ThreatExpert's Statistics for TrojanDownloader:Win32/Renos [Microsoft]:

TrojanDownloader:Win32/Renos [Microsoft] is also known as:

Threat Alias	Number of Incidents
Troj/FakeAle-FK [Sophos]	46,513
Application.BluSOD [PC Tools]	42,267
FakeAlert-AG [McAfee]	26,829
Joke.Blusod [Symantec]	24,705
Trojan.Blusod [Symantec]	16,792
Generic PUP.d [McAfee]	11,773
Trojan.Fakealert.AAI [Ikarus]	7,141
Mal/EncPk-CZ [Sophos]	2,727
Packed.Generic.183 [Symantec]	965
Win-Trojan/Fakeav.118784 [AhnLab]	772
Mal/EncPk-EQ [Sophos]	357
Trojan.Virantix.C [Symantec]	259
Generic Dropper.bu [McAfee]	217
Trojan.Fakeavalert [Symantec]	147
Trojan-Clicker.Win32.Klik [Ikarus]	124
Adware.Agent.ZO [PC Tools]	118
Generic FakeAlert.d [McAfee]	96
Mal/Padodor-B [Sophos]	77
Downloader.MisleadApp [Symantec]	75
Generic Downloader.x [McAfee]	74
Trojan.Fakeavalert!sd6 [PC Tools]	64
Trojan Horse [Symantec]	42
Trojan.Fakealert [Ikarus]	41
Trojan.Virantix!sd6 [PC Tools]	41
Trojan.Win32.FakePowav [Ikarus]	41
Backdoor.Tidserv [Symantec]	39
Hoax.Win32.Renos.fhv [Kaspersky Lab]	35
Backdoor.Win32.UltimateDefender [Ikarus]	32
Backdoor.Win32.UltimateDefender.gen [Kaspersky Lab]	32
VirTool.Win32.Obfuscator.DF [Ikarus]	32
Mal/EncPk-KP [Sophos]	28
Mal/EncPk-IF [Sophos]	27
Packed.Generic.233 [Symantec]	27
Virus.Win32.Virut.au [Ikarus]	27
Virus.Win32.Zbot.AQM [Ikarus]	26
Mal/Generic-A [Sophos]	25
Downloader.gen.a [McAfee]	23
Downloader-BKK [McAfee]	22
Virus.Win32.Lighty [Ikarus]	22
Trojan-Downloader.Win32.Renos [Ikarus]	21
Generic Dropper.bw [McAfee]	20
Trojan.Renos.Gen!Pac.10 [PC Tools]	20
Trojan.Win32.FraudPack [Ikarus]	20
Virus.Win32.FakeAlert.AJ [Ikarus]	19
Trojan.Win32.FraudPack.gxo [Kaspersky Lab]	18
Hoax.Win32.Renos.vayu [Kaspersky Lab]	16
Win-Trojan/Bredolab.13312.F [AhnLab]	16
Trojan.Packed.13 [Symantec]	15
Hoax.Win32.Renos [Ikarus]	13
Hoax.Win32.Renos.feq [Kaspersky Lab]	12
Generic FakeAlert.a [McAfee]	11
FakeAlert-AP [McAfee]	10
Generic.dx [McAfee]	10
Troj/FakeVir-GL [Sophos]	10
Win-Trojan/Xema.variant [AhnLab]	10
Backdoor.Win32.TDSS.bnk [Kaspersky Lab]	9
Downloader [Symantec]	9
Hoax.Win32.Renos.ffk [Kaspersky Lab]	9
not-a-virus:FraudTool.Win32.XPSecurityCenter.ai [Kaspersky Lab]	9
TROJ_MALBEHV.MCS [Trend Micro]	9
Trojan.Win32.BHO.fby [Kaspersky Lab]	9
Generic PUP.a [McAfee]	8
TROJ_RENOS.AKQ [Trend Micro]	8
Trojan.BHO!sd6 [PC Tools]	8
Trojan-Downloader.Win32.FraudLoad.vbys [Kaspersky Lab]	8
Troj/BHO-GI [Sophos]	7
Troj/Dorf-BB, Mal/TibsPak [Sophos]	7
Trojan.Virantix [Symantec]	7
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	7
Trojan-Downloader.Win32.FraudLoad [Ikarus]	7
Hoax.Win32.Renos.esb [Kaspersky Lab]	6
Troj/FakeAle-ID [Sophos]	6
TROJ_BHO.SP [Trend Micro]	6
Trojan.Win32.Agent.avul [Kaspersky Lab]	6
Trojan:Win32/FakeAlert [Microsoft]	6
Backdoor.Tidserv!sd6 [PC Tools]	5
Trojan.Renos.Gen!Pac.5 [PC Tools]	5
Trojan-Clicker.Win32.Delf.akw [Kaspersky Lab]	5
XPSecurityCenter [Symantec]	5
Backdoor.Win32.TDSS.bnh [Kaspersky Lab]	4
Backdoor.Win32.TDSS.bot [Kaspersky Lab]	4
Backdoor.Win32.UltimateDefender.gml [Kaspersky Lab]	4
Generic Dropper [McAfee]	4
Hoax.Win32.Renos.fef [Kaspersky Lab]	4
Hoax.Win32.Renos.fei [Kaspersky Lab]	4
Hoax.Win32.Renos.fex [Kaspersky Lab]	4
Hoax.Win32.Renos.fge [Kaspersky Lab]	4
Hoax.Win32.Renos.vbmz [Kaspersky Lab]	4
Packer.Malware.Lighty.O [Ikarus]	4
Troj/FakeAle-IH [Sophos]	4
Troj/FakeAle-JK [Sophos]	4
TROJ_DLOADR.RS [Trend Micro]	4
TROJ_RENOS.AHO [Trend Micro]	4
Trojan.Win32.Agent.acab [Kaspersky Lab]	4
Trojan.Win32.Agent.anxj [Kaspersky Lab]	4
Trojan.Win32.Agent.apwo [Kaspersky Lab]	4
Trojan.Win32.Pakes.lgf [Kaspersky Lab]	4
Trojan-Downloader.Win32.Agent.ajiw [Kaspersky Lab]	4
Trojan-Downloader.Win32.FraudLoad.vdlg [Kaspersky Lab]	4
Trojan-Downloader.Win32.FraudLoad.vdoj [Kaspersky Lab]	4

TrojanDownloader:Win32/Renos [Microsoft] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	15
	Italy	1
	Thailand	1

TrojanDownloader:Win32/Renos [Microsoft] is known to be created as:

%AppData%\seres.exe

%AppData%\svcst.exe

%ProgramFiles%\rhc75dj0erc1\rhc75dj0erc1.exe

%ProgramFiles%\rhc75dj0erc1\uninstall.exe

%System%\blphc35dj0erc1.scr

%System%\brastk.exe

%System%\braviax.exe

%System%\dombho.dll

%System%\domie.dll

%System%\domiebho.dll

%System%\frmwrk32.exe

%System%\hombho.dll

%System%\homie.dll

%System%\homiebho.dll

%System%\ieexplorer32.exe

%System%\lphc35dj0erc1.exe

%System%\sofbho.dll

%System%\sofie.dll

%System%\sofiebho.dll

%System%\winupdate86.exe

%Temp%\377121.exe

%Temp%\brastk.exe

%Temp%\braviax.exe

%Temp%\buritos.exe

%Temp%\dropper_286962.exe

%Temp%\seres.exe

%Temp%\svcst.exe

%Temp%\winupdate86.exe

%Temp%\wndutl32.dll

%Windir%\xpupdate.exe

c:\winstall.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.