Home / Spyware Encyclopedia / PSW.generic << Back

Recommendation to Automatically remove PSW.generic


Our products can remove PSW.generic and thousands of other Virus and Spyware automatically and instantly.

PSW.generic Details


  • Category PSW
  • Discovered 10/25/2024 4:12:15 PM
  • Modified 10/25/2024 5:51:41 PM
  • Threat Level Medium
  • Category Description
    This family of Trojans steals passwords, normally system passwords from victim machines. They search for system files which contain confidential information such as passwords and Internet access telephone numbers and then send this information to an email address coded into the body of the Trojan. The 'master' or user of the illegal program will then retrieve and misuse this information. Most common behavior: 1. Ask for password using fake window 2. Change ICQ, MSN and AOL configuration 3. Get cached Windows passwords

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
2ab429eb.exe 578309Ada99.com1.4.0.03f2524ffc80b13ae5e6efe3359e64e5d 
hz_sys_temtray.dll 802681  e2a83e9e24eeeb6ac366a7526effebf4 
hz_sys_temtrayrs.dll 809344  6049c35329e5dd8488fe723b3b9293e3 
sys_temtrayrs.exe 611560  5f0b1bf3cce3bc2a7d2332261e3903bd 
sys_temtrayrs.jpg 611560  5f0b1bf3cce3bc2a7d2332261e3903bd 
sys_temtrayrs.txt 611560  5f0b1bf3cce3bc2a7d2332261e3903bd 
63e502a3.exe 611560  5f0b1bf3cce3bc2a7d2332261e3903bd 
597a8faacff782b2ed93dc01812f3013.exe 132096 1.0.0.0597a8faacff782b2ed93dc01812f3013 
f0ac6ea2a5ba02ad31349102307f2a5c.exe 379392Xellsoft2.7.7f0ac6ea2a5ba02ad31349102307f2a5c 
1f1aae17197b61bfa4a0f73f439cdc52.exe 306176 0.0.0.01f1aae17197b61bfa4a0f73f439cdc52 

The following Registry Entries were created:
..\System\CurrentControlSet\Enum\root\legacy_winserverviewrs\(Default)
..\System\CurrentControlSet\Services\winserverviewrs\(Default)
..\Software\Classes\2ab429eb.mynshandler\(Default)
..\Software\Classes\Clsid\{e8cfc029-8420-4eae-adef-915bdc77e1dc}\(Default)
..\System\CurrentControlSet\Enum\root\legacy_winserverview\(Default)
..\System\CurrentControlSet\Services\WinServerView\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.