Trojan.Win32.Agent2.dtb or Agent.dtb is a trojan which attempts to call Premium Rate numbers.


Once launched, it will extract code from Trojan.Win32.Dialer.tvx into its own process. It will then do the following:

  1. Gain access to Modem connections
  2. Retrieve premium rate numbers from: http://91.***.118.***/Dialer_Min/number.asp.
  3. Retrieved information is deposited into %WinDir%\number.txt

It will then attempt to call these numbers to allow excessive charges to be supplied to the user.


  1. Terminate the process via Task Manager
  2. Delete the original file.
  3. Clear Temporary Internet Files, cache and cookies.
  4. Scan with an antivirus solution


Securelist (Kaspersky Labs), Troan.Win32.Agent2.dtb

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.