Threat Search: 

ThreatExpert's Statistics for Virus.Win32.Trojan [Ikarus]:

Virus.Win32.Trojan [Ikarus] is also known as:
Threat AliasNumber of Incidents
Hacktool.Rootkit [Symantec]1,473
Troj/Rootkit-ES [Sophos]1,443
Hacktool.Rootkit!sd6 [PC Tools]1,429
Generic Rootkit.d [McAfee]1,221
Generic.dx [McAfee]724
Trojan Horse [Symantec]694
Win-Trojan/Rootkit.39936.C [AhnLab]555
Adware:Win32/BHO.B [Microsoft]444
Mal/Generic-A [Sophos]277
not-a-virus:PSWTool.Win32.FirePass.af [Kaspersky Lab]273
PSWTool.FirePass!sd6 [PC Tools]247
Generic PWS.y [McAfee]246
Hacktool [Symantec]235
Win-Trojan/Xema.variant [AhnLab]196
Backdoor.Trojan [Symantec]193
Adware-BDSearch.dll [McAfee]192
Adware.Savenow [Symantec]156
Adware:Win32/WhenU.A [Microsoft]156
Adware-SaveNow [McAfee]156
BrowserModifier:Win32/CNNIC [Microsoft]121
PWS-Lineage [McAfee]113
New Malware.aq [McAfee]110
Mal/Packer [Sophos]90
Troj/Agent-JCU [Sophos]90
Win-Trojan/ARPSpoofer.92719 [AhnLab]90
Mal/Behav-010 [Sophos]76
Mal/Behav-010, Mal/Behav-027 [Sophos]63
Trojan-Spy.Lineage!sd5 [PC Tools]56
FakeAlert-AR [McAfee]53
not-a-virus:FraudTool.Win32.WinAntiVirus.bp [Kaspersky Lab]53
Troj/FakeAle-FJ [Sophos]53
Infostealer [Symantec]43
PWS-Mmorpg.gen [McAfee]42
Downloader [Symantec]40
Suspicious.MH690 [Symantec]40
Adware.ISMonitor!sd6 [PC Tools]36
Infostealer.Gampass [Symantec]35
Mal/EncPk-GF [Sophos]33
Trojan-Dropper.Agent [Ikarus]33
Generic Downloader.x [McAfee]30
Trojan.Generic [PC Tools]30
Infostealer.Lineage [Symantec]28
Packed/Upack [AhnLab]28
TSPY_LINEAGE.JO [Trend Micro]28
TrojanDropper:Win32/Kolosha.A [Microsoft]25
Win-Trojan/Peed.73728.I [AhnLab]25
Worm.Win32.AutoRun.fqw [Kaspersky Lab]25
Adware.SaveNow!sd6 [PC Tools]24
Mal/TibsPk-A [Sophos]23
Trojan:Win32/Meredrop [Microsoft]21
Generic.dv [McAfee]20
Mal/Behav-027, Mal/Behav-010 [Sophos]18
Trojan.Win32.Pakes.lly [Kaspersky Lab]17
Adware.IEHost [Symantec]16
Trojan.KillFiles!sd6 [PC Tools]16
Trojan.Win32.KillFiles.aee [Kaspersky Lab]16
W32.IRCBot [Symantec]16
W32/Sdbot.worm [McAfee]16
Win-Trojan/Vundo.41024.B [AhnLab]16
BrowserModifier:Win32/CNNIC.DLL [Microsoft]13
FirePass [Symantec]13
Mal/FakeVirPk-A [Sophos]13
not-a-virus:PSWTool.Win32.FirePass [Ikarus]13
PWSTool.generic!ct [PC Tools]13
Trojan.Win32.Agent.amhc [Kaspersky Lab]12
Trojan.Win32.KillFiles [Ikarus]12
Trojan-Downloader.Win32.Agent.aaju [Kaspersky Lab]12
Generic PUP.x [McAfee]11
Trojan.Win32.Genome.dzkq [Kaspersky Lab]11
Adware.ISMonitor [Symantec]10
Generic Dropper [McAfee]10
New Malware.aj [McAfee]10
Trojan.Vundo [Symantec]10
Trojan.Win32.SmallGame.a [Kaspersky Lab]10
Trojan-Spy.Gampass!sd6 [PC Tools]10
Win32/IRCBot.worm.variant [AhnLab]10
Adware-BDSearch.sys [McAfee]9
Application.Real_Spy_Monitor-Keylogger [PC Tools]9
Backdoor.Graybird [Symantec]9
Backdoor.IRCBot!sd6 [PC Tools]9
Generic Proxy [McAfee]9
Infostealer.Lemir.Gen [Symantec]9
Mal/Behav-150 [Sophos]9
Mal/PWS-Fam [Sophos]9
MonitoringTool:Win32/RealSpyMonitor [Microsoft]9
Spyware.RealSpy [Symantec]9
Spyware-RealSpy [McAfee]9
TROJ_ZLOB.ANT [Trend Micro]9
Trojan:Win32/Bumat!rts [Microsoft]9
Trojan-Proxy.Win32.Agent.bkv [Kaspersky Lab]9
Win-Trojan/Koobface.14848 [AhnLab]9
Adware.IEHost [PC Tools]8
Backdoor.Agent.AEKX [PC Tools]8
Demo-LeakTest [McAfee]8
not-a-virus:Server-Proxy.Win32.3proxy.af [Kaspersky Lab]8
Troj/MDrop-BVU [Sophos]8
Troj/PWS-BDA [Sophos]8
Trojan.Fakeavalert [Symantec]8
Worm.AutoRun.WHY [PC Tools]8
Mal/Emogen-H [Sophos]7

Virus.Win32.Trojan [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
China126
Russian Federation97
Germany45
United Kingdom42
France24
Republic of Korea17
Brazil12
Netherlands12
Taiwan10
Japan8
Italy7
Poland6
Sweden6
Australia4
Peru4
Spain3
United Arab Emirates3
Croatia2
Syria2
Turkey2
Belgium1
Canada1
Finland1
Greece1
Iran1
Israel1
Macau1
Portugal1
Romania1
Slovakia1
Slovenia1
South Africa1
Ukraine1

Virus.Win32.Trojan [Ikarus] is known to be created as:
%AllUsersProfile%\drm\drm.exe
%AppData%\cogad\cogad.exe
%AppData%\faststart.exe
%AppData%\fullversion.exe
%AppData%\menu.exe
%CommonAppData%\microsoft\bits.dll
%CommonAppData%\microsoft\crypto\crypto.exe
%CommonAppData%\microsoft\crypto\dss\dss.exe
%CommonAppData%\microsoft\crypto\dss\machinekeys\machinekeys.exe
%CommonAppData%\microsoft\crypto\rsa\machinekeys\machinekeys.exe
%CommonAppData%\microsoft\crypto\rsa\rsa.exe
%CommonAppData%\microsoft\crypto\rsa\s-1-5-18\s-1-5-18.exe
%CommonAppData%\microsoft\microsoft.exe
%CommonAppData%\microsoft\network\connections\cm\cm.exe
%CommonAppData%\microsoft\network\connections\connections.exe
%CommonAppData%\microsoft\network\connections\pbk\pbk.exe
%CommonAppData%\microsoft\network\network.exe
%CommonDesktopDir%\desktop.exe
%CommonDocuments%\documents.exe
%CommonFavorites%\favorites.exe
%CommonPrograms%\accessories\accessibility\accessibility.exe
%CommonPrograms%\accessories\accessories.exe
%CommonPrograms%\accessories\communications\communications.exe
%CommonPrograms%\accessories\entertainment\entertainment.exe
%CommonPrograms%\programs.exe
%CommonPrograms%\startup\msnmsgr.exe
%CommonPrograms%\startup\startup.exe
%CommonTemplates%\templates.exe
%FontsDir%\360eaec0.exe
%Profiles%\default user\application data\microsoft\microsoft.exe
%Profiles%\default user\desktop\desktop.exe
%Profiles%\default user\favorites\favorites.exe
%Profiles%\default user\local settings\history\history.exe
%Profiles%\default user\local settings\temp\temp.exe
%Profiles%\default user\nethood\nethood.exe
%Profiles%\default user\printhood\printhood.exe
%Profiles%\default user\recent\recent.exe
%Profiles%\default user\sendto\sendto.exe
%Profiles%\default user\start menu\programs\programs.exe
%Profiles%\default user\start menu\programs\startup\startup.exe
%Profiles%\default user\templates\templates.exe
%Profiles%\localservice\application data\microsoft\microsoft.exe
%Profiles%\localservice\local settings\history\history.exe
%Profiles%\localservice\local settings\temp\temp.exe
%Profiles%\localservice\localservice.exe
%ProgramFiles%\adssite advanced toolbar\toolbar.dll
%ProgramFiles%\alertspy\spywares\browser hijack\helper.dll
%ProgramFiles%\ares lite edition\areslite.exe
%ProgramFiles%\bifrost\ver.exe
%ProgramFiles%\bittorrent\uninst.exe
%ProgramFiles%\book\book.exe
%ProgramFiles%\cheat engine\systemcallsignal.exe
%ProgramFiles%\cnnic\cdn\cdnaux.dll
%ProgramFiles%\cnnic\cdn\cdnctr.exe
%ProgramFiles%\cnnic\cdn\cdndet.dll
%ProgramFiles%\cnnic\cdn\cdnforie.dll
%ProgramFiles%\cnnic\cdn\cdnglo.dll
%ProgramFiles%\cnnic\cdn\cdniehlp.dll
%ProgramFiles%\cnnic\cdn\cdnprh.dll
%ProgramFiles%\cnnic\cdn\cdnspie.dll
%ProgramFiles%\cnnic\cdn\cdntdns.dll
%ProgramFiles%\cnnic\cdn\imaconv.dll
%ProgramFiles%\cnnic\cdn\imaoe.dll
%ProgramFiles%\cnnic\cdn\imaol.dll
%ProgramFiles%\cnnic\cdn\update\imaoe.dll
%ProgramFiles%\content cleaner\ccleaner.dll
%ProgramFiles%\content cleaner\contentcleaner.exe
%ProgramFiles%\content cleaner\regalert.exe
%ProgramFiles%\dvd2one\asload.exe
%ProgramFiles%\elfbot ng\navserv.exe
%ProgramFiles%\game xp\gamexp.exe
%ProgramFiles%\gsmd\combine.exe
%ProgramFiles%\id security suite\idsecuritysuiteupdater.exe
%ProgramFiles%\internet explorer\keygen.exe
%ProgramFiles%\internet explorer\keyviewer.exe
%ProgramFiles%\internet explorer\setupapi.dll
%ProgramFiles%\ism\ism.exe
%ProgramFiles%\jsywg\jsy.exe
%ProgramFiles%\jsywg\wgshell.dll
%ProgramFiles%\kcpoint\controlkcpoint.exe
%ProgramFiles%\messengerdiscovery\loader.exe
%ProgramFiles%\microsoft common\svchost.exe
%ProgramFiles%\microsoft common\wuauclt.exe
%ProgramFiles%\microsoft office\readbook.exe
%ProgramFiles%\mpsoft\charge\client\mpcad.dll
%ProgramFiles%\msnmonitor\msnmonitor.exe
%ProgramFiles%\mynetprotector\mynetprotector.exe
%ProgramFiles%\p4p\p2psvr.exe
%ProgramFiles%\pchealthcenter\0.exe
%ProgramFiles%\pfconfig\pfconfig.exe
%ProgramFiles%\psmkorea\antikeylogger\psmantispy.exe
%ProgramFiles%\qdrdrive\qdrloader.exe
%ProgramFiles%\real spy monitor\getyahoo.dll
%ProgramFiles%\rhc75dj0erc1\rhc75dj0erc1.exe
%ProgramFiles%\riptide\update.exe
%ProgramFiles%\save\saveuninst.exe
%ProgramFiles%\searchpot\searchpot.exe
%ProgramFiles%\speederxp\cooper.dll
%ProgramFiles%\spy sniper\liveupdate.exe
%ProgramFiles%\spy sniper\shields.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
  • %CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %CommonTemplates% is a variable that refers to the file system directory that contains the templates that are available to all users. A typical path is C:\Documents and Settings\All Users\Templates (Windows NT/2000/XP).
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.