ThreatExpert's Statistics for Packed.Win32.Tdss [Ikarus]:

Packed.Win32.Tdss [Ikarus] is also known as:

Threat Alias	Number of Incidents
Packed.Win32.TDSS.z [Kaspersky Lab]	245
Packed.Win32.TDSS.aa [Kaspersky Lab]	173
Mal/Generic-A [Sophos]	129
FakeAlert-FQ [McAfee]	86
Packed.Generic.277 [Symantec]	66
HeurEngine.MaliciousPacker [PC Tools]	59
Mal/EncPk-ND [Sophos]	57
DNSChanger.t [McAfee]	54
Trojan:Win32/Alureon.CT [Microsoft]	52
Win-Trojan/Fakeav.16896.C [AhnLab]	49
Suspicious.Vundo.2 [Symantec]	47
Packed.Win32.Tdss.w [Kaspersky Lab]	43
Win-Trojan/Xema.variant [AhnLab]	42
Trojan Horse [Symantec]	38
Trojan:Win32/Alureon.BK [Microsoft]	38
Win-Trojan/Alureon.Gen [AhnLab]	38
Trojan:Win32/Alureon.gen!U [Microsoft]	36
Mal/TDSSPk-C [Sophos]	33
Trojan:Win32/Alureon.BH [Microsoft]	24
Trojan:Win32/Alureon.DA [Microsoft]	23
Packed.Win32.TDSS.y [Kaspersky Lab]	22
HeurEngine.Vundo [PC Tools]	18
Mal/EncPk-KF [Sophos]	18
Trojan:Win32/Alureon.gen!J [Microsoft]	18
DNSChanger.ba [McAfee]	17
Mal/FakeAV-BP [Sophos]	16
Troj/Rootkit-HR [Sophos]	16
Win-Trojan/XPack.23040.B [AhnLab]	16
Downloader [Symantec]	13
Downloader.Generic [PC Tools]	12
Backdoor.Tidserv [PC Tools]	11
Backdoor.Tidserv [Symantec]	11
Packed.Generic.200 [Symantec]	11
Trojan:Win32/FakeCog [Microsoft]	11
Trojan-Spy.Win32.Zbot.aa [Kaspersky Lab]	11
Packed.Win32.Tdss.c [Kaspersky Lab]	10
Trojan.FakeAV [Symantec]	10
CoreGuardAntivirus2009 [Symantec]	9
RogueAntiSpyware.CoreGuardAntivirus2009 [PC Tools]	9
Trojan:Win32/Alureon.BU [Microsoft]	9
Backdoor.Tidserv!gen [Symantec]	8
Mal/TDSSPack-Q [Sophos]	7
Trojan:Win32/InternetAntivirus [Microsoft]	7
Trojan.Generic [PC Tools]	6
W32/AutoVrt-Gen, Mal/CryptBox-A [Sophos]	6
DNSChanger.at [McAfee]	5
FakeAlert-IC [McAfee]	5
Mal/TDSSPack-W, Mal/TDSSPk-C [Sophos]	5
Packed.Win32.Tdss.a [Kaspersky Lab]	5
Trojan-Downloader.Win32.Small.amcd [Kaspersky Lab]	5
VirTool:Win32/CeeInject.gen!J [Microsoft]	5
Virus.Win32.Virut.ce [Kaspersky Lab]	5
DNSChanger.as [McAfee]	4
DNSChanger.aw [McAfee]	4
DNSChanger.f.gen.a [McAfee]	4
Mal/EncPk-KG [Sophos]	4
Mal/TDSS-A, Mal/EncPk-CZ [Sophos]	4
Mal/TDSSPk-C, Mal/TDSSPack-W, Troj/Virtum-Gen [Sophos]	4
Packed.Generic.228 [Symantec]	4
Packed.Win32.Tdss.e [Kaspersky Lab]	4
Packed.Win32.TDSS.w [Kaspersky Lab]	4
Trojan.Win32.Agent2.lbl [Kaspersky Lab]	4
Vundo!m [McAfee]	4
W32/Xirtem@MM [McAfee]	4
Win-Trojan/Alureondrv.Gen [AhnLab]	4
Win-Trojan/Tdlrootkit.75776 [AhnLab]	4
Downloader.MisleadApp [Symantec]	3
Mal/EncPk-KF, Mal/TDSSPack-P [Sophos]	3
Trojan:Win32/Alureon.BT [Microsoft]	3
Trojan:Win32/Meredrop [Microsoft]	3
TrojanDownloader:Win32/Rugzip.A [Microsoft]	3
Backdoor.Tidserv!gen2 [Symantec]	2
DNSChanger.p [McAfee]	2
DNSChanger.r [McAfee]	2
FakeAlert-EJB [McAfee]	2
FakeAlert-JU [McAfee]	2
Generic FakeAlert.a [McAfee]	2
Generic FakeAlert.k [McAfee]	2
Mal/EncPk-KG, Mal/TDSSPack-Q [Sophos]	2
Mal/FakeAV-BP, Mal/TDSSPack-Q [Sophos]	2
Mal/Generic-A, Mal/TDSSPack-Q [Sophos]	2
Mal/Krap-D, Mal/FakeAV-BP, Troj/Virtum-Gen [Sophos]	2
Mal/TDSSPack-E, Mal/Alureon-C, Mal/FakeVirPk-A [Sophos]	2
Mal/TDSSPack-U [Sophos]	2
Mal/TDSSPk-C, Mal/TDSSPack-W [Sophos]	2
Packed.Win32.Tdss.f [Kaspersky Lab]	2
RogueAntiSpyware.WindowsAntivirusPro [PC Tools]	2
Trojan.FakeAV [PC Tools]	2
Trojan.Fakeavalert [Symantec]	2
Trojan.Vundo [Symantec]	2
Trojan:Win32/Alureon.BF [Microsoft]	2
Trojan:Win32/Alureon.DH [Microsoft]	2
WindowsAntivirusPro [Symantec]	2
Win-Trojan/Malware.1196032.B [AhnLab]	2
Worm.Win32.AdwareAgent.a [Kaspersky Lab]	2
Worm.Win32.AutoRun.gqx [Kaspersky Lab]	2
DNSChanger!by [McAfee]	1
DNSChanger.gen [McAfee]	1
Dropper/Malware.16896.F [AhnLab]	1
FakeAlert-AB.dldr.gen.a [McAfee]	1

Packed.Win32.Tdss [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	30
	China	1
	Ukraine	1

Packed.Win32.Tdss [Ikarus] is known to be created as:

%ProgramFiles%\malware defense\mdext.dll

%System%\codec.exe

%System%\h8srtbmlkeexmtd.dll

%System%\h8srtbmopuyiokp.dll

%System%\h8srtdkeqmqbdwb.dll

%System%\h8srtdvbqqvxriq.dll

%System%\h8srterxetijlcv.dll

%System%\h8srtgvnkonvuyl.dll

%System%\h8srtibftkbmkka.dll

%System%\h8srtmitpuxvubd.dll

%System%\h8srtmnmdbwwowx.dll

%System%\h8srtmubpiepies.dll

%System%\h8srtnmbpfvwdmd.dll

%System%\h8srtpuyuwpibne.dll

%System%\h8srtqorlwoyqxo.dll

%System%\h8srtuyuenpisxd.dll

%System%\h8srtvkutimueor.dll

%System%\h8srtxbftappkpd.dll

%System%\h8srtxdcriwqqoi.dll

%System%\h8srtxewfvpyxet.dll

%System%\h8srtylbjlximne.dll

%System%\h8srtyyvkixnlwx.dll

%System%\javame1.1.exe

%System%\javame2.exe

%System%\javame4.exe

%System%\jmx.exe

%System%\moyajamu.dll

%System%\wusorevo.dll

%System%\zavuzogo.dll

%Temp%\cliconfg64.exe

%Temp%\extrac64_cab.exe

%Temp%\gasfkypahuthem.dll

%Temp%\gasfkyybxvboyr.dll

%Temp%\genavir.exe

%Temp%\h8srtacisapppsy.dll

%Temp%\h8srtkdvwtmjyah.dll

%Temp%\mediacodec.exe

%Temp%\tdlcmd.dll

%Temp%\winhbt.exe

%Temp%\winnrk64.dll

%Temp%\wow64main.exe

%Temp%\wscsvc32.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).