Threat Search: 

ThreatExpert's Statistics for TrojanDownloader:Win32/Renos.gen!AQ [Microsoft]:

TrojanDownloader:Win32/Renos.gen!AQ [Microsoft] is also known as:
Threat AliasNumber of Incidents
Mal/EncPk-CZ [Sophos]9,935
FakeAlert-AG.gen.a [McAfee]6,793
Application.BluSOD [PC Tools]6,384
Joke.Blusod [Symantec]6,162
Trojan.Fakealert.AFW [Ikarus]4,104
Trojan.Win32.FraudPack.ijv [Kaspersky Lab]2,052
Trojan.Blusod [Symantec]1,912
Packed.Generic.183 [Symantec]821
TROJ_FAKEALRT.CC [Trend Micro]819
Trojan.Blusod!sd6 [PC Tools]398
TROJ_FAKEAV.MQ [Trend Micro]255
Trojan-Downloader.Win32.Renos.AQ [Ikarus]236
Win-Trojan/Fakeav.118784.C [AhnLab]228
Trojan.Fakealert.AFB [Ikarus]170
Joke-Bluescreen.c [McAfee]153
Backdoor.Win32.TDSS.zj [Kaspersky Lab]143
Downloader.gen.a [McAfee]118
Generic Downloader.x [McAfee]106
Packed.Generic.188 [Symantec]93
Backdoor.TDSS!sd6 [PC Tools]91
Packed.Win32.Tdss.c [Kaspersky Lab]85
VirTool:Win32/Obfuscator.DQ [Microsoft]76
not-a-virus:FraudTool.Win32.Agent.au [Kaspersky Lab]54
Troj/FakeAle-EX [Sophos]54
Win-Trojan/Agent.35840.KQ [AhnLab]52
TROJ_ZLOB.HRZ [Trend Micro]48
Packed.Generic.184 [Symantec]43
Backdoor.Tidserv [Symantec]39
FakeAlert-SpywareGuard.gen.b [McAfee]39
Trojan:Win32/Alureon.gen!U [Microsoft]39
Win-Trojan/Fakeav.118784.B [AhnLab]34
Mal/EncPk-CZ, Mal/TDSSPack-Q [Sophos]26
Rootkit.Win32.TDSS.bph [Kaspersky Lab]26
Trojan.TDSServ [PC Tools]26
Trojan:Win32/Sudiet.B [Microsoft]26
Trojan.FakeAlert [PC Tools]17
Packed.Generic.180 [Symantec]15
Trojan Horse [Symantec]11
Mal/Generic-A [Sophos]10
Generic PUP.x [McAfee]8
Trojan.Win32.Monder.gen [Kaspersky Lab]8
Trojan-Downloader.Win32.Small.afhi [Kaspersky Lab]4
Mal/FakeAV-B, Mal/EncPk-CZ [Sophos]3
AntiVirus2008 [Symantec]2
Backdoor.Trojan [Symantec]2
Backdoor.Win32.TDSS.aru [Kaspersky Lab]2
FakeAlert-AB.dldr.gen.a [McAfee]2
Mal/FakeAV-B [Sophos]2
Packed.Generic.200 [Symantec]2
TROJ_FAKEAV.LC [Trend Micro]2
Trojan.Win32.Agent.abpr [Kaspersky Lab]2
Trojan.Win32.Agent.aeog [Kaspersky Lab]2
Trojan-Downloader.Win32.Small.aajd [Kaspersky Lab]2
Trojan-Downloader.Win32.Small.aaqw [Kaspersky Lab]2
AntiVirusXP2008 [Symantec]1
Downloader [Symantec]1
not-a-virus:Downloader.Win32.FraudLoad.dz [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.Agent.ai [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.AntivirusXP2008.aa [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.AntivirusXP2008.w [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.XPAntivirus.po [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.XPAntivirus.rl [Kaspersky Lab]1
not-a-virus:FraudTool.Win32.XPAntivirus.sh [Kaspersky Lab]1
Troj/FakeAV-AQ [Sophos]1
Troj/FakeAV-BS [Sophos]1
TROJ_DLOADE.YU [Trend Micro]1
TROJ_DLOADER.VJC [Trend Micro]1
TROJ_FAKEALER.FN [Trend Micro]1
TROJ_FAKEALRT.CO [Trend Micro]1
TROJ_FAKEAV.HM [Trend Micro]1
TROJ_FRAUDLOA.OO [Trend Micro]1
TROJ_FRAUDLOA.TT [Trend Micro]1
TROJ_MONDER.EO [Trend Micro]1
TROJ_SMALL.IPT [Trend Micro]1
Trojan.Fakealert.AIZ [Ikarus]1
Trojan.Fakeav.1 [Ikarus]1
Trojan.Fakeavalert [Symantec]1
Trojan.Win32.Agent.ablt [Kaspersky Lab]1
Trojan.Win32.Antivirusxp [Ikarus]1
Trojan.Win32.Pakes.kdl [Kaspersky Lab]1
Trojan-Downloader.Win32.Axload.m [Kaspersky Lab]1
Trojan-Downloader.Win32.FraudLoad.vauk [Kaspersky Lab]1
Trojan-Downloader.Win32.FraudLoad.vcib [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aahj [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aaii [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aajm [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aapu [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aarj [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aatc [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.acup [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.aeux [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.afar [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.afqw [Kaspersky Lab]1

TrojanDownloader:Win32/Renos.gen!AQ [Microsoft] has the following possible countries of origin:
OriginNumber of Incidents
Ukraine5
Russian Federation3

TrojanDownloader:Win32/Renos.gen!AQ [Microsoft] is known to be created as:
%ProgramFiles%\rhc75dj0erc1\rhc75dj0erc1.exe
%ProgramFiles%\rhc75dj0erc1\uninstall.exe
%ProgramFiles%\richvideocodec\dllscan.dll
%ProgramFiles%\richvideocodec\multiloader.dll
%System%\blphc35dj0erc1.scr
%System%\lphc35dj0erc1.exe
%System%\sysrest32.exe
%System%\tdssl.dll
%System%\tdssoeqh.dll
%Temp%\av 2008 xp aug 11 2008\system32\lphcv75j0elap.exe
%Temp%\e-card.exe
%Temp%\update-july-2008.exe
Notes:
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).