ThreatExpert's Statistics for Trojan-Downloader.Win32.Small [Ikarus]:

Trojan-Downloader.Win32.Small [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan-Downloader.Small!sd6 [PC Tools]	6,660
Downloader-BJN.sys [McAfee]	5,550
Trojan:Win32/Abndog.A [Microsoft]	5,550
Trojan-Downloader.Win32.Small.xxh [Kaspersky Lab]	5,550
Trojan.Drondog [Symantec]	5,476
Mal/Generic-A [Sophos]	4,475
Downloader [Symantec]	2,084
Troj/Rootkit-EM [Sophos]	1,628
Generic Downloader.x [McAfee]	1,409
TROJ_DLOADER.DTK [Trend Micro]	1,305
Trojan-Downloader.Small.BUY [PC Tools]	1,305
Trojan-Downloader.Win32.Small.buy [Kaspersky Lab]	1,269
Trojan Horse [Symantec]	1,099
Troj/LogThief-A [Sophos]	784
Trojan-Downloader.Win32.Small.agbh [Kaspersky Lab]	784
Trojan-Downloader.Small!sd5 [PC Tools]	759
Spam-Mailbot [McAfee]	728
Trojan-Downloader.Win32.Small.tra [Kaspersky Lab]	703
Troj/Drop-O [Sophos]	676
Trojan-Downloader.Win32.Small.jis [Kaspersky Lab]	412
Win-Trojan/Downloader.9728.KT [AhnLab]	412
Trojan:Win32/Rlsloup.B [Microsoft]	364
BackDoor-DNP.dll [McAfee]	252
Trojan.DL.Ftpgzips.A.Gen [PC Tools]	248
Troj/Dloadr-BMT [Sophos]	247
Trojan-Downloader.Win32.Small.agct [Kaspersky Lab]	247
Spyware.ISearch [Symantec]	225
Generic.dx [McAfee]	191
Adware:Win32/Isearch.B [Microsoft]	189
Win-Trojan/Downloader.3584.KG [AhnLab]	168
Trojan.Dropper [Symantec]	166
Trojan-Downloader.Win32.Small.aacq [Kaspersky Lab]	148
Mal/Inet-Fam [Sophos]	144
Mal/Behav-144, Mal/Behav-009 [Sophos]	139
Downloader.gen.a [McAfee]	118
Trojan:Win32/Dumpeft.A [Microsoft]	112
TrojanDownloader:Win32/Small [Microsoft]	109
Backdoor.Trojan [Symantec]	103
Win-Trojan/Xema.variant [AhnLab]	102
Troj/DwnLdr-HRT [Sophos]	101
Trojan-Downloader.Win32.Small.yvn [Kaspersky Lab]	94
Infostealer [Symantec]	90
Trojan:Win32/Almanah.C!dll [Microsoft]	87
Trojan-Downloader.Win32.Small.almj [Kaspersky Lab]	86
Backdoor:Win32/Small.D [Microsoft]	83
Trojan-Downloader.Win32.Small.jlh [Kaspersky Lab]	81
Win-Trojan/Downloader.10240.LV [AhnLab]	81
Win-Trojan/Downloader.20992.HH [AhnLab]	80
Worm.Win32.Socks.u [Ikarus]	78
W32.Kakavex [Symantec]	77
W32/Expiro [McAfee]	77
Virus:Win32/Expiro.G [Microsoft]	76
Downloader.MisleadApp [Symantec]	75
Downloader-BTI [McAfee]	75
Win32.Expiro.Gen [PC Tools]	73
Win32/Expiro [AhnLab]	72
PE_EXPIRO.F [Trend Micro]	71
W32/Expiro-C [Sophos]	70
Packed/FSG [PC Tools]	68
Troj/Dloadr-CTC [Sophos]	66
Virus.Win32.Expiro.f [Kaspersky Lab]	66
Generic BackDoor [McAfee]	60
Trojan-Downloader.Agent [PC Tools]	60
Downloader.Trojan [Symantec]	59
PWS:Win32/Strpasseal.B [Microsoft]	59
Troj/AdbPat-A [Sophos]	57
Mal/Emogen-R [Sophos]	56
Backdoor.Perlovga.B [PC Tools]	54
Backdoor.Win32.Small.lo [Kaspersky Lab]	54
Infostealer.Gampass [Symantec]	54
TrojanDownloader:Win32/Small.AABL [Microsoft]	54
W32/Perlovga [McAfee]	54
TrojanDownloader:Win32/Smallagent [Microsoft]	53
TSPY_AGENT.ACAK [Trend Micro]	52
TROJ_SMALL.KGX [Trend Micro]	50
Trojan-Downloader.Small.GEN [PC Tools]	50
Trojan:Win32/Ertfor.A [Microsoft]	46
Packed.Generic.218 [Symantec]	43
Trojan-Downloader.Win32.Small.alzl [Kaspersky Lab]	43
Backdoor:Win32/Small.PV [Microsoft]	42
W32/Bckdr-LBV [Sophos]	42
Downloader.Generic [PC Tools]	40
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	38
Generic Downloader.x!io [McAfee]	36
Mal/Packer [Sophos]	36
TROJ_MURLO.AA [Trend Micro]	36
Trojan.Zlob [Symantec]	36
Trojan-Clicker.Win32.Small.xj [Kaspersky Lab]	36
Trojan:Win32/Oficla.E [Microsoft]	35
Infostealer.Onlinegame [Symantec]	32
Trojan-Downloader.Win32.Small.agdo [Kaspersky Lab]	32
Adware.Agent.ZO [PC Tools]	30
Win-Trojan/Clicker.45056.D [AhnLab]	30
Mal/TinyDL-T [Sophos]	29
VirTool:Win32/CeeInject.gen!J [Microsoft]	29
Generic Downloader.x!wy [McAfee]	28
Mal/EncPk-HH [Sophos]	28
Generic Downloader.ap [McAfee]	27
Troj/DwnLdr-HGO [Sophos]	26
Troj/Frink-Gen [Sophos]	26

Trojan-Downloader.Win32.Small [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	China	645
	Spain	54
	United Kingdom	48
	Brazil	41
	Russian Federation	41
	Republic of Korea	22
	Finland	4
	Germany	4
	Canada	3
	France	3
	Taiwan	3
	Netherlands	1
	Portugal	1
	Turkey	1

Trojan-Downloader.Win32.Small [Ikarus] is known to be created as:

%AllUsersProfile%\services.exe

%AppData%\google\update\googleupdatebeta.exe

%AppData%\spool.exe

%AppData%\winhlp64.exe

%DownloadedProgramFiles%\update_.exe

%DownloadedProgramFiles%\usbkey.exe

%FontsDir%\4e17c240.exe

%InternetCache%\34104.exe

%InternetCache%\4.exe

%InternetCache%\51490.exe

%MyDocuments%\my music\46630.exe

%Profiles%\2081a.exe

%ProgramFiles%\anti-spam bastion\wr-1-1002397.exe

%ProgramFiles%\anti-spam bastion\yazzlebundle-1739.exe

%ProgramFiles%\antiviirus.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\catchtime\catchup.exe

%ProgramFiles%\common files\system\directdb.exe

%ProgramFiles%\common files\system\msasp32.exe

%ProgramFiles%\common files\system\wab32res.exe

%ProgramFiles%\dbclean\cleanup.exe

%ProgramFiles%\driver\driver.sys

%ProgramFiles%\free ftp manager\wr-1-1002397.exe

%ProgramFiles%\free ftp manager\yazzlebundle-1739.exe

%ProgramFiles%\infoc\initinfoc.exe

%ProgramFiles%\infoclock screensaver\mail.exe

%ProgramFiles%\internet explorer\iemain.sys

%ProgramFiles%\internet explorer\ntshrui.dll

%ProgramFiles%\limewire download speed\wr-1-1002397.exe

%ProgramFiles%\limewire download speed\yazzlebundle-1739.exe

%ProgramFiles%\maxp2p\update_check.exe

%ProgramFiles%\microsoft office\svchost.exe

%ProgramFiles%\richvideocodec\multiloader.dll

%ProgramFiles%\shareaza download speed\wr-1-1002397.exe

%ProgramFiles%\shareaza download speed\yazzlebundle-1739.exe

%ProgramFiles%\shelp\shelp.exe

%ProgramFiles%\sms sender 3\operators\beelineplugin.dll

%ProgramFiles%\sms sender 3\operators\beelineruplugin.dll

%ProgramFiles%\sms sender 3\operators\beelineuaplugin.dll

%ProgramFiles%\sms sender 3\operators\megafonmoscowplugin.dll

%ProgramFiles%\sms sender 3\operators\mtsplugin.dll

%ProgramFiles%\sms sender 3\operators\mtsruplugin.dll

%ProgramFiles%\sms sender 3\operators\perfectumplugin.dll

%ProgramFiles%\sms sender 3\operators\tele2plugin.dll

%ProgramFiles%\spooler.exe

%ProgramFiles%\spoolsvt.exe

%ProgramFiles%\tmp0.exe

%ProgramFiles%\tmp1.exe

%ProgramFiles%\tmp2.exe

%ProgramFiles%\tmp3.exe

%ProgramFiles%\twinsoft\inittwin.exe

%Programs%\startup\userinit.exe

%System%\_bot.exe

%System%\002.exe

%System%\090514-2-2.exe

%System%\10123_setup.exe

%System%\1036a\adxparsdll.exe

%System%\1039a\atrdinac.exe

%System%\1049a\hinacomde.exe

%System%\114156.exe

%System%\119437.exe

%System%\12033\cvserchka.exe

%System%\1206448739\winlogon.exe

%System%\3036a\dbparsdll.exe

%System%\553.exe

%System%\a1\dnslook11.exe

%System%\a1\idexpnd.exe

%System%\a1\mid2dll.exe

%System%\a13\rarndrll2.exe

%System%\a3d1e76.exe

%System%\ac1\tliamdll2.exe

%System%\ace2\bmv35gui.exe

%System%\acom\adxparsdll.exe

%System%\acom1\wdpars11.exe

%System%\adirss.exe

%System%\adservice.dll

%System%\allmax.dll

%System%\alsys.exe

%System%\ap1\dnwldr132.exe

%System%\apcwsc.exe

%System%\at1\sxdparsdll.exe

%System%\avpo1.dll

%System%\ax1\golcidr31z.exe

%System%\ax3\dincomsdll3.exe

%System%\axbq.exe

%System%\axtmp\atv5105nt.exe

%System%\b1\cbwa3ui.exe

%System%\b1\roblcidr31z.exe

%System%\b2\dwdldr1.exe

%System%\b2\warndrll2.exe

%System%\b3\rarndrll2.exe

%System%\bbc1\hoftidndll3.exe

%System%\bde\nesdem7.exe

%System%\bifrost\server.exe

%System%\bo2\ivdwnll2.exe

%System%\bo4\softidndll3.exe

%System%\bot2\cap32bak.exe

%System%\brastk.exe

%System%\bt2\philcom3.exe

%System%\btz\l3pars2.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%DownloadedProgramFiles% is a variable that refers to the file system directory containing downloaded program files. A typical path is C:\Windows\Downloaded Program Files.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).