ThreatExpert's Statistics for Trojan.Win32.Agent [Ikarus]:

Trojan.Win32.Agent [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	6,493
Trojan.Win32.Agent.abt [Kaspersky Lab]	3,541
Generic!atr [McAfee]	3,256
BAT.Botget.C [PC Tools]	3,240
Trojan:Win32/Alureon.gen!J [Microsoft]	3,159
Trojan.Win32.Agent.akwc [Kaspersky Lab]	2,701
DNSChanger.gen [McAfee]	2,670
Mal/AdvPatch-A, Mal/Broute-A [Sophos]	2,645
Worm.AutoRun.GEN [PC Tools]	1,406
Trojan.Win32.Alureon.J [Ikarus]	1,295
Mal/Packer, Mal/EncPk-BW [Sophos]	1,053
Trojan-PWS.OnlineGames.ADRD [PC Tools]	1,050
Mal/Generic-A [Sophos]	945
Generic.dx [McAfee]	875
Infostealer.Gampass [Symantec]	769
W32/LCJump-B [Sophos]	672
Trojan.Alureon.J [PC Tools]	629
New Malware.n [McAfee]	546
Trojan.Agent!sd6 [PC Tools]	438
Packed/Upack [AhnLab]	363
NTRootKit-J [McAfee]	348
Trojan.Win32.Agent.asu [Kaspersky Lab]	342
TROJ_AGYSTEO.A [Trend Micro]	339
Worm:Win32/Autorun.GY!inf [Microsoft]	336
Trojan.Agent.ASU [PC Tools]	315
W32.Rajump [Symantec]	313
Hacktool.Rootkit [Symantec]	304
Trojan.Agent.VYJ [PC Tools]	296
Worm:Win32/RJump.F [Microsoft]	293
W32/LCJump-A [Sophos]	292
WORM_RJUMP.AI [Trend Micro]	292
Generic Malware.eb [McAfee]	291
Backdoor.IRC.Bot [Symantec]	222
TROJ_AGENT.ACSF [Trend Micro]	217
Win-Trojan/Agent.3584.DB [AhnLab]	210
Generic.dx!ui [McAfee]	203
Downloader [Symantec]	200
Trojan.Win32.Agent.cmn [Kaspersky Lab]	194
Trojan-GameThief.Win32.OnLineGames.ufmu [Kaspersky Lab]	189
Trojan.Win32.Agent.cuxo [Kaspersky Lab]	175
Trojan-Spy.Banker [Ikarus]	162
Trojan.Win32.Agent.acqs [Kaspersky Lab]	158
Trojan.Win32.Agent.arfd [Kaspersky Lab]	146
Mal/Emogen-R [Sophos]	145
Backdoor:Win32/Small.D [Microsoft]	144
Trojan.Win32.Agent.bctq [Kaspersky Lab]	144
Mal/Behav-160 [Sophos]	133
Troj/FakeAV-DC [Sophos]	130
TROJ_FAKEALE.BJ [Trend Micro]	130
W32.Spamuzle [Symantec]	121
Infostealer.Onlinegame [Symantec]	102
Generic Downloader.x [McAfee]	99
Backdoor.Trojan [Symantec]	96
Trojan.Win32.Agent.aqo [Kaspersky Lab]	96
Worm:Win32/Mariofev.A [Microsoft]	90
Trojan.Win32.Agent.cwje [Kaspersky Lab]	88
Trojan.Agent.VZD [PC Tools]	86
Mal/Emogen-E, Mal/Behav-160 [Sophos]	85
Suspicious.MH690 [Symantec]	85
Trojan.Generic [PC Tools]	85
FakeAlert-AB [McAfee]	81
W32/MarioF-B, W32/MarioF-B [Sophos]	81
W32/Mariofev.worm [McAfee]	81
TROJ_AGENT.ADRW [Trend Micro]	80
Trojan.Win32.Agent.bykq [Kaspersky Lab]	77
Trojan.Win32.Inject.nry [Kaspersky Lab]	77
Trojan-GameThief.Win32.OnLineGames.ubok [Kaspersky Lab]	76
Troj/Virtum-Gen [Sophos]	74
Infostealer [Symantec]	71
Win-Trojan/Xema.variant [AhnLab]	68
New Malware.aj [McAfee]	62
Vundo.gen.ab [McAfee]	59
Packed.Generic.214 [Symantec]	58
Trojan.Agent!sd5 [PC Tools]	54
PWS-Cashgrabber!a [McAfee]	53
Generic PWS.o [McAfee]	50
Trojan.KillAV [Symantec]	50
Trojan.Win32.Agent.akxd [Kaspersky Lab]	50
Trojan.Win32.Agent.bjql [Kaspersky Lab]	49
Trojan.Win32.Agent.cemd [Kaspersky Lab]	49
Trojan.Win32.Agent.rap [Kaspersky Lab]	49
W32/MarioF-Gen, Mal/TinyDL-T [Sophos]	49
Trojan:Win32/Vundo.gen!BC [Microsoft]	48
Trojan.Win32.Agent.cws [Kaspersky Lab]	47
Trojan.Win32.Inject.ljl [Kaspersky Lab]	47
Mal/Packer, Mal/EncPk-BW, Mal/Dloadr-E [Sophos]	45
Trojan:Win32/Zlob.GL [Microsoft]	45
Win-Trojan/Mariofev.94208 [AhnLab]	45
Backdoor.Win32.Small.har [Kaspersky Lab]	43
Trojan.Vundo [Symantec]	43
Generic BackDoor [McAfee]	42
Generic VB.b [McAfee]	42
Generic.dx!bq [McAfee]	42
Program:Win32/FakeAlert.N [Microsoft]	42
Mal/StartP-A, Mal/Emogen-H, Mal/Emogen-F [Sophos]	41
Trojan.Win32.Agent.ccpe [Kaspersky Lab]	41
Trojan:Win32/Agent [Microsoft]	41
Trojan.Win32.Agent.cppg [Kaspersky Lab]	40
Trojan.Win32.Agent.airw [Kaspersky Lab]	39
Trojan:Win32/Startpage.DE [Microsoft]	39

Trojan.Win32.Agent [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	China	1,348
	Russian Federation	163
	United Kingdom	106
	Germany	48
	Ukraine	35
	Japan	18
	Brazil	15
	Sweden	13
	Netherlands	12
	Republic of Korea	10
	France	9
	Turkey	9
	Italy	5
	Israel	3
	Peru	3
	Taiwan	3
	Austria	2
	Spain	2
	Algeria	1
	Australia	1
	Belgium	1
	Canada	1
	Finland	1
	Greece	1
	Indonesia	1
	Iran	1
	Poland	1
	Portugal	1
	Switzerland	1

Trojan.Win32.Agent [Ikarus] is known to be created as:

%AllUsersProfile%\drm\bda.scr

%AllUsersProfile%\xzemniu.dll

%AppData%\adobe\manager.exe

%AppData%\cogad\cogad.exe

%AppData%\deoklyov.dll

%AppData%\flashsdk.exe

%AppData%\gadcom\gadcom.exe

%AppData%\macromedia\common\ff7100021.dll

%AppData%\macromedia\common\ff71000219.exe

%AppData%\microsoft\windows\winlogon.exe

%AppData%\microsoft\windows\wtnmm.exe

%AppData%\rpcatm97\rpcatm97.dll

%AppData%\services.exe

%AppData%\tec\svchost.exe

%AppData%\wdfmgr.exe

%CommonAppData%\kcifhd.scr

%CommonAppData%\microsoft\ipdll.dll

%CommonAppData%\svhost.exe

%CommonDesktopDir%\arnkmna.scr

%CommonDesktopDir%\bd.exe

%CommonDesktopDir%\bda.scr

%CommonDesktopDir%\fwxuw.exe

%CommonDesktopDir%\fwxuwia.scr

%CommonDesktopDir%\ifjgx.exe

%CommonDesktopDir%\vxpmtmp.scr

%CommonDocuments%\my music\sample music\elli.scr

%CommonDocuments%\my music\sample playlists\00090beb\fw.scr

%CommonFavorites%\kci.scr

%CommonFavorites%\kcifhda.exe

%CommonFavorites%\nkt.scr

%CommonFavorites%\nktqiku.exe

%CommonFavorites%\spe.scr

%CommonFavorites%\spebsfu.exe

%CommonPrograms%\startup\explorer.exe

%CommonPrograms%\startup\svchost.exe

%CommonTemplates%\dayvnuu.scr

%FontsDir%\360eaec0.exe

%FontsDir%\4e17c240.exe

%FontsDir%\aaaxr.dll

%FontsDir%\bhqbm.dll

%FontsDir%\cxwov.dll

%FontsDir%\fcgkh.dll

%FontsDir%\fgiet.dll

%FontsDir%\gccpx.dll

%FontsDir%\jdolc.dll

%FontsDir%\jirhw.dll

%FontsDir%\klhmw.dll

%FontsDir%\lawwi.dll

%FontsDir%\ndobv.dll

%FontsDir%\odbnx.dll

%FontsDir%\pvrwt.dll

%FontsDir%\qgqha.dll

%FontsDir%\qshda.dll

%FontsDir%\qvsdc.dll

%FontsDir%\rdmtq.dll

%FontsDir%\shvpm.dll

%FontsDir%\svchost.exe

%FontsDir%\system32.dll

%FontsDir%\timpiatform.exe

%FontsDir%\uuphr.dll

%FontsDir%\uwhoq.dll

%FontsDir%\uxbup.dll

%FontsDir%\wtcwe.dll

%LocalSettings%\bdawe.scr

%LocalSettings%\tbqnk.scr

%Profiles%\dayvnu.exe

%Profiles%\default user\desktop\kcifhda.exe

%Profiles%\default user\local settings\application data\spe.exe

%Profiles%\default user\my documents\bda.exe

%Profiles%\default user\nethood\bdaw.exe

%Profiles%\default user\nethood\dayv.exe

%Profiles%\default user\nethood\ell.exe

%Profiles%\default user\nethood\elli.exe

%Profiles%\default user\nethood\gik.exe

%Profiles%\default user\nethood\jqvs.exe

%Profiles%\default user\nethood\nkt.scr

%Profiles%\default user\nethood\phs.exe

%Profiles%\default user\printhood\elli.exe

%Profiles%\default user\sendto\kcifh.exe

%Profiles%\default user\start menu\programs\startup\autotbar.exe

%Profiles%\htw.scr

%Profiles%\htwt.scr

%Profiles%\jqv.scr

%Profiles%\jqvspjk.scr

%Profiles%\localservice\fw.exe

%Profiles%\myh.exe

%Profiles%\networkservice\application data\jqvsp.exe

%Profiles%\networkservice\application data\jqvspj.scr

%Profiles%\networkservice\application data\nktqi.exe

%Profiles%\networkservice\application data\spebs.exe

%Profiles%\networkservice\local settings\history\fw.scr

%Profiles%\networkservice\local settings\history\if.scr

%Profiles%\networkservice\local settings\history\jq.scr

%Profiles%\networkservice\local settings\history\nk.scr

%Profiles%\networkservice\local settings\history\ph.scr

%Profiles%\networkservice\local settings\history\wj.scr

%Profiles%\networkservice\local settings\temp\phsp.scr

%Profiles%\networkservice\qsf.exe

%Profiles%\ovg.scr

%Profiles%\phs.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%CommonTemplates% is a variable that refers to the file system directory that contains the templates that are available to all users. A typical path is C:\Documents and Settings\All Users\Templates (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.