ThreatExpert's Statistics for Trojan.Win32.Winwebsec [Ikarus]:

Trojan.Win32.Winwebsec [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan:Win32/Winwebsec [Microsoft]	31
Packed.Generic.218 [Symantec]	22
FakeAlert-WinwebSecurity.gen [McAfee]	14
Mal/EncPk-IF [Sophos]	13
FakeAlert-DA [McAfee]	12
Win-Trojan/Xema.variant [AhnLab]	12
Packed.Generic.234 [Symantec]	11
TrojanClicker:Win32/Klik [Microsoft]	11
Mal/EncPk-HH [Sophos]	10
FakeAlert-WinwebSecurity.a [McAfee]	9
Trojan-Downloader.Win32.Wzhyk.ah [Kaspersky Lab]	9
Mal/FakeAV-AX, Mal/FakeAV-AE [Sophos]	8
Troj/AgtJPP-Gen [Sophos]	6
Trojan:Win32/Ertfor.A [Microsoft]	6
Mal/Generic-A [Sophos]	5
TrojanDownloader:Win32/FakeRean [Microsoft]	5
TrojanSpy:Win32/Zbot.gen!C [Microsoft]	5
Win32/IRCBot.worm.variant [AhnLab]	5
FakeAlert-CO [McAfee]	4
FakeAlert-DZ [McAfee]	4
Mal/EncPk-IF, Mal/EncPk-HH [Sophos]	4
Mal/FakeAV-AX [Sophos]	4
Trojan Horse [Symantec]	4
Trojan.FakeAlert [PC Tools]	4
Infostealer.Banker.C [Symantec]	3
Mal/UnkPack-Fam [Sophos]	3
PWS:Win32/Zbot.gen!B [Microsoft]	3
Trojan.Fakeavalert [Symantec]	3
TrojanDownloader:Win32/Renos.FJ [Microsoft]	3
AntiVirus2008 [Symantec]	2
FakeAlert-DX [McAfee]	2
Infostealer [Symantec]	2
Mal/Basine-C [Sophos]	2
Mal/FakeAV-AD [Sophos]	2
Mal/FakeAV-AK, Mal/FakeAV-AD [Sophos]	2
Mal/WaledPak-B [Sophos]	2
PWS:Win32/Zbot.gen!R [Microsoft]	2
PWS:Win32/Zbot.M [Microsoft]	2
PWS:Win32/Zbot.PG [Microsoft]	2
Troj/FakeVir-NP [Sophos]	2
Trojan-Downloader.Win32.FraudLoad.ehv [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.abkf [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.uji [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.vne [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.yiq [Kaspersky Lab]	2
Awola [Symantec]	1
Downloader [Symantec]	1
Dropper/Agent.537911.B [AhnLab]	1
FakeAlert-WinwebSecurity.d [McAfee]	1
Mal/FakeAV-AD, Mal/EncPk-JB [Sophos]	1
Mal/FakeAV-AU [Sophos]	1
Mal/FakeAV-AU, Mal/EncPk-HH [Sophos]	1
Mal/FakeAV-AX, Mal/EncPk-MX [Sophos]	1
Mal/FakeAV-AX, Mal/FakeAV-AD, Mal/FakeAV-AE [Sophos]	1
Mal/FakeAV-AX, Mal/FakeAV-AE, Mal/FakeAV-AD [Sophos]	1
New Win32 [McAfee]	1
not-a-virus:FraudTool.Win32.SystemSecurity.cbc [Kaspersky Lab]	1
not-a-virus:FraudTool.Win32.SystemSecurity.ip [Kaspersky Lab]	1
not-a-virus:FraudTool.Win32.SystemSecurity.nr [Kaspersky Lab]	1
SecurityToolFraud [Symantec]	1
Troj/Ertfor-A [Sophos]	1
Troj/Pushdo-Gen, Mal/EncPk-IF, Mal/EncPk-HH [Sophos]	1
Trojan.FakeAv.ot [PC Tools]	1
Trojan.Win32.Crypt.bdb [Kaspersky Lab]	1
Trojan.Win32.FraudPack.acbl [Kaspersky Lab]	1
Trojan.Win32.FraudPack.mon [Kaspersky Lab]	1
Trojan.Win32.Tdss.aaqv [Kaspersky Lab]	1
Trojan.Win32.Tdss.abph [Kaspersky Lab]	1
Trojan:Win32/FakeRean [Microsoft]	1
Trojan:Win32/Ositki.A [Microsoft]	1
Trojan-Downloader.Win32.Boltolog.efx [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.ejs [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.eju [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.eke [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.epq [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wbwy [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wbyw [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wcch [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wcfd [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wchr [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wchv [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wfaw [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wffm [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wfhf [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wfpz [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wkrc [Kaspersky Lab]	1
Trojan-Downloader.Win32.FraudLoad.wqht [Kaspersky Lab]	1
TrojanDownloader:Win32/Cutwail.gen!B [Microsoft]	1
Trojan-Dropper.Win32.Agent.atmg [Kaspersky Lab]	1
Trojan-Dropper.Win32.FrauDrop.dm [Kaspersky Lab]	1
Trojan-PSW.Banker [PC Tools]	1
Trojan-Spy.Win32.Zbot.uba [Kaspersky Lab]	1
Trojan-Spy.Win32.Zbot.upc [Kaspersky Lab]	1
Trojan-Spy.Win32.Zbot.vxc [Kaspersky Lab]	1
W32.Virut.CF [Symantec]	1
W32/Scribble-B [Sophos]	1
Win-Trojan/Agent.25089.B [AhnLab]	1
Win-Trojan/Ertfor.20480 [AhnLab]	1
Win-Trojan/Fakeav.355901 [AhnLab]	1
Win-Trojan/Fakeav.715305 [AhnLab]	1

Trojan.Win32.Winwebsec [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	36
	Ukraine	5

Trojan.Win32.Winwebsec [Ikarus] is known to be created as:

%AllUsersProfile%\proto.dll

%CommonAppData%\11141094\11141094.exe

%CommonAppData%\12888594\12888594.exe

%CommonAppData%\12893284\12893284.exe

%CommonAppData%\12903284\12903284.exe

%CommonAppData%\12917034\12917034.exe

%CommonAppData%\13090624\13090624.exe

%CommonAppData%\13095004\13095004.exe

%CommonAppData%\13104684\13104684.exe

%CommonAppData%\13106404\13106404.exe

%CommonAppData%\13115934\13115934.exe

%CommonAppData%\13128434\13128434.exe

%CommonAppData%\13132654\13132654.exe

%CommonAppData%\16642814\16642814.exe

%CommonAppData%\56887539\56887539.exe

%CommonAppData%\92903276\92903276.exe

%CommonAppData%\92913276\92913276.exe

%CommonAppData%\92927026\92927026.exe

%ProgramFiles%\adult tube xxx codec\antivirus\setup.exe

%System%\admparsep.exe

%System%\ntos.exe

%System%\reader_s.exe

%System%\sdcvddd.dll

%System%\sdra64.exe

%System%\twext.exe

%System%\yhafd78auhd.dll

%Temp%\090522-1-7.exe

%Temp%\090523-4-10.exe

%Temp%\5_odb.exe

%Temp%\6_ldr.exe

%Temp%\a0olv.exe

%Temp%\a19dli2.exe

%Temp%\a1rge6.exe

%Temp%\a1xgg6n.exe

%Temp%\a26kqd8ja.exe

%Temp%\a2h03rwm.exe

%Temp%\a2sjca.exe

%Temp%\a3ifpfkzv.exe

%Temp%\a3mahork.exe

%Temp%\a3s1pv.exe

%Temp%\a5fp8.exe

%Temp%\a5w5vm.exe

%Temp%\a61w9j.exe

%Temp%\a63z3.exe

%Temp%\a66y8201.exe

%Temp%\a6necxq37q.exe

%Temp%\a7v1d.exe

%Temp%\a8adposj1.exe

%Temp%\a9lkhx.exe

%Temp%\a9xcz6.exe

%Temp%\abjmcuknjv.exe

%Temp%\ac3lu4.exe

%Temp%\adno0pl.exe

%Temp%\afbkdk4k.exe

%Temp%\afiqmz87pn.exe

%Temp%\afr3hbuk.exe

%Temp%\ag2a9.exe

%Temp%\agfxrd.exe

%Temp%\ahvni.exe

%Temp%\aimcmu62gw.exe

%Temp%\aitmil9.exe

%Temp%\ajhfifdfe.exe

%Temp%\ak4s0jc.exe

%Temp%\ak5nr.exe

%Temp%\akasrjewe.exe

%Temp%\am37im.exe

%Temp%\amuxfkx.exe

%Temp%\an7mw.exe

%Temp%\ani86.exe

%Temp%\anmxkzkp3w.exe

%Temp%\ao1dk9.exe

%Temp%\aox82mf.exe

%Temp%\aoz6nl.exe

%Temp%\ap4fk4gtb9.exe

%Temp%\ap6ieflymt.exe

%Temp%\aq723ui3b5.exe

%Temp%\aqm85q4zm.exe

%Temp%\ar1a8.exe

%Temp%\ar8d1.exe

%Temp%\as50tgp33.exe

%Temp%\atar7dk1.exe

%Temp%\atr7b8r3yk.exe

%Temp%\au4wb4sv.exe

%Temp%\au7g2jalf.exe

%Temp%\auh3ow.exe

%Temp%\auwxc.exe

%Temp%\av8t2a.exe

%Temp%\avf33.exe

%Temp%\avkm2bl.exe

%Temp%\avl3u9r.exe

%Temp%\avocrc.exe

%Temp%\avto.exe

%Temp%\aw6ty.exe

%Temp%\axygda88p.exe

%Temp%\ayavphd5.exe

%Temp%\aysi6.exe

%Temp%\aytuxup.exe

%Temp%\azeobg2.exe

%Temp%\b0bno5.exe

%Temp%\b0bq8wqm.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).