ThreatExpert's Statistics for Trojan.Win32.FakeAV [Ikarus]:

Trojan.Win32.FakeAV [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan:Win32/Fakeinit [Microsoft]	203
Trojan.Win32.Agent.dera [Kaspersky Lab]	156
Trojan:Win32/FakeXPA [Microsoft]	50
Mal/Generic-A [Sophos]	32
Trojan.FakeAV [PC Tools]	23
Mal/EncPk-LH, Mal/Basine-C [Sophos]	17
Trojan.FakeAV [Symantec]	17
Generic PUP.x!cd [McAfee]	16
Trojan.Win32.FakeScanti [Ikarus]	16
Trojan:Win32/FakeVimes [Microsoft]	16
Trojan-Ransom.Win32.Agent.iv [Kaspersky Lab]	15
Trojan Horse [Symantec]	13
Generic FakeAlert!ci [McAfee]	12
InternetAntivirus [Symantec]	12
Mal/FakeAV-AD [Sophos]	12
RogueAntiSpyware.InternetAntivirus [PC Tools]	12
Packed.Win32.TDSS.aa [Kaspersky Lab]	10
Trojan.Fakeavalert [Symantec]	10
Trojan-Downloader.Win32.FraudLoad.fqv [Kaspersky Lab]	10
Win-Trojan/Xema.variant [AhnLab]	10
FakeAlert-XPSecCenter [McAfee]	9
Troj/FakeAV-ADO [Sophos]	9
Trojan.Win32.FraudPack.ablk [Kaspersky Lab]	9
Trojan.Win32.FraudPack.tcl [Kaspersky Lab]	9
TrojanDownloader:Win32/Fakeinit [Microsoft]	9
WindowsAntivirusPro [Symantec]	9
Downloader.MisleadApp [Symantec]	8
Mal/FakeAV-CF [Sophos]	7
Packed.Generic.233 [Symantec]	7
SecurityToolFraud [Symantec]	7
TrojanDownloader:Win32/FakeRean [Microsoft]	7
CoreGuardAntivirus2009 [Symantec]	6
Downloader.MisleadApp [PC Tools]	6
Mal/EncPk-IF [Sophos]	6
Mal/EncPk-JY [Sophos]	6
Trojan.FakeAV!gen [Symantec]	6
Trojan.Generic [PC Tools]	6
Trojan-Downloader.Win32.FraudLoad.gcn [Kaspersky Lab]	6
Mal/EncPk-FX [Sophos]	5
Mal/FakeAV-CN [Sophos]	5
Trojan.Win32.FraudPack.aisj [Kaspersky Lab]	5
Trojan.Win32.FraudPack.alzs [Kaspersky Lab]	5
Trojan.Win32.FraudPack.vml [Kaspersky Lab]	5
FakeAlert-KC [McAfee]	4
FakeAlert-KP [McAfee]	4
Mal/EncPk-MX [Sophos]	4
Mal/FakeAV-AA [Sophos]	4
Troj/Bredo-BK [Sophos]	4
Trojan.Win32.FraudPack.acgv [Kaspersky Lab]	4
Trojan:Win32/PrivacyCenter [Microsoft]	4
AntiVirus2008 [Symantec]	3
Generic Dropper.bw [McAfee]	3
HeurEngine.MaliciousPacker [PC Tools]	3
Mal/EncPk-NP, Mal/FakeAV-BT [Sophos]	3
Mal/FakeAV-BW [Sophos]	3
Mal/FakeAV-BX [Sophos]	3
Packed.Generic.187 [Symantec]	3
Packed.Win32.Krap.ad [Kaspersky Lab]	3
RogueAntiSpyware.AntiVirus2009 [PC Tools]	3
Trojan:Win32/FakeRean [Microsoft]	3
Trojan:Win32/Winwebsec [Microsoft]	3
TrojanDownloader:Win32/FakeSmoke [Microsoft]	3
TrojanDownloader:Win32/Renos.KQ [Microsoft]	3
Trojan-Ransom [Ikarus]	3
Vilsel [McAfee]	3
XPAntivirus [Symantec]	3
Downloader [Symantec]	2
Downloader.Generic [PC Tools]	2
FakeAlert-BB [McAfee]	2
FakeAlert-DI [McAfee]	2
FakeAlert-KC.b [McAfee]	2
Generic FakeAlert!cm [McAfee]	2
Generic FakeAlert!dy [McAfee]	2
Generic FakeAlert!eh [McAfee]	2
Mal/EncPk-KP [Sophos]	2
Mal/FakeAV-BT [Sophos]	2
Mal/FakeAV-BT, Mal/FakeAV-BR [Sophos]	2
Mal/FakeAV-CA [Sophos]	2
Mal/FakeAV-CA, Mal/EncPk-JY [Sophos]	2
Mal/TDSSPack-Q [Sophos]	2
RogueAntiSpyware.Generic [PC Tools]	2
RogueAntiSpyware.PrivacyCenter.AJ [PC Tools]	2
Suspicious.MH690 [Symantec]	2
TROJ_FAKEALE.SMB [Trend Micro]	2
Trojan.FakeAV!gen9 [Symantec]	2
Trojan.RogueAV.a.gen [PC Tools]	2
Trojan.Win32.FraudPack.ablj [Kaspersky Lab]	2
Trojan.Win32.FraudPack.aloq [Kaspersky Lab]	2
Trojan.Win32.FraudPack.rcj [Kaspersky Lab]	2
Trojan:Win32/FakeSpypro [Microsoft]	2
Trojan:Win32/Liften.B [Microsoft]	2
Trojan-Downloader.Win32.FraudLoad.fkv [Kaspersky Lab]	2
Trojan-Downloader.Win32.NSIS.bq [Kaspersky Lab]	2
Win-Trojan/Fakeav.190993.B [AhnLab]	2
Win-Trojan/Fraudload.76892 [AhnLab]	2
AntiVirus2010 [Symantec]	1
AntivirusDoktor2009 [Symantec]	1
AntiVirusPro [McAfee]	1
Backdoor.Win32.UltimateDefender.za [Kaspersky Lab]	1
Downloader-BWS [McAfee]	1

Trojan.Win32.FakeAV [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	32
	Netherlands	2
	Brazil	1

Trojan.Win32.FakeAV [Ikarus] is known to be created as:

%AppData%\aaqwjm\xkjasftav.exe

%AppData%\auwova\dwlqsftav.exe

%AppData%\av.exe

%AppData%\control-center\ccagent.exe

%AppData%\control-center\ccmain.exe

%AppData%\flftwi\uithsftav.exe

%AppData%\jgravs\uhwnsftav.exe

%AppData%\kmkhjn\acxxsysguard.exe

%AppData%\lizkavd.exe

%AppData%\pc\pc.exe

%AppData%\pjuogo\njfssftav.exe

%AppData%\seres.exe

%AppData%\svcst.exe

%AppData%\upwbqp\sqsxsftav.exe

%AppData%\wjxnuk\gmfmsftav.exe

%CommonAppData%\21041109\21041109.exe

%CommonAppData%\21392017\21392017.exe

%CommonAppData%\25508727\25508727.exe

%CommonAppData%\25822928\25822928.exe

%CommonAppData%\2deb8\vs064.exe

%CommonAppData%\35283324\35283324.exe

%CommonAppData%\36166830\36166830.exe

%CommonAppData%\45867838\45867838.exe

%CommonAppData%\62617527\62617527.exe

%CommonAppData%\65389435\65389435.exe

%CommonAppData%\68285534\68285534.exe

%CommonAppData%\70553929\70553929.exe

%CommonAppData%\79028228\79028228.exe

%CommonAppData%\85645533\85645533.exe

%CommonAppData%\92918029\92918029.exe

%CommonAppData%\99399645\99399645.exe

%CommonAppData%\99848846\99848846.exe

%ProgramFiles%\advanced defender\advanceddefender.exe

%ProgramFiles%\advancedvirusremover\avr.exe

%ProgramFiles%\advancedvirusremover\pavrm.exe

%ProgramFiles%\antivirus\avbho.dll

%ProgramFiles%\antiviruspro_2010\antiviruspro_2010.exe

%ProgramFiles%\general antivirus\db\wmilib.dll

%ProgramFiles%\internetsecurity2010\is2010.exe

%ProgramFiles%\runit\runitu_32.exe

%ProgramFiles%\sytnko\gvljsysguard.exe

%ProgramFiles%\winsecurity360\winsecurity360.exe

%System%\avr09.exe

%System%\avr10.exe

%System%\desote.exe

%System%\ieexplorer32.exe

%System%\msxml71.dll

%System%\netfilter.exe

%System%\qt7fnpcf.exe

%System%\sdra64.exe

%System%\smss32.exe

%System%\winlogon32.exe

%System%\winlogon86.exe

%System%\winupdate.exe

%System%\winupdate86.exe

%Temp%\0_11adwara.exe

%Temp%\11adwara.exe

%Temp%\2_load.exe

%Temp%\6_ldry3.exe

%Temp%\66356834.exe

%Temp%\alphaav.exe

%Temp%\antivir.exe

%Temp%\antiviruspro_2010\antiviruspro_2010.exe

%Temp%\asp2009.exe

%Temp%\avto.exe

%Temp%\certificates.exe

%Temp%\certofsystem.exe

%Temp%\certsystem.exe

%Temp%\extrac64_cab.exe

%Temp%\microsoftdef.dll

%Temp%\microsoftdefend.dll

%Temp%\microsoftreg.dll

%Temp%\q1.exe

%Temp%\qt7fnpcf.exe

%Temp%\regeditsys.exe

%Temp%\regp.exe

%Temp%\regred.exe

%Temp%\securits.com

%Temp%\spoos.exe

%Temp%\spoov.exe

%Temp%\systemexplorer.exe

%Temp%\teste2_p.exe

%Temp%\usexplorer.exe

%Temp%\winhelper86.dll

%Temp%\winhlp64.exe

%Temp%\winlogon86.exe

%Temp%\winupd64x.exe

%Temp%\winupdate86.exe

%Temp%\wow64main.exe

%Temp%\yuarsftav.exe

%Windir%\certificates.exe

%Windir%\certofsystem.exe

%Windir%\certsystem.exe

%Windir%\ctfmon.exe

%Windir%\explorers.exe

%Windir%\freddy72.exe

%Windir%\microsoftdef.dll

%Windir%\microsoftdefend.dll

%Windir%\microsoftreg.dll

%Windir%\reged.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.