwiszcyys32_080618.dll

%System%\mwiszcyys32_080714.dll

%System%\mwiszcyys32_080816.dll

%System%\nnrun.exe

%System%\onestep.exe

%System%\r03007.exe

%System%\r05004.exe

%System%\r18022.exe

%System%\r18025.exe

%System%\r21014.exe

%System%\r23010.exe

%System%\zumie.exe

%UserProfile%\keenfinder.exe

%UserProfile%\nnrun.exe

%UserProfile%\onestep.exe

%UserProfile%\searchin1.exe

%UserProfile%\seekeen.exe

%UserProfile%\zumie.exe

%Windir%\dcbdcatys32_080703a.dll

%Windir%\dcbdcatys32_080725a.dll

%Windir%\dcbdcatys32_080726a.dll

%Windir%\dcbdcatys32_080727a.dll

%Windir%\dcbdcatys32_080828a.dll

%Windir%\dcbdcatys32_080906a.dll

%Windir%\system\sgcxcxxaspf080507.exe

%Windir%\system\zayjhxpres080519.exe

%Windir%\system\zayjhxpres080714.exe

%Windir%\wftadfi16_080714a.dll

%Windir%\wftadfi16_080727a.dll

%Windir%\wftadfi16_080816a.dll

%Windir%\wftadfi16_080828a.dll

%Windir%\wftadfi16_080831a.dll

%Windir%\wftadfi16_080902a.dll

%Windir%\wftadfi16_080906a.dll

%Windir%\wftadfi16_080908a.dll

%Windir%\wftadfi16_080909a.dll

%Windir%\wftadfi16_080919a.dll

%Windir%\wftadfi16_081006a.dll

%Windir%\wftadfi16_081010a.dll

%Windir%\wftadfi16_081015a.dll

%Windir%\wftadfi16_081016a.dll

%Windir%\wftadfi16_081027a.dll

Notes:

%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.