ThreatExpert's Statistics for Mal/FakeVirPk-A [Sophos]:

Mal/FakeVirPk-A [Sophos] is also known as:

Threat Alias	Number of Incidents
Trojan:Win32/Tibs.IU [Microsoft]	187
FakeAlert-XPPoliceAnti [McAfee]	116
Trojan-Downloader.Win32.FraudLoad [Ikarus]	76
FakeAlert-CC [McAfee]	65
Trojan Horse [Symantec]	64
Trojan-Downloader.Win32.FraudLoad.vpdm [Kaspersky Lab]	64
Trojan.Adclicker [Symantec]	57
Backdoor.Win32.Agent.adqt [Kaspersky Lab]	56
Generic Dropper.dn [McAfee]	50
Generic.dx [McAfee]	47
Gen.Trojan [Ikarus]	42
Packed.Generic.200 [Symantec]	40
Rootkit.Win32.TDSS [Ikarus]	40
Trojan:Win32/Insebro.C [Microsoft]	35
Virus.Win32.VunDrop [Ikarus]	33
Downloader.MisleadApp [Symantec]	29
TrojanClicker:Win32/Klik [Microsoft]	28
not-a-virus:FraudTool.Win32.Agent.ju [Kaspersky Lab]	27
Downloader-BWS [McAfee]	25
Trojan.Fakeavalert [Symantec]	25
DNSChanger.f.gen.a [McAfee]	24
Suspicious.MH690 [Symantec]	24
Generic Downloader.x [McAfee]	22
Trojan.FakeAV!gen [Symantec]	22
Mal/Generic-A [Sophos]	19
Backdoor.Agent!sd6 [PC Tools]	18
Trojan.FakeAV [PC Tools]	18
Downloader [Symantec]	17
RogueAntiSpyware.Generic [PC Tools]	17
Win-Trojan/Xema.variant [AhnLab]	17
SpywareGuard2008 [Symantec]	16
Trojan.Initbar [Symantec]	16
Win-Trojan/Fraudload.27648.C [AhnLab]	16
not-a-virus:FraudTool.Win32.Agent.kg [Kaspersky Lab]	15
TrojanDownloader:Win32/Renos.GZ [Microsoft]	15
Spyware-Ssppyy [McAfee]	14
Trojan.Win32.Tibs [Ikarus]	14
VirTool:Win32/DelfInject.gen!X [Microsoft]	14
Virus.Win32.Trojan [Ikarus]	13
Backdoor.Trojan [Symantec]	12
Exploit.Win32.IMG-WMF.oy [Kaspersky Lab]	12
PWS:Win32/Zbot.gen!R [Microsoft]	12
Trojan:Win32/Alureon.gen!J [Microsoft]	12
Trojan:Win32/FakeSpyguard [Microsoft]	12
Trojan-Downloader.Win32.Agent.bdvd [Kaspersky Lab]	12
Trojan-Downloader.Win32.Agent.bifo [Kaspersky Lab]	12
WiniGuard [Symantec]	12
Trojan.Vundo.B [Symantec]	11
TrojanDownloader:Win32/Renos.FJ [Microsoft]	11
FakeAlert-SpywareGuard [McAfee]	10
Generic Dropper.bw [McAfee]	10
Trojan.Win32.FraudPack.kfe [Kaspersky Lab]	10
Trojan-Spy.Win32.Zbot.njy [Kaspersky Lab]	10
Backdoor.Win32.Agent.wci [Kaspersky Lab]	9
FakeAlert-AB [McAfee]	9
Trojan.FakeAV!gen13 [Symantec]	9
Trojan.Win32.BHO.mme [Kaspersky Lab]	9
Trojan-Downloader.Win32.FraudLoad.vjna [Kaspersky Lab]	9
VirTool.Win32.DelfInject [Ikarus]	9
Win32/IRCBot.worm.variant [AhnLab]	9
Packed.Generic.187 [Symantec]	8
Rootkit.Win32.TDSS.eyj [Kaspersky Lab]	8
Trojan.Adclicker!sd6 [PC Tools]	8
Trojan.Win32.FraudPack [Ikarus]	8
Trojan:Win32/Iceroe.gen!A [Microsoft]	8
TrojanDownloader:Win32/Renos.GN [Microsoft]	8
Packed.Win32.Krap.ai [Kaspersky Lab]	7
Packed.Win32.Tdss.c [Kaspersky Lab]	7
RealAV [Symantec]	7
Trojan.Peed [Ikarus]	7
Trojan-Downloader.Win32.FraudLoad.vozi [Kaspersky Lab]	7
Virus.Win32.Fasec [Ikarus]	7
AntiVirus2009 [Symantec]	6
Backdoor.Win32.Agent.admr [Kaspersky Lab]	6
Downloader-BON [McAfee]	6
not-a-virus:FraudTool.Win32.Agent.kc [Kaspersky Lab]	6
not-a-virus:FraudTool.Win32.Agent.kd [Kaspersky Lab]	6
Trojan.BHO!sd6 [PC Tools]	6
Trojan.Win32.Agent [Ikarus]	6
Trojan.Win32.Iceroe [Ikarus]	6
Trojan:Win32/Winwebsec [Microsoft]	6
Trojan-Dropper.Agent [Ikarus]	6
Win-Trojan/Katusha.192512.D [AhnLab]	6
Win-Trojan/Katusha.212992.E [AhnLab]	6
Downloader-BPX [McAfee]	5
Generic PWS.y [McAfee]	5
not-a-virus:FraudTool.Win32.Agent.kj [Kaspersky Lab]	5
PWS:Win32/Zbot.G [Microsoft]	5
Trojan.TDss [Ikarus]	5
Trojan.Win32.Pakes.mmh [Kaspersky Lab]	5
Trojan.Win32.Pakes.mzt [Kaspersky Lab]	5
Trojan:Win32/Adept.B [Microsoft]	5
Trojan:Win32/Tibs.gen!lds [Microsoft]	5
TrojanClicker:Win32/Delf.P [Microsoft]	5
Trojan-Downloader.Agent!sd6 [PC Tools]	5
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	5
Trojan-Downloader.Win32.FraudLoad.ddk [Kaspersky Lab]	5
TrojanDownloader:Win32/Fakeinit [Microsoft]	5
Virus.Win32.Delf.m [Ikarus]	5
Win-Trojan/Fraudpack.1190912 [AhnLab]	5

Mal/FakeVirPk-A [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	118
	Ukraine	11
	China	2
	Sweden	1

Mal/FakeVirPk-A [Sophos] is known to be created as:

%AppData%\microsoft\windows\winlogon.exe

%CommonAppData%\02341212\02341212.exe

%CommonAppData%\08734426\08734426.exe

%CommonAppData%\09365124\09365124.exe

%CommonAppData%\12311008\12311008.exe

%CommonAppData%\13899131\13899131.exe

%CommonAppData%\19216423\19216423.exe

%CommonAppData%\24051113\24051113.exe

%CommonAppData%\28028222\28028222.exe

%CommonAppData%\41386830\41386830.exe

%CommonAppData%\42057119\42057119.exe

%CommonAppData%\42469126\42469126.exe

%CommonAppData%\42524017\42524017.exe

%CommonAppData%\56227830\56227830.exe

%CommonAppData%\59116628\59116628.exe

%CommonAppData%\60573930\60573930.exe

%CommonAppData%\63450826\63450826.exe

%CommonAppData%\69163934\69163934.exe

%CommonAppData%\69267030\69267030.exe

%CommonAppData%\69861636\69861636.exe

%CommonAppData%\79561129\79561129.exe

%CommonAppData%\82219628\82219628.exe

%CommonAppData%\91006218\91006218.exe

%CommonAppData%\microsoft\network\dlls\iemodule.dll

%CommonAppData%\svhost.exe

%ProgramFiles%\advancedvirusremover\pavrm.exe

%ProgramFiles%\cmvideoplugin\setup.exe

%ProgramFiles%\internet explorer\setupapi.dll

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\spyware guard 2008\spywareguard.exe

%ProgramFiles%\spyware guard 2008\uninstall.exe

%ProgramFiles%\system guard 2009\systemguard.exe

%ProgramFiles%\xppoliceantivirus\avcorefn.dll

%ProgramFiles%\xppoliceantivirus\core.dll

%ProgramFiles%\xppoliceantivirus\xppolice.exe

%System%\1055\update.exe

%System%\avcorefn.dll

%System%\core.dll

%System%\dllcache\userinit.exe

%System%\emqsys.dll

%System%\frmwrk32.exe

%System%\iebho.dll

%System%\msxml71.dll

%System%\ntos.exe

%System%\sshnas.dll

%System%\twex.exe

%System%\twext.exe

%System%\winscenter.exe

%System%\xppolice.exe

%Temp%\5_odb.exe

%Temp%\avto.exe

%Temp%\avto1.exe

%Temp%\avto2.exe

%Temp%\avto3.exe

%Temp%\avto4.exe

%Temp%\b7y8yznz0.exe

%Temp%\csrssc.exe

%Temp%\fi4b0njkqhe.exe

%Temp%\file.exe

%Temp%\i65thbh.exe

%Temp%\install.exe

%Temp%\mousehook.dll

%Temp%\msxml71.dll

%Temp%\not_detect-200902\system.exe

%Temp%\ntdll64.dll

%Temp%\o090inf9et1.exe

%Temp%\q1.exe

%Temp%\q2.exe

%Temp%\q3.exe

%Temp%\q4.exe

%Temp%\q5.exe

%Temp%\q6.exe

%Temp%\q7.exe

%Temp%\q8.exe

%Temp%\q9.exe

%Temp%\sa7egmn9pt.exe

%Temp%\sent2pct\not_detect-200902\system.exe

%Temp%\setupdatdownload.com\avcorefn.dll

%Temp%\setupdatdownload.com\core.dll

%Temp%\setupdatdownload.com\xppolice.exe

%Temp%\sshnas.dll

%Temp%\systemsecurity.exe

%Temp%\teste1_p.exe

%Temp%\teste2_p.exe

%Temp%\teste3_p.exe

%Temp%\teste4_p.exe

%Temp%\winlognn.exe

%UserProfile%\nah_nlai.exe

%UserProfile%\ydgcwcu.exe

%Windir%\iehost.dll

%Windir%\ieocx.dll

%Windir%\odb.exe

%Windir%\runsql.exe

%Windir%\sv.exe

%Windir%\svc.exe

%Windir%\svhoster.exe

%Windir%\svw.exe

%Windir%\svx.exe

%Windir%\svzip.exe

%Windir%\sysguard.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.