ThreatExpert's Statistics for Generic VB.z [McAfee]:

Generic VB.z [McAfee] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	32
Trojan.Generic [PC Tools]	25
VirTool:Win32/Vbinder.gen!GL [Microsoft]	21
Mal/Generic-A [Sophos]	15
VirTool:Win32/VBInject.gen!CN [Microsoft]	12
Win-Trojan/Xema.variant [AhnLab]	9
Mal/VBInject-D [Sophos]	8
Packed.Generic.266 [Symantec]	8
Trojan-Dropper.Agent [Ikarus]	7
VirTool.Win32.Vbinder [Ikarus]	7
HeurEngine.MaliciousPacker [PC Tools]	6
Mal/VB-AF [Sophos]	6
Trojan-Downloader.Win32.Agent.bdui [Kaspersky Lab]	6
Trojan-Spy.Win32.Zbot.acwk [Kaspersky Lab]	6
VirTool:Win32/VBInject.DD [Microsoft]	6
Troj/IMPWS-Gen [Sophos]	5
TrojanDropper:Win32/Gontu.B [Microsoft]	5
TrojanSpy:Win32/Vwealer.H [Microsoft]	5
Backdoor.Win32.Poison.banr [Kaspersky Lab]	4
Gen.Trojan [Ikarus]	4
Mal/Behav-229 [Sophos]	4
Trojan.Win32.KillAV.ddi [Kaspersky Lab]	4
TrojanDownloader:Win32/Troxen!rts [Microsoft]	4
Win-Trojan/Agent.12288.MU [AhnLab]	4
Win-Trojan/Agent.294912.BM [AhnLab]	4
Backdoor:Win32/Bifrose.HO [Microsoft]	3
Mal/VB-Gen [Sophos]	3
Trojan.Startpage [Symantec]	3
Trojan.Win32.Midgare.ahuf [Kaspersky Lab]	3
Trojan-PSW.Win32.Agent.oht [Kaspersky Lab]	3
Downloader [Symantec]	2
Mal/Emogen-H [Sophos]	2
Mal/Generic-E [Sophos]	2
Mal/VBInject-D, Mal/Inject-S [Sophos]	2
PWS:Win32/Zbot [Microsoft]	2
Trojan.Win32.Buzus [Ikarus]	2
Trojan.Win32.Buzus.cpwf [Kaspersky Lab]	2
Trojan.Win32.Buzus.crok [Kaspersky Lab]	2
Trojan.Win32.Buzus.cryx [Kaspersky Lab]	2
Trojan.Win32.Kreeper.ccq [Kaspersky Lab]	2
TrojanDownloader:Win32/VB [Microsoft]	2
Trojan-Dropper.Win32.Gontu [Ikarus]	2
W32/SillyFDC-EH [Sophos]	2
Adware.StartPage [PC Tools]	1
Adware.StartPage [Symantec]	1
Backdoor.Bifrose [Symantec]	1
Backdoor.Bifrose!sd6 [PC Tools]	1
Backdoor.Graybird [PC Tools]	1
Backdoor.Graybird [Symantec]	1
Backdoor.Trojan [PC Tools]	1
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Bifrose.cbzw [Kaspersky Lab]	1
Backdoor.Win32.Poison.ytq [Kaspersky Lab]	1
Backdoor.Win32.Prorat [Ikarus]	1
Dropper/Agent.217088.F [AhnLab]	1
Dropper/Agent.77824.AJ [AhnLab]	1
Dropper/Agent.86016.DQ [AhnLab]	1
Hacktool [Symantec]	1
Hacktool.Generic [PC Tools]	1
Infostealer [Symantec]	1
Mal/Behav-103 [Sophos]	1
Mal/Emogen-H, Mal/Emogen-F [Sophos]	1
Mal/EncPk-MV [Sophos]	1
Mal/Generic-A, Mal/Emogen-H, Mal/Emogen-F [Sophos]	1
Mal/Inject-Gen [Sophos]	1
Mal/Inject-H [Sophos]	1
Mal/VB-AB [Sophos]	1
Mal/VBDrop-G [Sophos]	1
Mal/VBDrop-I, Mal/VBInject-D [Sophos]	1
Mal/VB-Z [Sophos]	1
Net-Worm.Win32.Kolab.fil [Kaspersky Lab]	1
PWS:Win32/Ultisteal.A [Microsoft]	1
Suspicious.MH690 [Symantec]	1
Troj/VBInject-Q [Sophos]	1
Trojan.KillAV!sd6 [PC Tools]	1
Trojan.Win32.Agent.clfu [Kaspersky Lab]	1
Trojan.Win32.Agent2.gyd [Kaspersky Lab]	1
Trojan.Win32.Buzus.ckoe [Kaspersky Lab]	1
Trojan.Win32.Buzus.cmtq [Kaspersky Lab]	1
Trojan.Win32.Buzus.cnbl [Kaspersky Lab]	1
Trojan.Win32.Buzus.cpej [Kaspersky Lab]	1
Trojan.Win32.Buzus.cpkz [Kaspersky Lab]	1
Trojan.Win32.Buzus.crqu [Kaspersky Lab]	1
Trojan.Win32.Kreeper.cu [Kaspersky Lab]	1
Trojan.Win32.Kreeper.tv [Kaspersky Lab]	1
Trojan.Win32.Midgare.ahuk [Kaspersky Lab]	1
Trojan.Win32.Refroso.uzl [Kaspersky Lab]	1
Trojan.Win32.Refroso.ypl [Kaspersky Lab]	1
Trojan.Win32.VB [Ikarus]	1
Trojan.Win32.VB.qcs [Kaspersky Lab]	1
Trojan.Win32.VB.sqy [Kaspersky Lab]	1
Trojan.Win32.VB.stj [Kaspersky Lab]	1
Trojan:Win32/Malat [Microsoft]	1
Trojan:Win32/Provis!rts [Microsoft]	1
Trojan:Win32/Sisrop!rts [Microsoft]	1
Trojan:Win32/VB [Microsoft]	1
Trojan:Win32/VB.QI [Microsoft]	1
Trojan:Win32/VB.VU [Microsoft]	1
Trojan-Downloader.Agent.BDUI [PC Tools]	1
Trojan-Downloader.Win32.Banload [Ikarus]	1

Generic VB.z [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	7
	Spain	7
	Germany	4
	Turkey	4
	Israel	3
	Saudi Arabia	1

Generic VB.z [McAfee] is known to be created as:

%AppData%\ff2.exe

%AppData%\microsoft\svchost.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\microsoft common\svchost.exe

%System%\99670.exe

%System%\bifrost\server.exe

%System%\dbohost32.exe

%System%\dbtext98.exe

%System%\modcli.exe

%System%\sdra64.exe

%System%\soundpc32.exe

%System%\system\server.exe

%System%\system32\server.exe

%System%\taskmrg.exe

%Temp%\criptor.exe

%Temp%\custom.exe

%Temp%\ixp000.tmp\svchost.exe

%Temp%\server.exe

%Temp%\setup.exe

%Temp%\temp2.exe

%Temp%\tempalbert\crypt3r.exe

%Temp%\xo2.exe

%Windir%\captiimag2.exe

%Windir%\cursors\qq1ive.exe

%Windir%\cursors\qql1ve.exe

%Windir%\einudpmgr.exe

%Windir%\inf\rundllqq32.exe

%Windir%\ld15.exe

%Windir%\system\lhp95.exe

%Windir%\taskmgr\taskmgr.exe

c:\criptor.exe

c:\private.exe

c:\restore\k-1-3542-4232123213-7676767-8888886\blue.exe

c:\windowswapbits\googletool.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.