ThreatExpert's Statistics for Trojan-Downloader.MisleadApp!sd6 [PC Tools]:

Trojan-Downloader.MisleadApp!sd6 [PC Tools] is also known as:

Threat Alias	Number of Incidents
TROJ_ZLOB.CEA [Trend Micro]	1,588
Downloader.MisleadApp [Symantec]	1,188
Trojan.Win32.BHO.eks [Kaspersky Lab]	360
Mal/Heuri-E, Mal/Emogen-N [Sophos]	145
not-a-virus:FraudTool.Win32.XPSecurityCenter.bk [Kaspersky Lab]	144
New Malware.aj [McAfee]	118
Mal/Generic-A [Sophos]	111
Generic Downloader.x [McAfee]	87
Generic PUP.x [McAfee]	78
TROJ_FAKEALER.VL [Trend Micro]	78
not-a-virus:FraudTool.Win32.UltimateAntivirus.cc [Kaspersky Lab]	77
FakeAlert-R.dll [McAfee]	76
Trojan-Dropper.Win32.BHO.p [Kaspersky Lab]	76
Generic.dx [McAfee]	70
Mal/FakeAV-F [Sophos]	70
Program:Win32/Antivirus2008 [Microsoft]	70
not-a-virus:FraudTool.Win32.WinSpywareProtect.dw [Kaspersky Lab]	66
Generic PUP.z [McAfee]	57
Trojan.Dropper [Symantec]	56
not-a-virus:AdWare.Win32.BHO.efr [Kaspersky Lab]	54
not-a-virus:AdWare.Win32.CashDeluxe [Ikarus]	54
Backdoor.Win32.VB [Ikarus]	43
Trojan-Downloader.Win32.Small [Ikarus]	38
Trojan:Win32/FakeSpypro [Microsoft]	37
Troj/FakeVir-JX [Sophos]	36
Trojan.Win32.BHO.hcd [Kaspersky Lab]	36
Trojan.Win32.FakeSpypro [Ikarus]	36
Trojan-Clicker.Win32.Small.xj [Kaspersky Lab]	36
Trojan-Downloader.Win32.Renos.DU [Ikarus]	36
TrojanDownloader:Win32/Renos.DU [Microsoft]	36
Adware-BHO.gen.f [McAfee]	30
Troj/Agent-HDV [Sophos]	30
TROJ_ZLOB.EXT [Trend Micro]	30
Trojan.Fakeavalert [Symantec]	30
Win-Trojan/Clicker.45056.D [AhnLab]	30
not-a-virus:AdWare.Win32.BHO.ejh [Kaspersky Lab]	25
Trojan.Win32.BHO.d [Ikarus]	25
Trojan-Downloader.Win32.FraudLoad.vdxo [Kaspersky Lab]	25
Trojan:Win32/FakeSecSen [Microsoft]	19
Generic.Win32.Malware.Antivirus2008 [Ikarus]	14
Generic FakeAlert.a [McAfee]	12
TROJ_RENOS.XX [Trend Micro]	12
AntiVirus2008 [Symantec]	11
Packed.Win32.Black.a [Kaspersky Lab]	11
FakeAlert-AntiVirusPro [McAfee]	10
not-a-virus:FraudTool.Win32.MSAntivirus.v [Kaspersky Lab]	10
Tibs-Packed [McAfee]	10
Trojan:Win32/Tibs.IH [Microsoft]	10
Adware-ISM [McAfee]	9
Mal/EncPk-EQ [Sophos]	9
not-a-virus:AdWare.Win32.AdBand.ac [Kaspersky Lab]	9
Trojan Horse [Symantec]	9
Mal/FakeAV-E [Sophos]	8
Trojan:Win32/Tibs.J [Microsoft]	8
Generic Dropper.bu [McAfee]	7
TrojanDownloader:Win32/Renos [Microsoft]	7
Win-Trojan/Xema.variant [AhnLab]	7
Email-Worm.Win32.Zhelatin.xz [Kaspersky Lab]	6
Mal/Bifrose-S [Sophos]	6
Mal/PWS-Fam [Sophos]	6
Mal/TibsPak [Sophos]	6
Trojan.Win32.Agent [Ikarus]	6
Trojan-Downloader.Win32.FraudLoad [Ikarus]	6
Trojan-Downloader.Win32.Tibs.yz [Ikarus]	6
BehavesLikeWin32.ExplorerHijack [Ikarus]	5
Mal/FakeVirPk-A [Sophos]	5
Troj/BHO-HD [Sophos]	5
Trojan.Win32.Tibs [Ikarus]	5
Trojan.Zlob [Ikarus]	5
Trojan:Win32/Adept.B [Microsoft]	5
Trojan:Win32/Meredrop [Microsoft]	5
Trojan-Clicker.Win32.Klik [Ikarus]	5
Virus.Win32.FakeAlert.S [Ikarus]	5
Backdoor.Win32.Frauder.oe [Kaspersky Lab]	4
FakeAlert-XPSecCenter [McAfee]	4
Generic FakeAlert [McAfee]	4
HackTool.Win32.Patcher.A [Ikarus]	4
Mal/Behav-285 [Sophos]	4
Mal/EncPk-GF [Sophos]	4
New Malware.jn [McAfee]	4
Trojan.Win32.Agent.bryp [Kaspersky Lab]	4
Trojan-Dropper.Agent [Ikarus]	4
Virus.Win32.Bifrose [Ikarus]	4
Adware:Win32/InternetSpeedMonitor [Microsoft]	3
FakeAlert-AB [McAfee]	3
FakeAlert-AG [McAfee]	3
FakeAlert-AQ [McAfee]	3
Mal/EncPk-BW [Sophos]	3
Mal/EncPk-CZ [Sophos]	3
not-a-virus:FraudTool.Win32.XPSecurityCenter.p [Kaspersky Lab]	3
Puper [McAfee]	3
TROJ_RENOS.ACQ [Trend Micro]	3
Trojan.Tibs.Gen!Pac.146 [PC Tools]	3
Trojan:Win32/Tibs.IT [Microsoft]	3
WORM_ZHELATIN.NR [Trend Micro]	3
Downloader-ASH.gen.b [McAfee]	2
Downloader-BON [McAfee]	2
FakeAlert-AB.dldr [McAfee]	2
Generic Dropper [McAfee]	2
Hoax.Win32.Agent.gp [Kaspersky Lab]	2

Trojan-Downloader.MisleadApp!sd6 [PC Tools] has the following possible countries of origin:

Origin		Number of Incidents
	Australia	30
	Russian Federation	27
	Ukraine	5
	Sweden	2
	Switzerland	2
	China	1

Trojan-Downloader.MisleadApp!sd6 [PC Tools] is known to be created as:

%CommonAppData%\fgtcpefi\tkvqdqzg.exe

%CommonAppData%\inmjsben\kjyxwvqj.exe

%ProgramFiles%\antispywarexp2009\uninstall.exe

%ProgramFiles%\applications\wcs.exe

%ProgramFiles%\microsoft common\wuauclt.exe

%ProgramFiles%\pchealthcenter\5.exe

%ProgramFiles%\qdrmodule\qdrmodule16.exe

%ProgramFiles%\sav\sav.exe

%ProgramFiles%\vav\vav.exe

%ProgramFiles%\xp_antispyware\uninstall.exe

%System%\allmax.dll

%System%\brastk.exe

%System%\cedifnsa.dll

%System%\cedifnso.dll

%System%\codef.dll

%System%\coni.dll

%System%\copol.dll

%System%\cosyspda.dll

%System%\cssrss.exe

%System%\dadef.dll

%System%\dani.dll

%System%\dapol.dll

%System%\dllcache\userinit.exe

%System%\domsys.dll

%System%\domview.dll

%System%\domwin.dll

%System%\duzakwq.dll

%System%\frmwrk32.exe

%System%\getsn32.dll

%System%\getwn32.dll

%System%\idef.dll

%System%\iehelper.dll

%System%\ini.dll

%System%\ipol.dll

%System%\lphc35dj0erc1.exe

%System%\mipinu.dll

%System%\mopona.dll

%System%\msvbcr40.dll

%System%\msxml71.dll

%System%\oggsys.dll

%System%\oggview.dll

%System%\oggwin.dll

%System%\secolnsa.dll

%System%\sxmg4.dll

%System%\wertyu.dll

%System%\wind32.exe

%System%\winds32.exe

%System%\wingamma.exe

%System%\wini10581.exe

%System%\xecolpda.dll

%System%\xedifgdo.dll

%System%\xedifgdy.dll

%System%\xedifnsa.dll

%System%\xedifnsy.dll

%System%\xmlsys.dll

%System%\xmlview.dll

%System%\xmlwin.dll

%System%\xosysnsa.dll

%Temp%\antivirus-xp-2008.exe

%Temp%\av1two.exe

%Temp%\install.exe

%Temp%\istst.exe

%Temp%\qdrmodule\qdrmodule16.exe

%Temp%\scan.exe

%Temp%\windows\ctfmona.exe

%Temp%\winivstr.exe

%Temp%\xpantivirus2008_v77011807.exe

%Temp%\xpantivirus2008_v880011.exe

%Windir%\svc.exe

%Windir%\svcho.exe

Notes:

%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.