ThreatExpert's Statistics for Trojan-Downloader.Win32.Renos [Ikarus]:

Trojan-Downloader.Win32.Renos [Ikarus] is also known as:

Threat Alias	Number of Incidents
Downloader [Symantec]	130
TrojanDownloader:Win32/Renos.DU [Microsoft]	109
Trojan.Fakeavalert.B [Symantec]	108
Trojan.Fakeavalert [Symantec]	96
Packed.Generic.233 [Symantec]	93
Mal/EncPk-IF [Sophos]	91
Mal/Generic-A [Sophos]	82
Trojan Horse [Symantec]	79
Generic Downloader.x [McAfee]	76
Mal/WaledPak-D [Sophos]	73
Backdoor.Win32.Frauder.bxo [Kaspersky Lab]	64
TrojanDownloader:Win32/FakeRean [Microsoft]	64
Generic Dropper.ke [McAfee]	51
Trojan-Downloader.Win32.Small.kdb [Kaspersky Lab]	50
Generic Downloader.x!wj [McAfee]	49
Generic Dropper.cx [McAfee]	43
Mal/Behav-114 [Sophos]	43
Mal/KoobHeur-A [Sophos]	36
Net-Worm.Win32.Koobface.asz [Kaspersky Lab]	36
Trojan-Downloader.Win32.Agent.aoyr [Kaspersky Lab]	32
W32.Koobface.A [Symantec]	30
Troj/FakeAle-JM [Sophos]	28
Troj/Dloadr-CHA [Sophos]	25
Trojan.Zlob [Symantec]	25
Troj/Renos-BX [Sophos]	24
Generic Dropper.bw [McAfee]	22
Generic PUP.x [McAfee]	22
Hoax.Win32.Renos.fgb [Kaspersky Lab]	22
Trojan.Dropper [Symantec]	22
Trojan.FakeAlert [PC Tools]	22
Trojan-Downloader.Small.CQB [PC Tools]	22
not-a-virus:NetTool.Win32.Agent.az [Kaspersky Lab]	21
TrojanDownloader:Win32/Renos [Microsoft]	21
Troj/BHO-HY [Sophos]	20
Trojan-GameThief.Win32.Agent.apac [Kaspersky Lab]	19
Trojan-Downloader.Win32.Agent.apxv [Kaspersky Lab]	17
Troj/Agent-IHK [Sophos]	16
Trojan-Downloader.Win32.CodecPack.aai [Kaspersky Lab]	16
Packed.Generic.187 [Symantec]	15
Puper [McAfee]	14
TrojanDownloader:Win32/Renos.FJ [Microsoft]	14
Win-Trojan/Xema.variant [AhnLab]	14
Downloader.MisleadApp [Symantec]	13
Hoax.Win32.Renos.vawl [Kaspersky Lab]	13
Mal/Padodor-B [Sophos]	13
Troj/Agent-HYT [Sophos]	13
Trojan-Downloader.Agent!sd6 [PC Tools]	13
not-a-virus:FraudTool.Win32.TotalSecure2009.ak [Kaspersky Lab]	12
Win32/Koobface.worm.15360.FW [AhnLab]	12
Troj/FakeAle-LP [Sophos]	11
Troj/Dloadr-BYX [Sophos]	10
Trojan.Win32.FraudPack.gtv [Kaspersky Lab]	10
FakeAlert-CPA [McAfee]	9
Trojan.Win32.BHO.mqd [Kaspersky Lab]	9
TrojanDownloader:Win32/Renos.gen!BC [Microsoft]	9
Dropper.Agent.yic [PC Tools]	8
Mal/Cognac-A [Sophos]	8
Troj/FakeAV-HC [Sophos]	8
Trojan.Fakeavalert!sd6 [PC Tools]	8
Trojan-Downloader.Win32.Agent.arsx [Kaspersky Lab]	8
Win-Trojan/Agent.69632.JS [AhnLab]	8
Backdoor.Win32.Frauder.bxr [Kaspersky Lab]	7
FakeAlert-EQ [McAfee]	7
Generic FakeAlert.d!gen [McAfee]	7
Mal/EncPk-HW [Sophos]	7
Trojan.Win32.Agent.alts [Kaspersky Lab]	7
Trojan-Downloader.Win32.Agent.bbli [Kaspersky Lab]	7
Generic.dx!bew [McAfee]	6
Hoax.Win32.Renos.feq [Kaspersky Lab]	6
Mal/Behav-314, Mal/Fakecor-B, Mal/EncPk-IF [Sophos]	6
Mal/FakeAV-AC [Sophos]	6
Mal/FakeVirPk-A, Mal/TibsPk-A [Sophos]	6
Mal/Renos-D [Sophos]	6
not-a-virus:FraudTool.Win32.GeneralAntivirus.d [Kaspersky Lab]	6
Trojan-Downloader.Win32.Agent.asiu [Kaspersky Lab]	6
Trojan-Downloader.Win32.FraudLoad.duj [Kaspersky Lab]	6
TrojanDownloader:Win32/Renos.BAH [Microsoft]	6
TrojanDownloader:Win32/Renos.BAO [Microsoft]	6
Win-Trojan/Fakealert.96772 [AhnLab]	6
AdWare.BHO.aes [Ikarus]	5
FakeAlert-av360.dll [McAfee]	5
HeurEngine.MaliciousPacker [PC Tools]	5
Mal/Behav-314, Mal/Fakecor-B, Mal/EncPk-IV [Sophos]	5
Mal/EncPk-CZ [Sophos]	5
Mal/EncPk-HB [Sophos]	5
Mal/EncPk-JD [Sophos]	5
Mal/EncPk-KP [Sophos]	5
Mal/Fakecor-B, Mal/FakeAV-BT [Sophos]	5
TROJ_RENOS.AUH [Trend Micro]	5
Trojan.Win32.FraudPack.pre [Kaspersky Lab]	5
Trojan-Downloader.Win32.Agent.anro [Kaspersky Lab]	5
Trojan-Downloader.Win32.Agent.apqj [Kaspersky Lab]	5
TrojanDownloader:Win32/Renos.DY [Microsoft]	5
TrojanDownloader:Win32/Renos.EI [Microsoft]	5
TrojanDownloader:Win32/Renos.GN [Microsoft]	5
Trojan-Dropper.Win32.Agent.zew [Kaspersky Lab]	5
W32.Spybot.Worm [Symantec]	5
Win-Trojan/Zpack.151040.B [AhnLab]	5
FakeAlert-CK [McAfee]	4
FakeAlert-EL [McAfee]	4

Trojan-Downloader.Win32.Renos [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	52
	Ukraine	9
	Poland	1

Trojan-Downloader.Win32.Renos [Ikarus] is known to be created as:

%AppData%\nvenf.exe

%AppData%\seres.exe

%AppData%\svcst.exe

%ProgramFiles%\adobe\flash\flash32.dll

%ProgramFiles%\general antivirus\genavir.exe

%System%\bagntgw.dll

%System%\braviax.exe

%System%\dse235rgd0.dll

%System%\fejokt.dll

%System%\frmwrk32.exe

%System%\jumast.dll

%System%\lphc35dj0erc1.exe

%System%\msxml71.dll

%System%\psguax.dll

%System%\winupdate.exe

%Temp%\090322-b-14.exe

%Temp%\a.exe

%Temp%\b.exe

%Temp%\braviax.exe

%Temp%\d.exe

%Temp%\e.exe

%Temp%\g.exe

%Temp%\h.exe

%Temp%\installer_1.exe

%Temp%\leu3govuqvl4o.exe

%Temp%\lfwo7jtqsctoo.exe

%Temp%\msxml71.dll

%Temp%\systeminit.exe

%Temp%\teste1_p.exe

%Temp%\teste2_p.exe

%Temp%\teste3_p.exe

%Temp%\teste4_p.exe

%Temp%\wndutl32.dll

%Windir%\amoumain.exe

%Windir%\braviax.exe

%Windir%\ctfmon.exe

%Windir%\ld12.exe

%Windir%\loadernew.exe

%Windir%\lsass.exe

%Windir%\servicelayer.exe

%Windir%\sv.exe

%Windir%\svhoster.exe

%Windir%\sysguard.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.