ThreatExpert's Statistics for Mal/VB-AD [Sophos]:

Mal/VB-AD [Sophos] is also known as:

Threat Alias	Number of Incidents
VirTool:Win32/VBInject.gen!BG [Microsoft]	26
VirTool:Win32/VBInject.gen!BF [Microsoft]	20
VirTool:Win32/VBInject.gen!AV [Microsoft]	18
VirTool:Win32/VBInject.AQ [Microsoft]	14
W32.Ackantta.F@mm [Symantec]	11
W32/Xirtem@MM [McAfee]	11
Backdoor.Win32.VB [Ikarus]	9
Win-Trojan/VBInject.258088 [AhnLab]	9
Win-Trojan/Xema.variant [AhnLab]	8
Backdoor.Rbot [Ikarus]	6
Win32/IRCBot.worm.variant [AhnLab]	6
Backdoor.Win32.Bifrose.bovq [Kaspersky Lab]	5
Infostealer [Symantec]	5
Trojan Horse [Symantec]	5
Trojan.Dropper [Symantec]	5
Trojan.Win32.Buzus.cslc [Kaspersky Lab]	5
VirTool.Win32.VBInject [Ikarus]	5
Generic.dx!bge [McAfee]	4
Generic.dx!su [McAfee]	4
Trojan.Win32.Buzus.byio [Kaspersky Lab]	4
Trojan.Win32.Buzus [Ikarus]	3
Trojan-Spy.Win32.Zbot.rqq [Kaspersky Lab]	3
VirTool:Win32/VBInject.BI [Microsoft]	3
Backdoor.Win32.Bifrose [Ikarus]	2
Backdoor.Win32.Rbot.kqk [Kaspersky Lab]	2
Generic VB.b [McAfee]	2
Generic.dx!bxj [McAfee]	2
Trojan.Dropper [PC Tools]	2
Trojan.Win32.Buzus.byod [Kaspersky Lab]	2
Trojan.Win32.Buzus.bzqa [Kaspersky Lab]	2
Trojan.Win32.VB.shg [Kaspersky Lab]	2
Win-Trojan/Buzus.180261 [AhnLab]	2
Backdoor.Sdbot [PC Tools]	1
Backdoor.Sdbot [Symantec]	1
Backdoor.VB.iqo [PC Tools]	1
Backdoor.Win32.SdBot.lxv [Kaspersky Lab]	1
Backdoor.Win32.VB.iqo [Kaspersky Lab]	1
Backdoor.Win32.VB.ivm [Kaspersky Lab]	1
Constructor.Win32.Binder.kh [Ikarus]	1
Downloader.MisleadApp [Symantec]	1
Dropper/Xema.356352.G [AhnLab]	1
Generic Dropper!cf [McAfee]	1
Generic.dx!bvk [McAfee]	1
Generic.dx!czy [McAfee]	1
Generic.dx!dnh [McAfee]	1
Generic.dx!elq [McAfee]	1
Generic.dx!fdy [McAfee]	1
Generic.dx!fwj [McAfee]	1
Generic.dx!ig [McAfee]	1
Generic.dx!jgi [McAfee]	1
Generic.dx!rk [McAfee]	1
Generic.dx!tk [McAfee]	1
Generic.dx!wi [McAfee]	1
Generic.dx!yv [McAfee]	1
Infostealer.Banker.C [Symantec]	1
Net-Worm.Win32.Kolab.dyo [Kaspersky Lab]	1
Trojan.Generic [PC Tools]	1
Trojan.Qhosts [Symantec]	1
Trojan.Win32.Agent.ccxl [Kaspersky Lab]	1
Trojan.Win32.Agent.cgqt [Kaspersky Lab]	1
Trojan.Win32.Agent.cnbc [Kaspersky Lab]	1
Trojan.Win32.Buzus.byin [Kaspersky Lab]	1
Trojan.Win32.Buzus.byqm [Kaspersky Lab]	1
Trojan.Win32.Buzus.bzvb [Kaspersky Lab]	1
Trojan.Win32.Buzus.cbgc [Kaspersky Lab]	1
Trojan.Win32.Buzus.cpxw [Kaspersky Lab]	1
Trojan.Win32.Buzus.cszw [Kaspersky Lab]	1
Trojan.Win32.Inject.aeso [Kaspersky Lab]	1
Trojan.Win32.Inject.aetb [Kaspersky Lab]	1
Trojan.Win32.VB [Ikarus]	1
Trojan.Win32.VB.qmb [Kaspersky Lab]	1
Trojan.Win32.VB.rso [Kaspersky Lab]	1
Trojan.Win32.VB.rxm [Kaspersky Lab]	1
Trojan.Win32.VB.rzz [Kaspersky Lab]	1
Trojan.Win32.VB.sja [Kaspersky Lab]	1
Trojan:Win32/Ircbrute [Microsoft]	1
Trojan:Win32/Meredrop [Microsoft]	1
Trojan-Dropper [Ikarus]	1
Trojan-Dropper.Win32.VB.msc [Kaspersky Lab]	1
W32.Ackantta.C@mm [Symantec]	1
W32.IRCBot [Symantec]	1
W32/Autorun.worm!cb [McAfee]	1
W32/Autorun.worm.fx [McAfee]	1
W32/Palack.worm [McAfee]	1
W32/Sdbot.worm!be [McAfee]	1
W32/Sdbot.worm!bn [McAfee]	1
Win32/Carrier.worm.221184.E [AhnLab]	1
Win-Trojan/Agent.45990 [AhnLab]	1
Win-Trojan/Agent.90154 [AhnLab]	1
Win-Trojan/Agent.90156 [AhnLab]	1
Win-Trojan/VBInject.544808 [AhnLab]	1
Worm.Win32.AutoRun.apuj [Kaspersky Lab]	1
Worm.Win32.AutoRun.grh [Kaspersky Lab]	1
Worm.Win32.Bybz [Ikarus]	1
Worm.Win32.Bybz.yp [Kaspersky Lab]	1
Worm.Win32.Carrier.kk [Kaspersky Lab]	1

Mal/VB-AD [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Taiwan	6
	United Kingdom	3
	Spain	2
	Belgium	1
	France	1
	Sweden	1

Mal/VB-AD [Sophos] is known to be created as:

%AppData%\microsoft\svchost.exe

%ProgramFiles%\microsoft\svchost.exe

%System%\cssrss.exe

%System%\dllmgr.exe

%System%\java13.exe

%System%\java2.exe

%System%\javactln.exe

%System%\jushed.exe

%System%\jushid.exe

%System%\svchst.exe

%Temp%\box_ktr_v2.5a.exe

%Temp%\eraseme_15432.exe

%Temp%\eraseme_23583.exe

%Temp%\fizezilla.exe

%Temp%\ice\fire\traymgr.exe

%Temp%\keygen..exe

%Temp%\keygen.exe

%Temp%\nerostartsmart.exe

%Temp%\patch.exe

%Temp%\ssxo.exe

%Temp%\svchst.exe

%Temp%\wmplayer.exe

%Windir%\config\csrss.exe

%Windir%\csrss.exe

%Windir%\cursors\lsass.exe

%Windir%\jvm.exe

%Windir%\pi.exe

%Windir%\service.exe

%Windir%\sysguard.exe

%Windir%\system.exe

%Windir%\traymanager.exe

c:\driver\files\drago.exe

c:\driver\files\dt.exe

c:\files\removed\best.exe

c:\recycler\k-1-3542-4232123213-7676767-8888886\hn.exe

c:\restore\k-1-3542-4232123213-7676767-8888886\ogard.exe

c:\system\files\army.exe

c:\thun\f\thund.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.