ThreatExpert's Statistics for Mal/EncPk-JU [Sophos]:

Mal/EncPk-JU [Sophos] is also known as:

Threat Alias	Number of Incidents
VirTool:Win32/Injector.gen!AG [Microsoft]	88
BackDoor-EEF [McAfee]	85
Trojan.Win32.Refroso [Ikarus]	40
VirTool:Win32/Injector.gen!AD [Microsoft]	39
Trojan-Downloader.Win32.Pher.xx [Kaspersky Lab]	36
Trojan Horse [Symantec]	35
VirTool:Win32/CeeInject.gen!Q [Microsoft]	34
Win32/Kolab.worm.Gen [AhnLab]	33
Win-Trojan/Bluescreen.9216 [AhnLab]	27
VirTool.Win32.Injector [Ikarus]	25
Trojan-Downloader.Win32.Pher [Ikarus]	22
BackDoor-EEC.gen [McAfee]	20
Backdoor.Trojan [Symantec]	19
Generic Dropper.fh.gen [McAfee]	17
BackDoor-EBI.gen [McAfee]	15
Trojan.Generic [PC Tools]	15
Downloader [Symantec]	12
Virus.Win32.CeeInject [Ikarus]	11
Worm.Win32.Pushbot [Ikarus]	11
Backdoor.Trojan [PC Tools]	10
W32.Spybot.Worm [Symantec]	9
VirTool:Win32/CeeInject.gen!AJ [Microsoft]	8
Win-Trojan/Xema.variant [AhnLab]	8
Packed.Generic.252 [Symantec]	7
Trojan-PSW.Win32.Dybalom.bu [Kaspersky Lab]	7
W32.Ircbrute [Symantec]	7
Win-Trojan/Pher.58368 [AhnLab]	7
BackDoor-EBI [McAfee]	6
Downloader-BTI [McAfee]	6
Net-Worm.Win32.Kolab [Ikarus]	6
Trojan-Spy.Win32.Agent.azbj [Kaspersky Lab]	6
VirTool:Win32/CeeInject.gen!AE [Microsoft]	6
VirTool:Win32/CeeInject.gen!AO [Microsoft]	6
Win-Trojan/Refroso.22016 [AhnLab]	6
Win-Trojan/Refroso.87933 [AhnLab]	6
Malware.Ircbrute [PC Tools]	5
Trojan.Win32.Refroso.ktw [Kaspersky Lab]	5
VirTool:Win32/CeeInject.F [Microsoft]	5
W32.SillyFDC [Symantec]	5
Win-Trojan/Agent.32256.TG [AhnLab]	5
Win-Trojan/Refroso.81920.E [AhnLab]	5
Backdoor.Win32.Poison.aphr [Kaspersky Lab]	4
Backdoor:Win32/Phdet.gen!A [Microsoft]	4
Downloader-BVA [McAfee]	4
Generic PWS.y!rf [McAfee]	4
Trojan-Downloader.Win32.Pher.pt [Kaspersky Lab]	4
Trojan-Dropper.Agent [Ikarus]	4
Trojan-Dropper.Win32.Muldrop [Ikarus]	4
TrojanDropper:Win32/Muldrop.E [Microsoft]	4
VirTool:Win32/CeeInject.gen!AS [Microsoft]	4
Win-Trojan/Inject.44032.AL [AhnLab]	4
Win-Trojan/Muldrop.144384 [AhnLab]	4
Worm:Win32/Pushbot.gen [Microsoft]	4
Backdoor-DZD [McAfee]	3
BackDoor-EEC [McAfee]	3
Downloader.Generic [PC Tools]	3
Email-Worm.Win32.BSpread [Ikarus]	3
Email-Worm.Win32.BSpread.b [Kaspersky Lab]	3
Net-Worm.Spybot [PC Tools]	3
Packed.Win32.CPEX-based.gc [Kaspersky Lab]	3
Trojan.Win32.Agent [Ikarus]	3
Trojan.Win32.Inject.alfk [Kaspersky Lab]	3
VirTool:Win32/Injector.gen!Y [Microsoft]	3
Win32/Kolab.worm.84992.C [AhnLab]	3
Win-Trojan/Pher.1699328 [AhnLab]	3
Win-Trojan/Pher.29184 [AhnLab]	3
Worm.Win32.Slenfbot [Ikarus]	3
Worm:Win32/Pushbot.gen!C [Microsoft]	3
Backdoor.IRC [PC Tools]	2
Backdoor.IRC.Bot [Symantec]	2
Backdoor.SdBot [Ikarus]	2
Backdoor:Win32/Poison.M [Microsoft]	2
BackDoor-CEP.gen.al [McAfee]	2
BackDoor-CEP.gen.o [McAfee]	2
Generic Dropper.fh [McAfee]	2
Generic.dx!su [McAfee]	2
Spyware.Keylogger [PC Tools]	2
Trojan.Dropper [Symantec]	2
Trojan.Loader [Ikarus]	2
Trojan.Win32.Agent.ckeq [Kaspersky Lab]	2
Trojan.Win32.Agent2.kjd [Kaspersky Lab]	2
Trojan:Win32/Ircbrute [Microsoft]	2
Trojan-Dropper.Win32.Agent.bcxu [Kaspersky Lab]	2
Trojan-Ransom [Ikarus]	2
VirTool:Win32/CeeInject.gen!AD [Microsoft]	2
VirTool:Win32/CeeInject.gen!Y [Microsoft]	2
W32/Checkout!n [McAfee]	2
W32/IRCbot.gen.h [McAfee]	2
Win32/IRCBot.worm.variant [AhnLab]	2
Win-Trojan/Agent.26624.KC [AhnLab]	2
Win-Trojan/Agent2.20992.HT [AhnLab]	2
Win-Trojan/Agent2.25088.D [AhnLab]	2
Win-Trojan/Buzus.41472.M [AhnLab]	2
Win-Trojan/Downloader.129536.CP [AhnLab]	2
Win-Trojan/Pher.31232.B [AhnLab]	2
Worm.Win32.AInfBot [Ikarus]	2
Worm.Win32.AInfBot.o [Kaspersky Lab]	2
Worm:Win32/Rimecud.I [Microsoft]	2
Worm:Win32/Slenfbot [Microsoft]	2
Backdoor.Ranky [Symantec]	1

Mal/EncPk-JU [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Canada	2
	Denmark	2
	Norway	1

Mal/EncPk-JU [Sophos] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\microsoft\svchost.exe

%AppData%\system\taskmgr.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\lttlogger\ltlogger.exe.exe

%ProgramFiles%\msn\msnmgsr.exe

%ProgramFiles%\windows live\msnmsgvir.exe

%ProgramFiles%\windows\explorer.exe

%System%\bifrost\server.exe

%System%\explorer\explorer.exe

%System%\msnmsgr.exe

%System%\server.exe

%System%\system\server.exe

%System%\system\taskmgr.exe

%System%\system32.exe

%System%\systeme\wingard.exe

%System%\updata.exe

%System%\winfiles.exe

%System%\xml\scrss.exe

%Temp%\decrypted.exe

%Temp%\girl.exe

%Temp%\instal.exe

%Temp%\ixp000.tmp\crypt.exe

%Temp%\ixp000.tmp\crypter.exe

%Temp%\ixp000.tmp\gamezer.exe

%Temp%\lttlogger.exe

%Temp%\proexa2.exe

%Temp%\server..exe

%Temp%\server.exe

%Temp%\stubdvh_4.exe

%Windir%\kasber-server1.exe

%Windir%\mizou.exe

%Windir%\msngr.exe

%Windir%\nzmcrypt.exe

%Windir%\raidhost.exe

%Windir%\win.exe

%Windir%\winfiles.exe

%Windir%\winnt.exe

c:\1111.exe

c:\data\system\xp.exe

c:\extracted\85.exe

c:\recycled\bin\ok.exe

c:\ses.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.