Threat Search: 

ThreatExpert's Statistics for Backdoor.Win32.UltimateDefender [Ikarus]:

Backdoor.Win32.UltimateDefender [Ikarus] is also known as:
Threat AliasNumber of Incidents
Mal/FakeAle-C [Sophos]284
Hacktool.Rootkit [Symantec]281
VirTool:WinNT/Xantvi.gen!A [Microsoft]230
FakeAlert-C.dr [McAfee]215
Backdoor.Win32.UltimateDefender.igv [Kaspersky Lab]191
Rootkit.Renos.Gen.11 [PC Tools]70
Backdoor.Win32.UltimateDefender.a [Kaspersky Lab]68
NTRootKit-AC [McAfee]68
Trojan.Virantix.C [Symantec]39
Generic FakeAlert.d [McAfee]36
Troj/FakeVir-GL [Sophos]36
Mal/EncPk-EQ [Sophos]33
TrojanDownloader:Win32/Renos [Microsoft]32
Generic Dropper.bu [McAfee]31
Backdoor.Win32.UltimateDefender.gen [Kaspersky Lab]25
Backdoor.Tidserv [Symantec]24
Backdoor.Win32.UltimateDefender.xm [Kaspersky Lab]24
Downloader [Symantec]7
Mal/Fakecor-B, Mal/Behav-314, Mal/EncPk-IV, Mal/EncPk-IF [Sophos]6
not-a-virus:FraudTool.Win32.XPSecurityCenter.ai [Kaspersky Lab]6
TROJ_MALBEHV.MCS [Trend Micro]6
Backdoor.Tidserv!sd6 [PC Tools]4
Backdoor.Win32.UltimateDefender.hzf [Kaspersky Lab]4
TROJ_DLOADR.RS [Trend Micro]4
Trojan.Virantix!sd6 [PC Tools]4
TrojanDownloader:Win32/Renos.FJ [Microsoft]4
Win-Trojan/Downloader.281600.F [AhnLab]4
Win-Trojan/Rootkit.29184.C [AhnLab]4
Win-Trojan/Xema.variant [AhnLab]4
Downloader.MisleadApp [Symantec]3
Trojan:Win32/Wantvi.I [Microsoft]3
Win-Trojan/Fraudload.9728 [AhnLab]3
Adware.Agent.ZO [PC Tools]2
FakeAlert-AP [McAfee]2
Infostealer.Banker.C [Symantec]2
Mal/Generic-A [Sophos]2
not-a-virus:.FraudTool.Win32.UltimateDefender.cm [Ikarus]2
not-a-virus:FraudTool.Win32.XPSecurityCenter [Ikarus]2
Trojan.Fakeavalert [Symantec]2
Trojan:Win32/Zbot.AY [Microsoft]2
TrojanDropper:Win32/Olmarik.A [Microsoft]2
Backdoor.UltimateDefender!sd6 [PC Tools]1
Backdoor.Win32.UltimateDefender.gfh [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.hcq [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.hsa [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.hzg [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.iaz [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.ibs [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.ijf [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.qx [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.tt [Kaspersky Lab]1
Backdoor.Win32.UltimateDefender.za [Kaspersky Lab]1
Downloader.Generic [PC Tools]1
Generic BackDoor [McAfee]1
Generic Downloader.x!bhm [McAfee]1
Generic Dropper!bg [McAfee]1
Generic Dropper.ke [McAfee]1
Generic.dx [McAfee]1
Hatigh [McAfee]1
Hoax.Win32.Renos.evb [Kaspersky Lab]1
Mal/EncPk-EQ, Mal/Basine-C [Sophos]1
Mal/EncPk-IF [Sophos]1
Mal/EncPk-IF, Mal/Fakecor-B, Mal/Behav-314 [Sophos]1
Mal/FakeVirPk-A [Sophos]1
not-a-virus:FraudTool.Win32.UltimateDefender.cm [Ikarus]1
not-a-virus:FraudTool.Win32.XPSecurityCenter.an [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.XPSecurityCenter.aq [Kaspersky Lab]1
Packed.Generic.233 [Symantec]1
PE_VIRUT.ASA [Trend Micro]1
PE_VIRUT.XL [Trend Micro]1
Troj/KillAV-EM [Sophos]1
TROJ_FAKEALE.SMB [Trend Micro]1
TROJ_FAKEAV.JV [Trend Micro]1
TROJ_RENOS.AG [Trend Micro]1
TROJ_RENOS.AJR [Trend Micro]1
TROJ_RENOS.AKY [Trend Micro]1
TROJ_RENOS.TAE [Trend Micro]1
TROJ_ROOTKIT.CY [Trend Micro]1
TROJ_VIRANTIX.BF [Trend Micro]1
Trojan Horse [Symantec]1
Trojan.Virantix [PC Tools]1
Trojan.Win32.Agent.adfi [Kaspersky Lab]1
Trojan-Clicker.Win32.Agent.eaa [Kaspersky Lab]1
Trojan-Clicker.Win32.Agent.eac [Kaspersky Lab]1
Trojan-Downloader.FakeAlert.GEN [PC Tools]1
Trojan-Downloader.Win32.Agent.amdc [Kaspersky Lab]1
Trojan-Downloader.Win32.FraudLoad.vcrk [Kaspersky Lab]1
Trojan-Downloader.Win32.FraudLoad.vcud [Kaspersky Lab]1
Trojan-Spy.Zbot [PC Tools]1
Virus.Win32.Virut.br [Kaspersky Lab]1
Virus.Win32.Virut.n [Kaspersky Lab]1
Virus:Win32/Virut.AF [Microsoft]1
Virus:Win32/Virut.BD [Microsoft]1
W32.Virut.U [Symantec]1
W32/Vetor-A [Sophos]1
W32/Virut-Gen [Sophos]1
Win32.Virut.Gen.5 [PC Tools]1
Win-Trojan/Downloader.278528.H [AhnLab]1
Win-Trojan/Renos.280576.D [AhnLab]1
Win-Trojan/Ultimatedefender.11264.W [AhnLab]1

Backdoor.Win32.UltimateDefender [Ikarus] has the following possible country of origin:
OriginNumber of Incidents
Russian Federation7

Backdoor.Win32.UltimateDefender [Ikarus] is known to be created as:
%System%\brastk.exe
%System%\braviax.exe
%System%\dllcache\beep.sys
%System%\dllcache\figaro.sys
%System%\ntos.exe
%Temp%\teste1_p.exe
%Temp%\teste2_p.exe
%Temp%\teste3_p.exe
%Temp%\teste4_p.exe
%Windir%\amoumain.exe
%Windir%\ctfmon.exe
%Windir%\lsass.exe
%Windir%\runsql.exe
%Windir%\servicelayer.exe
%Windir%\svhoster.exe
%Windir%\vlc.exe
%Windir%\wdmon.exe
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.