Home / Spyware Encyclopedia / PSW.generic << Back

Recommendation to Automatically remove PSW.generic


Our products can remove PSW.generic and thousands of other Virus and Spyware automatically and instantly.

PSW.generic Details


  • Category PSW
  • Discovered 2/21/2018 7:36:43 PM
  • Modified 2/23/2018 5:46:06 PM
  • Threat Level Medium
  • Category Description
    This family of Trojans steals passwords, normally system passwords from victim machines. They search for system files which contain confidential information such as passwords and Internet access telephone numbers and then send this information to an email address coded into the body of the Trojan. The 'master' or user of the illegal program will then retrieve and misuse this information. Most common behavior: 1. Ask for password using fake window 2. Change ICQ, MSN and AOL configuration 3. Get cached Windows passwords

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATURE
..\input\4832_trojan-psw.generic_20091205\2ab429eb.exe 578309Ada99.com1.4.0.03f2524ffc80b13ae5e6efe3359e64e5d
..\temp\4832_trojan-psw.generic_20091205\2ab429eb.exe 578309Ada99.com1.4.0.03f2524ffc80b13ae5e6efe3359e64e5d
..\input\4832_trojan-psw.generic_20091205\8ae95f77.exe 5373952 0.0.0.03fb71bd3ff7e05aa24283b449ee1feb8
..\temp\4832_trojan-psw.generic_20091205\8ae95f77.exe 5373952 0.0.0.03fb71bd3ff7e05aa24283b449ee1feb8
..\hz_sys_temtray.dll 802681  e2a83e9e24eeeb6ac366a7526effebf4
..\input\17481_trojan-psw.generic_20091221\b84858d1.exe 49169  6481ff17ce46d879d7213a4885840efc
..\temp\17481_trojan-psw.generic_20091221\b84858d1.exe 49169  6481ff17ce46d879d7213a4885840efc
..\sys_temtray.exe 870937  638f9ac17f3d2a08e93af27179004c21
..\sys_temtray.jpg 870937  638f9ac17f3d2a08e93af27179004c21
..\sys_temtray.txt 870937  638f9ac17f3d2a08e93af27179004c21

The following Registry Entries were created:
..\System\CurrentControlSet\Enum\root\legacy_winserverviewrs\(Default)
..\System\CurrentControlSet\Services\winserverviewrs\(Default)
..\Software\Classes\2ab429eb.mynshandler\(Default)
..\Software\Classes\Clsid\{e8cfc029-8420-4eae-adef-915bdc77e1dc}\(Default)
..\System\CurrentControlSet\Enum\root\legacy_winserverview\(Default)
..\System\CurrentControlSet\Services\WinServerView\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automaticallyby tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Spyware Encyclopedia << Back

Spyware Detector can detect & quarantine this Malware