Threat Search: 

ThreatExpert's Statistics for Trojan.Win32.Agent2 [Ikarus]:

Trojan.Win32.Agent2 [Ikarus] is also known as:
Threat AliasNumber of Incidents
Trojan:Win32/Tibs.JB [Microsoft]268
Trojan.Win32.Agent2.iaq [Kaspersky Lab]251
Trojan.Agent2!sd6 [PC Tools]227
Troj/PSW-GM [Sophos]193
Troj/FakeAV-PG [Sophos]177
FakeAlert-CC [McAfee]175
Generic Downloader.ab [McAfee]169
Trojan.Win32.Agent2.fvv [Kaspersky Lab]169
Win-Trojan/Agent.172032.DJ [AhnLab]156
Mal/Generic-A [Sophos]151
Trojan Horse [Symantec]124
Infostealer.Gampass [Symantec]114
PWS:Win32/Zosernam.C [Microsoft]79
Generic.dx [McAfee]62
Trojan.Win32.Agent2.hbo [Kaspersky Lab]56
PWS-Mmorpg.gen [McAfee]54
PWS:Win32/Lolyda.AD [Microsoft]49
Trojan-GameThief.Win32.OnLineGames [Ikarus]46
PWS-Gamania.gen.m [McAfee]44
Trojan-Spy.Gampass!sd6 [PC Tools]39
Mal/EncPk-HL, Mal/FakeVirPk-A [Sophos]36
Trojan.Win32.Agent2.hgr [Kaspersky Lab]30
Trojan.KillAV [Symantec]28
Trojan.Win32.Agent2.gxl [Kaspersky Lab]28
Trojan.Win32.Agent2.hfu [Kaspersky Lab]26
TrojanDownloader:Win32/Agent!rts [Microsoft]26
Trojan.Fakeavalert [Symantec]25
Infostealer [Symantec]21
W32.SillyDC [Symantec]21
Win-Trojan/Agent2.3072 [AhnLab]21
Trojan.Win32.Agent2.brl [Kaspersky Lab]20
Generic Dropper.gf [McAfee]19
Trojan.Win32.Agent2.jep [Kaspersky Lab]18
Win-Trojan/Agent2.11264.M [AhnLab]18
Generic PWS.y [McAfee]17
Generic Dropper.cx [McAfee]16
Trojan:Win32/Dogrobot.F [Microsoft]16
Win-Trojan/OnlineGameHack.161776 [AhnLab]16
Trojan.Zlob [Symantec]15
Trojan:Win32/Chepdu.K [Microsoft]15
New Malware.aj [McAfee]14
Mal/Packer [Sophos]13
Mal/UnkPack-Fam [Sophos]13
Packed/Upack [AhnLab]13
TrojanDownloader:Win32/Troxen!rts [Microsoft]13
Win-Trojan/OnlineGameHack.45568.V [AhnLab]13
Trojan.Adclicker [Symantec]12
Trojan.Win32.Agent2.fei [Kaspersky Lab]12
Trojan.Win32.Agent2.gqv [Kaspersky Lab]12
Win-Trojan/Agent2.11264.L [AhnLab]12
Win-Trojan/Agent2.162288.B [AhnLab]12
Mal/EncPk-HJ [Sophos]11
Suspicious.MH690 [Symantec]11
Trojan.Fakeavalert!sd6 [PC Tools]9
Trojan.Generic [PC Tools]9
Trojan.Win32.Agent2.gvb [Kaspersky Lab]9
Trojan.Win32.Agent2.gwl [Kaspersky Lab]9
Virus.Trojan.Win32.Agent2 [Ikarus]9
Downloader.MisleadApp [Symantec]8
Generic PWS.ak [McAfee]8
Trojan.FakeAV [Symantec]8
Trojan.Win32.Agent2.kta [Kaspersky Lab]8
Trojan.Win32.Agent2.dwl [Kaspersky Lab]7
Trojan.Win32.Agent2.hkh [Kaspersky Lab]7
Trojan:Win32/Insebro.C [Microsoft]7
Trojan:Win32/Vundo.BR [Microsoft]7
Win-Trojan/Agent2.11264.Q [AhnLab]7
Win-Trojan/Agent2.28160.AA [AhnLab]7
Win-Trojan/Xema.variant [AhnLab]7
Backdoor.Trojan [Symantec]6
Downloader [Symantec]6
Generic BackDoor.k [McAfee]6
Mal/TibsPk-A, Mal/Packer [Sophos]6
Trojan.Adclicker!sd6 [PC Tools]6
Trojan.Win32.Agent2.dyd [Kaspersky Lab]6
Trojan.Win32.Agent2.gwa [Kaspersky Lab]6
Trojan.Win32.Agent2.gxd [Kaspersky Lab]6
VirTool:Win32/VBInject.gen!S [Microsoft]6
Mal/EncPk-HB [Sophos]5
Trojan.NSAnti [PC Tools]5
Trojan.Packed.NsAnti [Symantec]5
Trojan.Win32.Agent2.duv [Kaspersky Lab]5
Trojan.Win32.Agent2.elg [Kaspersky Lab]5
W32/AutoRun-YG [Sophos]5
Worm:Win32/Taterf.B [Microsoft]5
Worm:Win32/Taterf.gen!A [Microsoft]5
Generic BackDoor [McAfee]4
Mal/Behav-112 [Sophos]4
PWS:Win32/Prast!rts [Microsoft]4
PWS-Mmorpg!bl [McAfee]4
Troj/Mdrop-CDO [Sophos]4
Trojan.Win32.Agent2.atu [Kaspersky Lab]4
Trojan.Win32.Agent2.cglm [Kaspersky Lab]4
Trojan.Win32.Agent2.dhg [Kaspersky Lab]4
Trojan.Win32.Agent2.gor [Kaspersky Lab]4
Trojan.Win32.Agent2.gsr [Kaspersky Lab]4
Trojan.Win32.Agent2.gvh [Kaspersky Lab]4
Trojan.Win32.Agent2.gwz [Kaspersky Lab]4
Trojan.Win32.Agent2.hcj [Kaspersky Lab]4
Trojan.Win32.Agent2.hhw [Kaspersky Lab]4

Trojan.Win32.Agent2 [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
China56
Russian Federation21
Brazil7
Switzerland2
Taiwan2
Ukraine2
Albania1
Canada1
Slovakia1
United Kingdom1

Trojan.Win32.Agent2 [Ikarus] is known to be created as:
%AppData%\csrss.exe
%FontsDir%\comres.dll
%FontsDir%\smss.exe
%Profiles%\localservice\ntload.dll
%ProgramFiles%\antivirusbest\antivirusbest\qwprotect.dll
%ProgramFiles%\common files\mebe800pu2l9y.exe
%ProgramFiles%\getmodule\getmodule33.exe
%ProgramFiles%\h.f. tools\h.f. tools\files\sql.exe
%ProgramFiles%\internet explorer\piplayer.exe
%ProgramFiles%\internet explorer\setupapi.dll
%ProgramFiles%\manson\liser.dll
%ProgramFiles%\microsoft common\svchost.exe
%ProgramFiles%\thunmail\testabd.dll
%ProgramFiles%\thunmail\testabd.exe
%ProgramFiles%\winprinter\winpramer.exe
%Programs%\startup\rncsys32.exe
%Programs%\startup\scandisk.dll
%System%\177453.exe
%System%\179656.exe
%System%\238408756174l.exe
%System%\41.dll
%System%\a2a8c74.dll
%System%\a4a0a70.dll
%System%\digiwet.dll
%System%\drvsvc.exe
%System%\drwatsonu32.exe
%System%\fasadf.dll
%System%\gajai.exe
%System%\kva8wr.exe
%System%\mcenspc.dll
%System%\mi88036.dll
%System%\mshlps.dll
%System%\msr.exe
%System%\mssrv32.exe
%System%\msxslt3.exe
%System%\notepad.dll
%System%\ntos.exe
%System%\reader_s.exe
%System%\rs32net.exe
%System%\runt.dll
%System%\shelldoc.dll
%System%\smss32.exe
%System%\spool\drivers\bwproxyclient.exe
%System%\spool\drivers\systempro.exe
%System%\sysbl.dll
%System%\tcpcon.dll
%System%\umtcdtw.sys
%System%\urretnd.exe
%System%\uweyiwe0.dll
%System%\uweyiwe1.dll
%System%\uweyiwe2.dll
%System%\winlogon32.exe
%System%\winsec.exe
%System%\wmi88036.dll
%System%\wr22181.dll
%System%\wr32803.dll
%System%\wr40249.dll
%System%\wr52664.dll
%System%\wr66858.dll
%System%\wssvc7.dll
%System%\xa309609.exe
%System%\xa309796.exe
%System%\xwr22181.dll
%System%\xwr32803.dll
%System%\xwr40249.dll
%System%\xwr52664.dll
%System%\xwr66858.dll
%System%\xxxrun.dll
%Temp%\1846741.dll
%Temp%\41.dll
%Temp%\cmss.exe
%Temp%\explolar.exe
%Temp%\init.exe
%Temp%\install.exe
%Temp%\instant-access.exe
%Temp%\kafan virlist 2009.03.31\090330-3-5.exe
%Temp%\kafan virlist 20090715\090714-7-6.exe
%Temp%\lpk.dll
%Temp%\messenger\bdsetup.exe
%Temp%\resaenh.exe
%Temp%\rundlll.exe
%Temp%\shell32.dll
%Temp%\windows\system32\reader_s.exe
%Temp%\wuauclt.exe
%Templates%\o75857z\service.exe
%Templates%\o75857z\tuxo75857z.exe
%Templates%\o75857z\winlogon.exe
%UserProfile%\lqiict.exe
%UserProfile%\ntload.dll
%UserProfile%\reader_s.exe
%Windir%\haldll\login.exe
%Windir%\ieocx.dll
%Windir%\ipsetinfo.exe
%Windir%\m47040\emangeloh.exe
%Windir%\m47040\ja167042blay.com
%Windir%\m47040\smss.exe
%Windir%\mctray.exe
%Windir%\phpi.dll
%Windir%\phpq.dll
%Windir%\sa-076400.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
  • %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.