Threat Search: 

ThreatExpert's Statistics for Virus.Win32.Poison [Ikarus]:

Virus.Win32.Poison [Ikarus] is also known as:
Threat AliasNumber of Incidents
Backdoor.Win32.Poison.pg [Kaspersky Lab]884
Troj/Keylog-JV [Sophos]871
Win-Trojan/Poison.8192.AF [AhnLab]723
Trojan.DL.CKSPost.Gen [PC Tools]492
Backdoor.Trojan [Symantec]489
BackDoor-DSS.gen.a [McAfee]488
Backdoor:Win32/Poisonivy.E [Microsoft]412
Backdoor.Ciadoor [Symantec]227
Backdoor:Win32/Poisonivy.H [Microsoft]204
BackDoor-DSS [McAfee]153
BackDoor-DKI.gen.a [McAfee]121
Backdoor:Win32/Poison.M [Microsoft]67
BackDoor-DKI.gen.d [McAfee]55
Troj/Poison-AE [Sophos]38
Trojan.DL.Agent.XGB [PC Tools]21
BackDoor-DKI.gen [McAfee]13
Backdoor.Win32.Poison.kmq [Kaspersky Lab]12
Backdoor.Poison!sd6 [PC Tools]11
VirTool:Win32/VBInject.gen!AC [Microsoft]9
BackDoor-DKI.gen.e [McAfee]8
Trojan Horse [Symantec]8
Backdoor.Win32.Agent.gpp [Kaspersky Lab]7
Trojan.Win32.Midgare.ujv [Kaspersky Lab]7
Win-Trojan/Agent.8192.EL [AhnLab]6
Backdoor.Win32.Poison.cpb [Kaspersky Lab]5
Backdoor.Win32.Poison.mim [Kaspersky Lab]5
Infostealer [Symantec]5
Mal/Behav-229 [Sophos]5
Mal/Generic-A [Sophos]5
Trojan.Win32.Inject.si [Kaspersky Lab]5
Win-Trojan/Inject.5436 [AhnLab]5
Backdoor.Graybird [Symantec]4
Backdoor.Win32.Poison.aec [Kaspersky Lab]4
Backdoor.Win32.Poison.grs [Kaspersky Lab]4
Backdoor.Win32.Poison.sps [Kaspersky Lab]4
Backdoor.Win32.Poison.uon [Kaspersky Lab]4
BKDR_POISONIV.DQ [Trend Micro]4
Generic Dropper [McAfee]4
Mal/EncPk-CI [Sophos]4
Mal/EncPk-DV [Sophos]4
Troj/Keylog-KY [Sophos]4
Trojan.PWS.PVStealth.B [PC Tools]4
Trojan.Win32.Inject.kve [Kaspersky Lab]4
Trojan-PSW.Win32.PVStealth.b [Kaspersky Lab]4
Win-Trojan/Agent.8192.MH [AhnLab]4
Win-Trojan/Poison.12288.AG [AhnLab]4
Virus:Win32/Virut.BM [Microsoft]3
Backdoor.Bifrose [Symantec]2
BackDoor-DKI [McAfee]2
Mal/EncPk-GW, Mal/Poison-A, W32/Scribble-B [Sophos]2
PE_SALITY.AE [Trend Micro]2
Troj/Smalla-Gen, Mal/EncPk-CI, Mal/Poison-A [Sophos]2
Virus:Win32/Sality.G [Microsoft]2
W32.HLLP.Sality.O [Symantec]2
W32.Virut.CF [Symantec]2
W32/Sality-AI [Sophos]2
Win32.Sality.L [PC Tools]2
Application.Ardamax_Keylogger [PC Tools]1
Backdoor.Bifrose [PC Tools]1
Backdoor.Win32.Bifrose.ahlf [Kaspersky Lab]1
Backdoor.Win32.Poison.acxp [Kaspersky Lab]1
Backdoor.Win32.Poison.aet [Kaspersky Lab]1
Backdoor.Win32.Poison.bfuf [Kaspersky Lab]1
Backdoor.Win32.Poison.jha [Kaspersky Lab]1
Backdoor.Win32.Poison.nax [Kaspersky Lab]1
Backdoor.Win32.Poison.vfo [Kaspersky Lab]1
Backdoor.Win32.Poison.vuk [Kaspersky Lab]1
Backdoor:Win32/Trenk!rts [Microsoft]1
BackDoor-CEP [McAfee]1
BackDoor-CEP.svr [McAfee]1
Backdoor-DZP [McAfee]1
Generic BackDoor [McAfee]1
Mal/EncPk-GW, Mal/EncPk-CI [Sophos]1
Mal/Packer [Sophos]1
Mal/Poison-A [Sophos]1
PE_VIRUT.XK [Trend Micro]1
PE_VIRUX.F-2 [Trend Micro]1
Troj/Inject-HU [Sophos]1
Troj/Smalla-Gen, Mal/EncPk-GW, Mal/EncPk-CI, Mal/Poison-A [Sophos]1
TROJ_VB.DCB [Trend Micro]1
Trojan.Agent2!sd6 [PC Tools]1
Trojan.CL.Small.HN [PC Tools]1
Trojan.Midgare!sd6 [PC Tools]1
Trojan.Win32.Agent2.cqe [Kaspersky Lab]1
Trojan-Downloader.Win32.Small.hyu [Kaspersky Lab]1
Trojan-Dropper.Win32.VB.hze [Kaspersky Lab]1
Trojan-Dropper.Win32.VB.oz [Kaspersky Lab]1
Virus.Win32.Poison.DE [Ikarus]1
Virus.Win32.Sality.l [Kaspersky Lab]1
Virus.Win32.Sality.z [Kaspersky Lab]1
Virus.Win32.Virut.n [Kaspersky Lab]1
Virus:Win32/Virut.AN [Microsoft]1
W32.Spybot.Worm [Symantec]1
W32.Virut.R [Symantec]1
W32/Sality.n [McAfee]1
W32/Vetor-A [Sophos]1
Win32.Sality.AM.Gen [PC Tools]1
Win32/IRCBot.worm.variant [AhnLab]1
Win32/Virut.E [AhnLab]1
Win32/Virut.F [AhnLab]1

Virus.Win32.Poison [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
Spain8
Saudi Arabia7
France5
Russian Federation4
China1
Morocco1
Sweden1

Virus.Win32.Poison [Ikarus] is known to be created as:
%AppData%\80.exe.exe
%InternetCache%\1.exe
%LocalSettings%\temptmp.exe
%Profiles%\an\desktop\update.exe
%ProgramFiles%\haxy\haxy\server_pi.exe
%ProgramFiles%\hellz\server.exe
%ProgramFiles%\server.exe
%ProgramFiles%\sssssssssssss.exe
%System%\3b.exe
%System%\444.exe
%System%\aa.exe
%System%\abodes.exe
%System%\av.exe
%System%\avp.exe
%System%\crs.exe
%System%\dsdsd.exe
%System%\explorer.exe
%System%\fail.exe
%System%\fg.exe
%System%\iexplorer.exe
%System%\interxpoler.exe
%System%\j2.exe
%System%\jx2.exe
%System%\khalmnpr.exe
%System%\ki.exe
%System%\kinder.exe
%System%\kkookkaa.exe
%System%\massenger.exe
%System%\mcs.exe
%System%\mesenger.exe
%System%\messenger.exe
%System%\mm.exe
%System%\msmsgs.exe
%System%\msn.exe
%System%\msn.s.exe
%System%\msncofig.exe
%System%\msnmsgr.exe
%System%\msnsys32.exe
%System%\netserv.exe
%System%\new.exe
%System%\nm.exe
%System%\photo.exe
%System%\pi_server.exe
%System%\realplayerr.exe
%System%\regedis.com
%System%\root.exe
%System%\rset542115.exe
%System%\rst.exe
%System%\rundl32.exe
%System%\samp-server.exe
%System%\server.exe
%System%\server_poison.exe
%System%\setub.exe
%System%\ss.exe
%System%\stup.exe
%System%\svchot.exe
%System%\svhost.exe
%System%\swisit.exe
%System%\syshost.exe
%System%\system.exe
%System%\system32.exe
%System%\system32.scr
%System%\test.exe
%System%\toni.exe
%System%\untitled-2.exe
%System%\update321.exe
%System%\win.exe
%System%\windl32.exe
%System%\windows.exe
%System%\winn-.exe
%System%\winn.scr
%System%\winsys.exe
%System%\winupd.exe
%System%\xx.exe
%System%\zaki.exe
%System%\zero.exe
%Temp%\-.exe
%Temp%\0.exe
%Temp%\00000.exe
%Temp%\2.exe
%Temp%\34500.exe
%Temp%\80.exe
%Temp%\ccsetup212.exe
%Temp%\decrypted.exe
%Temp%\f.exe
%Temp%\firefox.exe
%Temp%\gdfgd.exe
%Temp%\gmn7ej.exe
%Temp%\ifekrubqxk.exe
%Temp%\iricuc.exe
%Temp%\ixp000.tmp\231.exe
%Temp%\ixp000.tmp\33.exe
%Temp%\ixp000.tmp\58.exe
%Temp%\ixp000.tmp\bats.exe
%Temp%\ixp000.tmp\explorer.exe
%Temp%\ixp000.tmp\jh.exe
%Temp%\ixp000.tmp\kk.exe
%Temp%\ixp000.tmp\nour.exe
%Temp%\ixp000.tmp\ragaa.exe
%Temp%\ixp000.tmp\rotq8.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).