ThreatExpert's Statistics for PE_VIRUT.D [Trend Micro]:

PE_VIRUT.D [Trend Micro] is also known as:

Threat Alias	Number of Incidents
W32/Virut.gen [McAfee]	716
Virus.Win32.Virut.n [Kaspersky Lab]	663
Win32.Virut.Gen [PC Tools]	596
Virus:Win32/Virut.AK [Microsoft]	586
W32.Virut.B [Symantec]	571
W32/Vetor-A [Sophos]	372
W32/Virut-L [Sophos]	225
Virus.Win32.Cheburgen.a [Ikarus]	155
Win32/Virut.D [AhnLab]	146
Win32/Virut.C [AhnLab]	76
Virus.Win32.Virut.d [Kaspersky Lab]	62
Virus.Virut.na [PC Tools]	52
Virus.Win32.Virut.q [Kaspersky Lab]	33
W32.Spybot.Worm [Symantec]	26
Virus.Win32.Cheburgen [Ikarus]	25
W32/Nachi.worm.a [McAfee]	23
Worm.Win32.Nachi [PC Tools]	23
Virus.Win32.Virut.n [Ikarus]	19
Virus.Win32.Virut [Ikarus]	18
Virus.Win32.Virut.q [Ikarus]	17
W32.IRCBot [Symantec]	15
Trojan Horse [Symantec]	11
W32.Linkbot.M [Symantec]	9
Virus.Win32.Virut.bo [Ikarus]	8
Backdoor.Trojan [Symantec]	7
Generic FakeAlert.d [McAfee]	7
Mal/Dorf-A, W32/Vetor-A [Sophos]	7
Win32.Virtob.2 [Ikarus]	7
Backdoor.Win32.Rbot [Ikarus]	6
Net-Worm.Win32.Allaple.a [Ikarus]	6
VirTool.Win32.DelfInject [Ikarus]	6
Virus.Win32.Sality [Ikarus]	6
Backdoor:Win32/Poebot.BA [Microsoft]	5
FakeAlert-AG.gen.c [McAfee]	5
Virus.Win32.Virtob [Ikarus]	5
Win32/IRCBot.worm.variant [AhnLab]	5
Worm.Rbot.MCH [PC Tools]	5
Backdoor.Mytobor.W [PC Tools]	4
Backdoor.Small.VZJ [PC Tools]	4
Backdoor:Win32/Poebot.BG [Microsoft]	4
Backdoor:Win32/Rbot.HB [Microsoft]	4
Downloader-BPL [McAfee]	4
Generic.Sdbot [Ikarus]	4
Net-Worm.Win32.Allaple [Ikarus]	4
Trojan-Dropper.Agent [Ikarus]	4
Trojan-Dropper.Kobcka [Ikarus]	4
Virus.Win32.Virut.a [Ikarus]	4
Virus:Win32/Virut.C [Microsoft]	4
Win32.SuspectCrc [Ikarus]	4
Worm.Poebot.AS [PC Tools]	4
Worm.RBot.DBI [PC Tools]	4
Worm.SdBot.GAP [PC Tools]	4
Backdoor.DsBot.AM [PC Tools]	3
Backdoor.Sdbot [Symantec]	3
Backdoor.VanBot.IK [PC Tools]	3
Backdoor.Win32.IRCBot [Ikarus]	3
Backdoor:Win32/Poebot.AT [Microsoft]	3
Downloader [Symantec]	3
Trojan.Win32.Banker [Ikarus]	3
Trojan.Win32.VB [Ikarus]	3
Trojan-Dropper.Win32.Cutwail.AL [Ikarus]	3
Trojan-Proxy.Win32.Slaper.n [Kaspersky Lab]	3
Trojan-Spy.Win32.Banker.RM [Ikarus]	3
Virus.Win32.Virut.au [Ikarus]	3
W32/Sdbot.worm.gen.q [McAfee]	3
Win32.Cadoiac.A [Ikarus]	3
Win32.Virtob [Ikarus]	3
Worm.PoeBot.P [PC Tools]	3
Worm:Win32/Kulsibot.A [Microsoft]	3
Backdoor.Nepoe.M [PC Tools]	2
Backdoor.Rbot [Ikarus]	2
Backdoor.VanBot.JW [PC Tools]	2
Backdoor.Win32.Nepoe [Ikarus]	2
Backdoor.Win32.Nepoe.em [Kaspersky Lab]	2
Backdoor.Win32.VanBot.cx [Kaspersky Lab]	2
Backdoor:Win32/Poebot.BP [Microsoft]	2
Backdoor:Win32/Rbot [Microsoft]	2
Generic PWS.ak [McAfee]	2
Generic VB.c [McAfee]	2
Mal/Behav-066, Mal/Behav-164, Mal/TibsPak [Sophos]	2
Mal/HckPk-A, W32/Vetor-A [Sophos]	2
Mal/TibsPak, W32/Vetor-A [Sophos]	2
Net-Worm.Win32.Kolabc [Ikarus]	2
Net-Worm.Win32.Welchia.s [Kaspersky Lab]	2
Spammer [Ikarus]	2
Trojan.VB.EHF [PC Tools]	2
Trojan.Win32.Delf.bgp [Kaspersky Lab]	2
Trojan.Win32.Pakes [Ikarus]	2
Trojan-Banker.Win32.Bancos [Ikarus]	2
Trojan-Clicker.Win32.Klik [Ikarus]	2
Trojan-Downloader.Win32.Genome.abou [Kaspersky Lab]	2
Trojan-Downloader.Win32.Suurch.oa [Kaspersky Lab]	2
Trojan-Dropper.Win32.Vaultac [Ikarus]	2
VirTool.Win32.Injector.D [Ikarus]	2
Virus.Win32.Agent.GZY [Ikarus]	2
Virus.Win32.Rootkit [Ikarus]	2
Virus.Win32.Virut.ak [Ikarus]	2
W32.SillyFDC [Symantec]	2
W32/Vetor-D [Sophos]	2
Win32.Expiro.B [PC Tools]	2

PE_VIRUT.D [Trend Micro] has the following possible countries of origin:

Origin		Number of Incidents
	Germany	21
	China	19
	Netherlands	16
	Russian Federation	8
	France	6
	Israel	4
	Italy	4
	Poland	3
	Brazil	2
	Czech Republic	2
	Denmark	2
	Spain	2
	Sweden	2
	Taiwan	2
	Turkey	2
	United Kingdom	2
	Finland	1
	Iran	1
	Japan	1
	Portugal	1

PE_VIRUT.D [Trend Micro] is known to be created as:

%AppData%\hidn\hidn2.exe

%AppData%\hidn\hldrrr.exe

%CommonPrograms%\startup\msconfig.exe

%FontsDir%\fonts.exe

%FontsDir%\tskmgr.exe

%FontsDir%\unwise_.exe

%ProgramFiles%\common files\system\msasp32.exe

%ProgramFiles%\common files\system\msiwa32.exe

%ProgramFiles%\getpack\getpack22.exe

%ProgramFiles%\icheck\icheck.exe

%ProgramFiles%\javacore\javacore.exe

%ProgramFiles%\javacore\uninstall.exe

%ProgramFiles%\nvcoi\nvcoi.exe

%ProgramFiles%\thunmail\testabd.exe

%ProgramFiles%\xpcode\sexgame.exe

%ProgramFiles%\xpcode\sexscreensaver.scr

%Programs%\startup\ctfmon.exe

%System%\3267263.exe

%System%\332.exe

%System%\3361\svchost.exe

%System%\algs.exe

%System%\amvo.exe

%System%\aycxem.exe

%System%\blphc35dj0erc1.scr

%System%\botfile.exe

%System%\bypjfxk32.exe

%System%\csrcs.exe

%System%\csrsc.exe

%System%\dllcache\cvchost.exe

%System%\dllcache\default.exe

%System%\dllcache\global.exe

%System%\dllcache\newhost.exe

%System%\dllcache\prsc32.exe

%System%\dllcache\qsch0st.exe

%System%\dllcache\rndll32.exe

%System%\dllcache\rtsecar.exe

%System%\dllcache\svchost.exe

%System%\dllcache\svqhost.exe

%System%\dllcache\sxch0st.exe

%System%\dllcache\tskmgr.exe

%System%\dllcache\wintcps.exe

%System%\dqrftqpn.exe

%System%\drivers\drivers.cab.exe

%System%\explorer.exe

%System%\fiwv.exe

%System%\fixweb.exe

%System%\hrnokwop.exe

%System%\iexplore.exe

%System%\igfsfdfsd3sda2ss.exe

%System%\igfsfds.exe

%System%\ipodfixer.exe

%System%\jzjthx.exe

%System%\klpglklr.exe

%System%\lcsass.exe

%System%\lphc35dj0erc1.exe

%System%\lqhiz.exe

%System%\lssas.exe

%System%\mldmm.exe

%System%\mmdmm.exe

%System%\mmgamzujp.exe

%System%\mskeyboardrun.exe

%System%\ntos.exe

%System%\opeia.exe

%System%\plms.exe

%System%\rass32.exe

%System%\rciynfz.exe

%System%\reader_s.exe

%System%\regedit.exe

%System%\regkey.exe

%System%\rpcsystem.exe

%System%\rs32net.exe

%System%\saidqad32.exe

%System%\spoolsvc.exe

%System%\sysmgr.exe

%System%\ttlms.exe

%System%\uatbrld32.exe

%System%\upds.exe

%System%\vydyzhf32.exe

%System%\wbem\winscrvs.exe

%System%\winamp.exe

%System%\winiogon.exe

%System%\winnt.exe

%System%\winsec.exe

%System%\wixnmas32.exe

%System%\wkazqbn32.exe

%System%\wmdtc.exe

%System%\wnd32.exe

%System%\wsnpoema.exe

%System%\xjzkpmx32.exe

%System%\xpnkvmh32.exe

%System%\yhjcxfty.exe

%Temp%\svchost.exe

%UserProfile%\lsass.exe

%UserProfile%\reader_s.exe

%UserProfile%\userinit.exe

%Windir%\antiv.exe

%Windir%\avserve2.exe

%Windir%\dhcp\svchost.exe

%Windir%\dnmee33.exe

%Windir%\lsass.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.