ThreatExpert's Statistics for Packed.Win32.TDSS.aa [Kaspersky Lab]:

Packed.Win32.TDSS.aa [Kaspersky Lab] is also known as:

Threat Alias	Number of Incidents
Mal/FakeAV-BP [Sophos]	201
Packed.Win32.Tdss [Ikarus]	173
FakeAlert-FQ [McAfee]	165
Packed.Generic.277 [Symantec]	137
HeurEngine.MaliciousPacker [PC Tools]	130
Trojan.Vundo [Symantec]	129
FakeAlert-JU [McAfee]	126
Mal/Generic-A [Sophos]	126
Trojan:Win32/FakeCog [Microsoft]	88
Mal/EncPk-ND [Sophos]	69
Worm:Win32/Vundo.B [Microsoft]	68
Win-Trojan/Xema.variant [AhnLab]	61
Mal/TDSSPack-Q [Sophos]	60
Trojan.Vundo [PC Tools]	60
Trojan.Win32.FakeSpyguard [Ikarus]	58
CoreGuardAntivirus2009 [Symantec]	56
TROJ_FAKEAV.SMSS [Trend Micro]	49
Win-Trojan/Fakeav.16896.C [AhnLab]	49
Mal/TDSSPack-A [Sophos]	42
Trojan:Win32/Alureon.DA [Microsoft]	42
Mal/FakeAV-CB, Mal/TDSSPack-Q [Sophos]	40
Trojan:Win32/FakeSpyguard [Microsoft]	39
Trojan:Win32/Alureon.CT [Microsoft]	37
DNSChanger.p [McAfee]	34
RogueAntiSpyware.CoreGuardAntivirus2009 [PC Tools]	29
Suspicious.Vundo.2 [Symantec]	29
HeurEngine.Vundo [PC Tools]	28
WindowsAntivirusPro [Symantec]	27
RogueAntiSpyware.WindowsAntivirusPro [PC Tools]	26
RogueAntiSpyware.Coreguard Antivirus 2009 [PC Tools]	24
Trojan.FakeAV [Symantec]	23
Packed.Generic.254 [Symantec]	21
DNSChanger.at [McAfee]	18
Downloader [Symantec]	16
Mal/TDSSPack-Q, Mal/TDSSPack-A [Sophos]	16
Troj/Rootkit-HR [Sophos]	16
Win-Trojan/XPack.23040.B [AhnLab]	16
Downloader.Generic [PC Tools]	12
Trojan.FakeAV [PC Tools]	11
Trojan.Generic [PC Tools]	11
Trojan:Win32/InternetAntivirus [Microsoft]	11
Trojan Horse [Symantec]	10
Trojan.Win32.FakeAV [Ikarus]	10
FakeAlert-KT [McAfee]	9
Suspicious.MH690 [Symantec]	9
DNSChanger.aw [McAfee]	8
Gen.Trojan [Ikarus]	8
Packed.Win32.Koblu.c [Kaspersky Lab]	7
Trojan-Downloader.Win32.Clopack.in [Kaspersky Lab]	7
TrojanSpy:Win32/Chadem.A [Microsoft]	7
AntiVirus2009 [Symantec]	6
Mal/EncPk-ND, Troj/Virtum-Gen [Sophos]	6
Packed.Win32.Krap.ah [Kaspersky Lab]	6
FakeAlert-KU [McAfee]	5
Trojan.FakeAlert [PC Tools]	5
WiniGuard [Symantec]	5
Downloader.MisleadApp [Symantec]	4
FakeAlert-IC [McAfee]	4
Generic FakeAlert!co [McAfee]	4
Generic.dx!loi [McAfee]	4
Mal/EncPk-ND, Mal/TDSSPack-Q [Sophos]	4
Mal/FakeAV-BP, Mal/TDSSPack-A [Sophos]	4
Mal/FakeAV-BP, Mal/TDSSPack-Q [Sophos]	4
Suspicious.Graybird.1 [Symantec]	4
Troj/Agent-MAG [Sophos]	4
Trojan.Adclicker [Symantec]	4
Trojan.Dropper [Symantec]	4
Trojan.Win32.Agent2.cmhs [Kaspersky Lab]	4
Trojan:Win32/Alureon [Microsoft]	4
Trojan:Win32/Alureon.BT [Microsoft]	4
Vundo!dl [McAfee]	4
Win-Trojan/FakeAlert.559104 [AhnLab]	4
Downloader.MisleadApp [PC Tools]	3
FakeAlert-EJB [McAfee]	3
Mal/Generic-A, Mal/TDSSPack-Q [Sophos]	3
Mal/Krap-D, Mal/FakeAV-BP [Sophos]	3
Trojan.Dropper [PC Tools]	3
Trojan.Win32.Alureon [Ikarus]	3
Trojan.Win32.Cosmu.dqz [Kaspersky Lab]	3
Trojan:Win32/Alureon.BF [Microsoft]	3
Trojan-Clicker.Win32.Hatigh [Ikarus]	3
Virus.Packed.Win32.Tdss [Ikarus]	3
Backdoor.Tidserv [PC Tools]	2
Backdoor.Tidserv [Symantec]	2
DNSChanger.r [McAfee]	2
Generic FakeAlert!dj [McAfee]	2
Mal/EncPk-ND, Mal/FakeAV-BP, Mal/TDSSPack-Q [Sophos]	2
Mal/FakeAV-BP, Mal/EncPk-MQ, Mal/TDSSPack-Q [Sophos]	2
Mal/FakeAV-CB [Sophos]	2
Mal/Krap-D, Mal/FakeAV-BP, Troj/Virtum-Gen [Sophos]	2
Packed.Win32.Krap [Ikarus]	2
RogueAntiSpyware.AntiVirus2009 [PC Tools]	2
Troj/Virtum-Gen [Sophos]	2
Trojan.Win32.Cosmu [Ikarus]	2
Trojan.Win32.FakeSmoke [Ikarus]	2
Trojan.Win32.FakeSpypro [Ikarus]	2
Trojan.Win32.InternetAntivirus [Ikarus]	2
Trojan:Win32/Alureon.DC [Microsoft]	2
Trojan:Win32/Alureon.DH [Microsoft]	2
Vundo!eu [McAfee]	2

Packed.Win32.TDSS.aa [Kaspersky Lab] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	98
	China	3

Packed.Win32.TDSS.aa [Kaspersky Lab] is known to be created as:

%AllUsersProfile%\microsoft adata\sysnet.dll

%AllUsersProfile%\microsoft private data\microsoft\lan.dll

%ProgramFiles%\active security\asecurity.exe

%ProgramFiles%\active security\coreext.dll

%ProgramFiles%\active security\uninstall.exe

%ProgramFiles%\antimalware\amext.dll

%ProgramFiles%\antimalware\antimalware.exe

%ProgramFiles%\antimalware\uninstall.exe

%ProgramFiles%\malware defense\mdefense.exe

%ProgramFiles%\malware defense\mdext.dll

%ProgramFiles%\malware defense\uninstall.exe

%ProgramFiles%\personal guard 2009\personalguard.exe

%ProgramFiles%\personal guard 2009\uninstall.exe

%ProgramFiles%\personal guard 2009\uninstalls.exe

%ProgramFiles%\personal protector\personalprotector.exe

%ProgramFiles%\personal protector\un.exe

%ProgramFiles%\safefighter software\safefighter\safefighter.exe

%ProgramFiles%\smart protector\smrtprt.exe

%ProgramFiles%\smart protector\uninstalls.exe

%ProgramFiles%\trustcop software\trustcop\trustcop.exe

%System%\2c4d4c5.exe

%System%\aabc092.exe

%System%\babijuga.dll

%System%\berateno.dll

%System%\bizoyuza.dll

%System%\blp4.tmp.exe

%System%\bohotute.dll

%System%\busivapo.dll

%System%\defisebe.dll

%System%\difahime.dll

%System%\dimojumi.dll

%System%\domeroha.dll

%System%\dunuwopo.dll

%System%\f5828cd.exe

%System%\femigegi.dll

%System%\galaduja.dll

%System%\h8srtbmlkeexmtd.dll

%System%\h8srtbmopuyiokp.dll

%System%\h8srtdkeqmqbdwb.dll

%System%\h8srtdvbqqvxriq.dll

%System%\h8srterxetijlcv.dll

%System%\h8srtevsoxbqbwq.dll

%System%\h8srtgvnkonvuyl.dll

%System%\h8srtibftkbmkka.dll

%System%\h8srtiqxbfpfuln.dll

%System%\h8srtmitpuxvubd.dll

%System%\h8srtmnmdbwwowx.dll

%System%\h8srtmubpiepies.dll

%System%\h8srtnmbpfvwdmd.dll

%System%\h8srtpqufasftde.dll

%System%\h8srtpuyuwpibne.dll

%System%\h8srtqorlwoyqxo.dll

%System%\h8srtuyuenpisxd.dll

%System%\h8srtvkutimueor.dll

%System%\h8srtxbftappkpd.dll

%System%\h8srtxdcriwqqoi.dll

%System%\h8srtxewfvpyxet.dll

%System%\h8srtxvitlwxbdi.dll

%System%\h8srtylbjlximne.dll

%System%\h8srtyyvkixnlwx.dll

%System%\hagatogo.dll

%System%\hemafovi.dll

%System%\hivotugu.dll

%System%\hubozupi.dll

%System%\kobitaka.dll

%System%\kohirovu.dll

%System%\ladakaku.dll

%System%\laponino.dll

%System%\lepetiwa.dll

%System%\lic4.tmp.exe

%System%\lunilidu.dll

%System%\moyajamu.dll

%System%\mujipeyo.dll

%System%\nanemefu.dll

%System%\nasikunu.dll

%System%\qyi4.tmp.exe

%System%\rahohipa.dll

%System%\rapavogo.dll

%System%\sajudiwa.dll

%System%\tidahahi.dll

%System%\vusuputu.dll

%System%\vutikonu.dll

%System%\wepekigi.dll

%System%\winsc.exe

%System%\winscent.exe

%System%\wusorevo.dll

%System%\yibuvido.dll

%System%\zavuzogo.dll

%System%\zozelemu.dll

%System%\zuyahoba.dll

%System%\zuzisoge.dll

%Temp%\0_11adwara.exe

%Temp%\2c4d4c5.exe

%Temp%\4fe7eab.exe

%Temp%\7d2e20a.exe

%Temp%\aabc092.exe

%Temp%\agj2.tmp.exe

%Temp%\b61a49d.exe

%Temp%\blp4.tmp.exe

%Temp%\cliconfg64.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).