ThreatExpert's Statistics for Mal/EncPk-IF [Sophos]:

Mal/EncPk-IF [Sophos] is also known as:

Threat Alias	Number of Incidents
Packed.Generic.233 [Symantec]	645
Trojan-Downloader.Win32.FakeRean [Ikarus]	175
TrojanDownloader:Win32/FakeRean [Microsoft]	174
TROJ_FAKEALE.SMB [Trend Micro]	144
Trojan-Downloader.Win32.FraudLoad [Ikarus]	123
Trojan:Win32/Alureon.BH [Microsoft]	122
Generic FakeAlert.d!gen [McAfee]	120
FakeAlert-XPSecCenter [McAfee]	104
Generic Downloader.x!bhm [McAfee]	101
Trojan-Downloader.Win32.FraudLoad.wsia [Kaspersky Lab]	100
Trojan-Downloader.Win32.Renos [Ikarus]	91
Trojan.Win32.Ertfor [Ikarus]	88
Trojan:Win32/Ertfor.B [Microsoft]	69
Trojan.Fakeavalert [Symantec]	67
Trojan-Downloader.Win32.FraudLoad.fkv [Kaspersky Lab]	62
Trojan.Win32.Alureon [Ikarus]	56
Generic Downloader.x!wj [McAfee]	49
Trojan-Downloader.Win32.Small.kdb [Kaspersky Lab]	49
Generic FakeAlert!bd [McAfee]	45
Trojan.Win32.FraudPack.rcj [Kaspersky Lab]	45
FakeAlert-DA [McAfee]	34
TrojanDownloader:Win32/Renos [Microsoft]	27
Trojan:Win32/Alureon.BK [Microsoft]	24
Trojan:Win32/FakeRean [Microsoft]	24
Win-Trojan/Xema.variant [AhnLab]	20
Trojan Horse [Symantec]	19
Trojan-Dropper [Ikarus]	19
Generic Dropper.ke [McAfee]	18
Trojan-Clicker.Win32.Vesloruki [Ikarus]	18
Win32/IRCBot.worm.variant [AhnLab]	17
Trojan-Downloader.Win32.FraudLoad.fft [Kaspersky Lab]	16
Trojan-Dropper.Agent [Ikarus]	16
Win-Trojan/Ertfor.15000.H [AhnLab]	16
Win-Trojan/Spambot.11264 [AhnLab]	16
Packed.Generic.218 [Symantec]	15
Trojan-Clicker.Win32.Klik [Ikarus]	15
Trojan-Downloader.Win32.FraudLoad.eyw [Kaspersky Lab]	15
TrojanDownloader:Win32/FakeRean.gen!C [Microsoft]	15
Downloader.MisleadApp [Symantec]	14
FakeAlert-CM [McAfee]	14
Downloader [Symantec]	13
Packed.Win32.Tdss.x [Kaspersky Lab]	13
Trojan.Win32.Winwebsec [Ikarus]	13
Trojan:Win32/Ertfor.A [Microsoft]	13
PWS:Win32/Zbot.gen!R [Microsoft]	12
Infostealer.Banker.C [Symantec]	11
W32/Ertfor.gen [McAfee]	11
Win-Trojan/Fakealert.238642 [AhnLab]	11
Generic.dx!cju [McAfee]	10
HeurEngine.MaliciousPacker [PC Tools]	10
Trojan.Win32.Wantvi [Ikarus]	10
Trojan-Downloader.Win32.Agent.clni [Kaspersky Lab]	10
Win-Trojan/Ertfor.15000.I [AhnLab]	10
Mal/Generic-A [Sophos]	9
not-a-virus:FraudTool.Win32.WinPCDefender.bm [Kaspersky Lab]	9
Packed.Win32.Krap.t [Kaspersky Lab]	9
Trojan.Win32.FakeRean [Ikarus]	9
Trojan-Downloader.Win32.Wzhyk.ah [Kaspersky Lab]	9
Adclicker-HB [McAfee]	8
Trojan-Clicker.Win32.Hatigh [Ikarus]	8
TrojanClicker:Win32/Hatigh.C [Microsoft]	8
Trojan-Downloader.Win32.Agent.cqfg [Kaspersky Lab]	8
Win-Trojan/Agent.15000.BF [AhnLab]	8
Downloader-BOI [McAfee]	7
Trojan:Win32/Alureon.gen!J [Microsoft]	7
Backdoor.Tidserv [Symantec]	6
Generic.dx!ezc [McAfee]	6
not-a-virus:FraudTool.Win32.WinPCDefender [Ikarus]	6
PWS.Win32 [Ikarus]	6
PWS:Win32/Zbot.PG [Microsoft]	6
RogueAntiSpyware.XPAntispyware [PC Tools]	6
Trojan.Win32.FakeAV [Ikarus]	6
Trojan.Win32.FraudPack [Ikarus]	6
TrojanClicker:Win32/Klik [Microsoft]	6
Trojan-Downloader.Win32.FraudLoad.ehp [Kaspersky Lab]	6
Trojan-Downloader.Win32.FraudLoad.fdo [Kaspersky Lab]	6
Trojan-PSW.Banker [PC Tools]	6
Win-Trojan/Downloader.106499 [AhnLab]	6
Win-Trojan/FakeAv.189325 [AhnLab]	6
Win-Trojan/Fakeav.Gen [AhnLab]	6
Win-Trojan/Fraudload.184393 [AhnLab]	6
Worm:Win32/Mariofev.A [Microsoft]	6
Generic Dropper.nu [McAfee]	5
not-a-virus:FraudTool.Win32.SystemSecurity.ic [Kaspersky Lab]	5
Trojan.Dropper [Symantec]	5
Trojan.Win32.FraudPack.udx [Kaspersky Lab]	5
Virus.Packed.Win32.Tdss [Ikarus]	5
Win-Trojan/Fakeav.190993.B [AhnLab]	5
Worm.Win32.Mariofev [Ikarus]	5
FakeAlert-FH [McAfee]	4
Gen.Trojan [Ikarus]	4
Generic Downloader.x!bff [McAfee]	4
PWS:Win32/Zbot.G [Microsoft]	4
PWS:Win32/Zbot.gen!B [Microsoft]	4
Suspicious.Lop [Symantec]	4
Tool:Win32/Dnschanger.K [Microsoft]	4
Trojan.Crypt [Ikarus]	4
Trojan.Win32.Agent.cwri [Kaspersky Lab]	4
Trojan:Win32/Winwebsec [Microsoft]	4
Trojan-Clicker.Win32.Vesloruki.cgp [Kaspersky Lab]	4

Mal/EncPk-IF [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	64
	Ukraine	28
	China	2

Mal/EncPk-IF [Sophos] is known to be created as:

%AppData%\ba.exe

%AppData%\lizkavd.exe

%AppData%\seres.exe

%AppData%\svcst.exe

%AppData%\userinit.exe

%CommonAppData%\17464214\17464214.exe

%ProgramFiles%\adult tube xxx codec\antivirus\setup.exe

%ProgramFiles%\antiviruspro_2010\antiviruspro_2010.exe

%ProgramFiles%\antiviruspro_2010\uninstall.exe

%ProgramFiles%\microsoft common\svchost.exe

%System%\braviax.exe

%System%\cssrss.exe

%System%\hs7f3uhduhfukde.dll

%System%\msupdt.exe

%System%\ntos.exe

%System%\nvrmn.dll

%System%\nvrtm.dll

%System%\sdra64.exe

%System%\twex.exe

%System%\twext.exe

%System%\wbem\proquota.exe

%System%\winagent.exe

%System%\yvinvul.exe

%Temp%\1065199948.exe

%Temp%\1102224138.exe

%Temp%\4_pinnew.exe

%Temp%\5_odb.exe

%Temp%\6_ldr3.exe

%Temp%\a1xgg6n.exe

%Temp%\a3yky.exe

%Temp%\a5gzgb6gqv.exe

%Temp%\a7b5qul19.exe

%Temp%\a84la8go.exe

%Temp%\aaj2hun.exe

%Temp%\adq6o.exe

%Temp%\ag2a9.exe

%Temp%\ahfz9cse2.exe

%Temp%\ahtj9vf2.exe

%Temp%\aj0zeknd.exe

%Temp%\aku4i7o.exe

%Temp%\akznh9ke6.exe

%Temp%\alfabr.exe

%Temp%\alfaplay.exe

%Temp%\alfavid.exe

%Temp%\algujzqt.exe

%Temp%\alldi1me1n.exe

%Temp%\amy2ztxb.exe

%Temp%\ang06n.exe

%Temp%\ani86.exe

%Temp%\anpsz.exe

%Temp%\ansanbk3q.exe

%Temp%\aovx6xdzz.exe

%Temp%\aoz6nl.exe

%Temp%\ap77h7rrk4.exe

%Temp%\ashar0.exe

%Temp%\avto.exe

%Temp%\avto1.exe

%Temp%\avto2.exe

%Temp%\avto3.exe

%Temp%\avto4.exe

%Temp%\avy62u.exe

%Temp%\awpwg8.exe

%Temp%\axta7.exe

%Temp%\axxlk.exe

%Temp%\az41p3cve7.exe

%Temp%\b0gs7ym74v.exe

%Temp%\b1zhkn8.exe

%Temp%\b22c35u.exe

%Temp%\b2byhh194.exe

%Temp%\b3o63p2ytk.exe

%Temp%\b4fwh3arvd.exe

%Temp%\b7y8yznz.exe

%Temp%\b8f1zahym8.exe

%Temp%\ba9nzt.exe

%Temp%\bc30iuje5.exe

%Temp%\bemrrl.exe

%Temp%\bhit1ejx.exe

%Temp%\bi9ji.exe

%Temp%\bktp28.exe

%Temp%\bkzpt80z.exe

%Temp%\bldo1.exe

%Temp%\bo3tjf9.exe

%Temp%\bqg62g951x.exe

%Temp%\braviax.exe

%Temp%\btmd9w.exe

%Temp%\btvbbb5k.exe

%Temp%\buouy542m.exe

%Temp%\bvsvb4.exe

%Temp%\bwco0.exe

%Temp%\bxpw3g.exe

%Temp%\bxw4z1u7hg.exe

%Temp%\bxzykip6ul.exe

%Temp%\bygm3rvlf.exe

%Temp%\bz7ch53ew.exe

%Temp%\bzb2p65x4.exe

%Temp%\c28ruuqv6e.exe

%Temp%\c2iihk94.exe

%Temp%\c38y9u.exe

%Temp%\c3vqk9aao.exe

%Temp%\c4h8018.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).