ThreatExpert's Statistics for Trojan-Downloader.Agent [Ikarus]:

Trojan-Downloader.Agent [Ikarus] is also known as:

Threat Alias	Number of Incidents
Downloader [Symantec]	58
Mal/Generic-A [Sophos]	49
Downloader-BJK [McAfee]	39
Mal/Zlob-AG [Sophos]	37
Trojan-Downloader.Agent!sd6 [PC Tools]	35
Trojan-Downloader.Win32.Agent.akuo [Kaspersky Lab]	35
Infostealer [Symantec]	34
PE_FLOB.A [Trend Micro]	30
Troj/Dloadr-BYW [Sophos]	30
Backdoor:Win32/Poisonivy.E [Microsoft]	26
Backdoor.Trojan [Symantec]	25
Trojan.Zlob [Symantec]	24
Trojan Horse [Symantec]	22
Suspicious.MH690 [Symantec]	21
Adware.DollarRevenue!sd5 [PC Tools]	20
Generic ProcKill.a [McAfee]	20
Trojan-Downloader.Agent!ct [PC Tools]	12
Generic BackDoor [McAfee]	11
Puper [McAfee]	11
Adware.DollarRevenue [Symantec]	10
Mal/EncPk-DB [Sophos]	10
Trojan.Generic [PC Tools]	10
Trojan-Downloader.Win32.Agent.nrr [Kaspersky Lab]	10
TrojanDownloader:Win32/Zlob.DI [Microsoft]	10
Trojan.Awax [Symantec]	9
Vundo [McAfee]	9
Generic Dropper.bm [McAfee]	8
Mal/Packer [Sophos]	8
TROJ_AGENT.ABTT [Trend Micro]	8
TrojanDownloader:Win32/Kolilks.A [Microsoft]	8
TrojanDropper:Win32/Renos.J [Microsoft]	8
Generic.dx [McAfee]	7
Mal/Inet-Fam [Sophos]	7
TROJ_AGENT.AIFA [Trend Micro]	7
Backdoor:Win32/Poisonivy.H [Microsoft]	6
Downloader-BGO [McAfee]	6
Generic Downloader.x [McAfee]	6
Mal/Zlob-AG, Mal/TibsPk-A [Sophos]	6
not-a-virus:AdWare.Win32.BHO.dbi [Kaspersky Lab]	6
Troj/DwnLdr-HID [Sophos]	6
Troj/DwnLdr-HRL [Sophos]	6
Trojan.Vundo.DU [PC Tools]	6
Trojan.Zlob!sd6 [PC Tools]	6
TrojanDownloader:Win32/Renos.DU [Microsoft]	6
Win-Trojan/Agent.61440.HT [AhnLab]	6
Backdoor.Win32.Poison.nzj [Kaspersky Lab]	5
SecurityRisk.Downldr [Symantec]	5
Troj/AdbPat-A [Sophos]	5
Trojan.Win32.Agent.apuz [Kaspersky Lab]	5
Trojan-Downloader [Ikarus]	5
Trojan-Downloader.Win32.VB.mbv [Kaspersky Lab]	5
Backdoor.Win32.Poison.acwq [Kaspersky Lab]	4
Backdoor:Win32/FlyAgent.E [Microsoft]	4
BAT/Xema [AhnLab]	4
Generic Downloader.x!bur [McAfee]	4
Generic PWS.ay [McAfee]	4
Mal/Koceg-A [Sophos]	4
Troj/Agent-HWV [Sophos]	4
Troj/Agent-KAP [Sophos]	4
TROJ_INTOPEN.A [Trend Micro]	4
Trojan.Agent [Ikarus]	4
Trojan.DL.Agent.XGB [PC Tools]	4
Trojan:Win32/Bumat!rts [Microsoft]	4
Trojan:Win32/Malagent [Microsoft]	4
Trojan-Downloader.NSIS.Agent.cn [Kaspersky Lab]	4
Trojan-Downloader.Win32.Agent.ajlg [Kaspersky Lab]	4
Trojan-Downloader.Win32.Agent.ajws [Kaspersky Lab]	4
Trojan-Downloader.Win32.Agent.cgyo [Kaspersky Lab]	4
Trojan-PSW.Generic [PC Tools]	4
Trojan-Spy.Win32.Agent.mm [Ikarus]	4
Trojan-Spy.Win32.FlyStudio.atl [Kaspersky Lab]	4
Trojan-Spy.Win32.Gologger.20.al [Kaspersky Lab]	4
Virus.Win32.Virut.ce [Kaspersky Lab]	4
W32.SillyFDC [Symantec]	4
W32.Virut.CF [Symantec]	4
Win-Trojan/Agent.147456.EF [AhnLab]	4
Win-Trojan/Agent.9216.LF [AhnLab]	4
Win-Trojan/Poisonivy.115200 [AhnLab]	4
Win-Trojan/ProcKill.4096 [AhnLab]	4
WORM_SOCKS.BL [Trend Micro]	4
Downloader.Generic [PC Tools]	3
Generic Downloader.e [McAfee]	3
Hoax.Win32.Renos.vark [Kaspersky Lab]	3
Trojan-Downloader.Win32.Kolilks [Ikarus]	3
Virus:Win32/Virut.BM [Microsoft]	3
W32/Scribble-B [Sophos]	3
Win32/Virut.F [AhnLab]	3
Win-Trojan/Undef.28672 [AhnLab]	3
Backdoor.Ciadoor [Symantec]	2
Backdoor:Win32/Koceg.gen!A [Microsoft]	2
BackDoor-DRW [McAfee]	2
DollarRevenue!a [McAfee]	2
Downloader.gen.a [McAfee]	2
Generic PUP.z [McAfee]	2
Generic.dx!be [McAfee]	2
Mal/Heuri-D, Mal/Koceg-A [Sophos]	2
Mal/UnkPack-Fam [Sophos]	2
New Malware.ja [McAfee]	2
New Poly Win32 [McAfee]	2
Troj/Virtum-Gen [Sophos]	2

Trojan-Downloader.Agent [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	United Kingdom	20
	Republic of Korea	17
	Russian Federation	12
	China	10
	Brazil	3
	Germany	3
	Switzerland	2
	Egypt	1
	Saudi Arabia	1
	Sweden	1

Trojan-Downloader.Agent [Ikarus] is known to be created as:

%AllUsersProfile%\mcirrzrsr.dll

%AppData%\spool.exe

%AppData%\spooll.exe

%ProgramFiles%\1 nutty santa screen saver 2.8\setupvalidater.exe

%ProgramFiles%\21 flying images 2.1\setupvalidater.exe

%ProgramFiles%\4th of july fireworks show 1.2\setupvalidater.exe

%ProgramFiles%\4th of july fireworks show 1.3\setupvalidater.exe

%ProgramFiles%\a-1 image 4.20\setupvalidater.exe

%ProgramFiles%\creata screen saver 3.3\setupvalidater.exe

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\ovwxba\lgbbsysguard.exe

%ProgramFiles%\pointway\controlpointway.exe

%ProgramFiles%\popguide\popguide_joy1004.dll

%ProgramFiles%\riptide\monitor.dll

%ProgramFiles%\shoppingdum\shoppingdum.exe

%System%\adimeeaa.dll

%System%\awtqnkhe.dll

%System%\brclientname.dll

%System%\bsclientname.dll

%System%\bxtpgcucsfx.exe

%System%\cbxpifuv.dll

%System%\cheak_hook.dll

%System%\ctfmon_eo.exe

%System%\deecenveu.dll

%System%\drivers\ctfmon.exe

%System%\drivers\ctfmun.exe

%System%\driversscr.scr

%System%\explorer.exe

%System%\hlkmqxawlnm.exe

%System%\ipsecndis.sys

%System%\ljjdukig.dll

%System%\mljyvsmk.dll

%System%\msn.exe

%System%\mvrovncei.dll

%System%\one.exe

%System%\prstservice.dll

%System%\qomggfgf.dll

%System%\serivre\serivre.exe

%System%\ssqrldsj.dll

%System%\svchostw.exe

%System%\svhosts.exe

%System%\sysutil32.exe

%System%\win32gl\svchost.exe

%System%\xpscreen.exe

%System%\xpserver.dll

%System%\xxyywtts.dll

%System%\yayywqpi.dll

%Temp%\090430-3-0.exe

%Temp%\ccchei.dll

%Temp%\crack\crack.exe

%Temp%\dahbbd.dll

%Temp%\dghfhf.dll

%Temp%\firefox-update.exe

%Temp%\ixp000.tmp\sssss.exe

%Temp%\keymaker.exe

%Temp%\moon.exe

%Temp%\neat image pro plus v5.9\fo-nim59.exe

%Temp%\nse3.tmp\nsprocess.dll

%Temp%\nsf7.tmp\nsprocess.dll

%Temp%\nsh13.tmp\nsprocess.dll

%Temp%\nsi3.tmp\nsprocess.dll

%Temp%\nsj6.tmp\nsprocess.dll

%Temp%\nsk2.tmp\nsprocess.dll

%Temp%\nsl5.tmp\nsprocess.dll

%Temp%\nsm3.tmp\nsprocess.dll

%Temp%\nsr10.tmp\nsprocess.dll

%Temp%\nsr4.tmp\nsprocess.dll

%Temp%\nsu4.tmp\nsprocess.dll

%Temp%\nsz6.tmp\nsprocess.dll

%Temp%\setup.exe

%Temp%\setupvalidater.exe

%UserProfile%\data\mydll.dll

%Windir%\37i0msd.exe

%Windir%\71hx5deqapjj.exe

%Windir%\aiven.exe

%Windir%\antamade.exe

%Windir%\avtapit.dll

%Windir%\emufo2p2gnng.exe

%Windir%\endivide.exe

%Windir%\gatnerty.exe

%Windir%\jarcartan.exe

%Windir%\lcxfuhcp5g.exe

%Windir%\ld10.exe

%Windir%\m82g4utz.exe

%Windir%\msn.exe

%Windir%\qnreccocr.dll

%Windir%\system32:espdmx.exe

%Windir%\systemxp.dll

%Windir%\temp\haggeg.dll

%Windir%\test.exe

%Windir%\tregeury.exe

%Windir%\watsonju.exe

%Windir%\wexcdms.dll

%Windir%\znuiuueeo.dll

c:\d.exe

c:\exec.exe

c:\lsass.exe

c:\stealer.exe

c:\windows:msfirewall.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.