ThreatExpert's Statistics for Mal/EncPk-IV [Sophos]:

Mal/EncPk-IV [Sophos] is also known as:

Threat Alias	Number of Incidents
FakeAlert-FH [McAfee]	261
Trojan.Crypt [Ikarus]	253
Trojan Horse [Symantec]	247
Win-Trojan/Xema.variant [AhnLab]	239
Packed.Generic.233 [Symantec]	198
Trojan.Crypt.GEN [PC Tools]	120
Trojan-Downloader.Win32.Agent.ckkp [Kaspersky Lab]	101
Trojan:Win32/Ertfor.A [Microsoft]	78
Trojan.Win32.Ertfor [Ikarus]	73
Win-Trojan/Zpack.24576.J [AhnLab]	56
FakeAlert-DA [McAfee]	44
Generic.dx!sz [McAfee]	40
Trojan-Dropper.Agent [Ikarus]	37
Generic.dx!bht [McAfee]	32
Trojan.FakeAv.em [PC Tools]	32
Trojan:Win32/Ertfor.B [Microsoft]	32
Mal/Generic-A [Sophos]	29
Trojan-Downloader.Win32.FakeRean [Ikarus]	22
TrojanDownloader:Win32/FakeRean [Microsoft]	21
FakeAlert-CM [McAfee]	12
TrojanClicker:Win32/Klik [Microsoft]	10
Hoax.Win32.Renos [Ikarus]	9
Hoax.Win32.Renos.vchc [Kaspersky Lab]	9
Trojan.FakeAlert [PC Tools]	8
Trojan-Dropper.Win32.Agent.avsd [Kaspersky Lab]	8
Trojan:Win32/FakeRean [Microsoft]	7
Trojan-Downloader.Win32.FraudLoad.wcva [Kaspersky Lab]	7
Trojan-Clicker.Win32.Klik [Ikarus]	5
Backdoor.Win32.Agent.aido [Kaspersky Lab]	4
DNSChanger!bj [McAfee]	4
PWS:Win32/Zbot.J [Microsoft]	4
Trojan.Win32.Tdss [Ikarus]	4
Trojan.Win32.TDSS.alpo [Kaspersky Lab]	4
Trojan-Clicker.Win32.Vesloruki [Ikarus]	4
Trojan-Clicker.Win32.Vesloruki.bjs [Kaspersky Lab]	4
Win-Trojan/Vesloruki.232448.DO [AhnLab]	4
Trojan-Downloader.Win32.FraudLoad [Ikarus]	3
Trojan-Spy.Win32.Zbot [Ikarus]	3
not-a-virus:FraudTool.Win32.WinPCDefender [Ikarus]	2
not-a-virus:FraudTool.Win32.WinPCDefender.be [Kaspersky Lab]	2
Packed.Win32.Krap.t [Kaspersky Lab]	2
PWS:Win32/Zbot.gen!R [Microsoft]	2
Trojan.Win32.FakeRean [Ikarus]	2
Trojan.Win32.Wantvi [Ikarus]	2
Trojan-Clicker.Win32.Vesloruki.bst [Kaspersky Lab]	2
Trojan-Dropper.Win32.Microjoin [Ikarus]	2
Trojan-Spy.Win32.Zbot.xhm [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.zom [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.zpx [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.zup [Kaspersky Lab]	2
Adclicker-HB [McAfee]	1
Backdoor.Win32.Small.idl [Kaspersky Lab]	1
Backdoor:Win32/Hostil.F [Microsoft]	1
CoreGuardAntivirus2009 [Symantec]	1
Downloader [Symantec]	1
Downloader.MisleadApp [Symantec]	1
Dropper/Microjoin.1835008.B [AhnLab]	1
Dropper/Microjoin.4571136 [AhnLab]	1
Generic Downloader.x!hh [McAfee]	1
Generic PWS.y!dk [McAfee]	1
Generic.dx!bco [McAfee]	1
Generic.dx!bhq [McAfee]	1
Generic.dx!cny [McAfee]	1
Generic.dx!cqm [McAfee]	1
not-a-virus:FraudTool.Win32.WinPCDefender.bb [Kaspersky Lab]	1
Packed.Win32.Tdss.x [Kaspersky Lab]	1
Trojan.Fakeavalert [Symantec]	1
Trojan.Win32.Buzus [Ikarus]	1
Trojan.Win32.Buzus.brts [Kaspersky Lab]	1
Trojan.Win32.FraudPack.ppb [Kaspersky Lab]	1
Trojan.Win32.Inject.agco [Kaspersky Lab]	1
Trojan:Win32/Alureon.BK [Microsoft]	1
Trojan:Win32/Wantvi.I [Microsoft]	1
Trojan-Clicker.Win32.Delf [Ikarus]	1
Trojan-Clicker.Win32.Vesloruki.bjq [Kaspersky Lab]	1
Trojan-Clicker.Win32.Vesloruki.bsp [Kaspersky Lab]	1
Trojan-Clicker.Win32.Vesloruki.bsr [Kaspersky Lab]	1
Trojan-Clicker.Win32.Vesloruki.btm [Kaspersky Lab]	1
Trojan-Clicker.Win32.Vesloruki.bwa [Kaspersky Lab]	1
Trojan-Clicker.Win32.Vesloruki.bwc [Kaspersky Lab]	1
TrojanClicker:Win32/Delf.P [Microsoft]	1
Trojan-Downloader.Win32.Agent.cgxu [Kaspersky Lab]	1
Trojan-Downloader.Win32.Cutwail [Ikarus]	1
Trojan-Downloader.Win32.FraudLoad.wftu [Kaspersky Lab]	1
Trojan-Downloader.Win32.Renos [Ikarus]	1
TrojanDownloader:Win32/Cutwail.gen!B [Microsoft]	1
Trojan-Dropper.Win32.Microjoin.gsz [Kaspersky Lab]	1
Trojan-Dropper.Win32.Microjoin.gwo [Kaspersky Lab]	1
Trojan-Dropper.Win32.Wlord [Ikarus]	1
Trojan-Dropper.Win32.Wlord.afg [Kaspersky Lab]	1
VirTool.Win32.Injector [Ikarus]	1
VirTool:Win32/DelfInject.gen!AM [Microsoft]	1
Win32.SuspectCrc [Ikarus]	1
Win-Trojan/Agent.74755 [AhnLab]	1
Win-Trojan/Downloader.20480.ZM [AhnLab]	1
Win-Trojan/Downloader.238596 [AhnLab]	1
Win-Trojan/Fakealert.1022976.B [AhnLab]	1
Win-Trojan/Fraudload.110595.B [AhnLab]	1
Win-Trojan/Fraudpack.640197 [AhnLab]	1
Win-Trojan/Inject.12288.DM [AhnLab]	1

Mal/EncPk-IV [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	88
	Ukraine	15

Mal/EncPk-IV [Sophos] is known to be created as:

%System%\braviax.exe

%System%\ghaf8jkdfd.dll

%System%\ipcmd.dll

%System%\reader_s.exe

%System%\sdra64.exe

%Temp%\4_pinnew.exe

%Temp%\5_odb.exe

%Temp%\6_ldr3.exe

%Temp%\avto.exe

%Temp%\ct4mudyja.exe

%Temp%\f9kf0j.exe

%Temp%\gbp61.exe

%Temp%\ia49wj.exe

%Temp%\iv4fvgek9d.exe

%Temp%\kbnhkb.exe

%Temp%\o1sp90.exe

%Temp%\q5.exe

%Temp%\rf75ln0.exe

%Temp%\sfjh98w3jkdmfkd.exe

%Temp%\ud87h.exe

%Temp%\uq9xheq.exe

%Temp%\wfg7pzyn1o.exe

%Temp%\wlr35a7.exe

%Temp%\xt3ifap.exe

%UserProfile%\reader_s.exe

%Windir%\odb.exe

%Windir%\svc.exe

%Windir%\svw.exe

%Windir%\svx.exe

%Windir%\vlc.exe

%Windir%\wdmon.exe

Notes:

%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.