ThreatExpert's Statistics for PE_VIRUT.GEN-2 [Trend Micro]:

PE_VIRUT.GEN-2 [Trend Micro] is also known as:

Threat Alias	Number of Incidents
W32/Virut.gen [McAfee]	1,378
Bloodhound.Unknown [Symantec]	1,030
Virus.Win32.Virut.q [Kaspersky Lab]	665
Win32.Virut.Gen [PC Tools]	595
Virus.Win32.Virut.n [Kaspersky Lab]	456
Win32.Virut.Gen.5 [PC Tools]	205
Win32.Virut.I.Gen [PC Tools]	183
Win32.Virut.G [PC Tools]	158
Win32.Virut.J.Gen [PC Tools]	124
Virus.Win32.Virut.p [Kaspersky Lab]	93
Virus.Win32.Virut.d [Kaspersky Lab]	63
Virus.Win32.Virut.o [Kaspersky Lab]	25
W32.SillyFDC [Symantec]	20
W32.Spybot.Worm [Symantec]	15
Win32.Virut.H [PC Tools]	15
Worm.VB.AAWD [PC Tools]	13
JS.Chir.B [PC Tools]	11
Generic VB.c [McAfee]	7
Trojan.VB.EPP [PC Tools]	7
Worm.VB.ZUI [PC Tools]	7
Backdoor.Small.VZJ [PC Tools]	6
Trojan.Win32.VB.atg [Kaspersky Lab]	6
W32.Linkbot.M [Symantec]	6
Worm.VB.AAUV [PC Tools]	6
Backdoor.Win32.Hupigon.fba [Kaspersky Lab]	5
Backdoor.Trojan [Symantec]	4
Trojan.DL.VB.AAVI [PC Tools]	4
Trojan.Hider.G [PC Tools]	4
W32/Nachi.worm.a [McAfee]	4
Worm.PoeBot.P [PC Tools]	4
Worm.Win32.Nachi [PC Tools]	4
Backdoor.VB.ESE [PC Tools]	3
Net-Worm.Win32.Allaple.b [Kaspersky Lab]	3
Trojan.Agent.GEK [PC Tools]	3
Trojan.Popuper [PC Tools]	3
Backdoor.Hupigon.GAG [PC Tools]	2
Backdoor.Win32.Popwin.amm [Kaspersky Lab]	2
Backdoor.Win32.VanBot.hl [Kaspersky Lab]	2
Exploit-DcomRpc.gen [McAfee]	2
Infostealer.Gamania [Symantec]	2
TrojanSpy.VB.EXB [PC Tools]	2
Virus.Win32.VB.eg [Kaspersky Lab]	2
W32.SillyDC [Symantec]	2
W32/Autorun.worm.f [McAfee]	2
Win32.Sality.AA.Gen [PC Tools]	2
Win32.Virut.Gen.3 [PC Tools]	2
Worm.VB.FMU [PC Tools]	2
Worm.VB.ZQF [PC Tools]	2
Worm.Win32.VB.gp [Kaspersky Lab]	2
Adware.MarketScore.A [PC Tools]	1
Adware.Relevant.A [PC Tools]	1
Adware.RK.H [PC Tools]	1
Backdoor.Agent.TPH [PC Tools]	1
Backdoor.Hupigon.FFA [PC Tools]	1
Backdoor.Rizo.AA [PC Tools]	1
Backdoor.Sdbot [Symantec]	1
Backdoor.Win32.Agent.dco [Kaspersky Lab]	1
Backdoor.Win32.IRCBot.adj [Kaspersky Lab]	1
Backdoor.Win32.Popwin.aoq [Kaspersky Lab]	1
Backdoor.Win32.Rbot.feh [Kaspersky Lab]	1
Backdoor.Win32.SdBot.bze [Kaspersky Lab]	1
Backdoor.Win32.SdBot.xd [Kaspersky Lab]	1
Generic Del [McAfee]	1
Hider [McAfee]	1
IM-Worm.Win32.Agent.u [Kaspersky Lab]	1
Infostealer.QQRob.A [Symantec]	1
I-Worm.Brontok.ER [PC Tools]	1
I-Worm.VB.XYH [PC Tools]	1
New Malware.gm [McAfee]	1
New Win32 [McAfee]	1
not-a-virus:AdWare.Win32.RK.n [Kaspersky Lab]	1
PE_VIRUT.XK [Trend Micro]	1
Trojan Horse [Symantec]	1
Trojan.Agent.WNU [PC Tools]	1
Trojan.Agent.WXQ [PC Tools]	1
Trojan.AutoIT.AM [PC Tools]	1
Trojan.Delf.UPG [PC Tools]	1
Trojan.DL.Obfusc.Gen.8 [PC Tools]	1
Trojan.DR.Small.GHT [PC Tools]	1
Trojan.Jonben.A [PC Tools]	1
Trojan.PWS.OnLineGames.BCJ [PC Tools]	1
Trojan.PWS.OnLineGames.BOX [PC Tools]	1
Trojan.PWS.QQPass.ALN [PC Tools]	1
Trojan.Sramler.I [PC Tools]	1
Trojan.VB.WKS [PC Tools]	1
Trojan.VB.XYJ [PC Tools]	1
Trojan.VB.ZBW [PC Tools]	1
Trojan.Win32.Autoit.ax [Kaspersky Lab]	1
Trojan.Win32.Delf.yh [Kaspersky Lab]	1
Trojan-Downloader.Win32.Agent.dwp [Kaspersky Lab]	1
Trojan-Downloader.Win32.AutoIt.q [Kaspersky Lab]	1
Trojan-Dropper.Win32.Delf.ajo [Kaspersky Lab]	1
Trojan-Dropper.Win32.Sramler.e [Kaspersky Lab]	1
TrojanSpy.VB.GAG [PC Tools]	1
Virus.Win32.AutoRun.aaw [Kaspersky Lab]	1
Virus.Win32.AutoRun.abt [Kaspersky Lab]	1
Virus.Win32.AutoRun.aiv [Kaspersky Lab]	1
Virus.Win32.Virut.m [Kaspersky Lab]	1
Virus:Win32/Virut.AN [Microsoft]	1
W32.IRCBot [Symantec]	1

PE_VIRUT.GEN-2 [Trend Micro] has the following possible countries of origin:

Origin		Number of Incidents
	China	57
	Germany	16
	Spain	12
	United Kingdom	10
	Italy	9
	Portugal	8
	Russian Federation	8
	Republic of Korea	7
	Greece	6
	Netherlands	5
	Sweden	5
	Czech Republic	4
	Iran	4
	Hungary	3
	Poland	3
	Slovakia	3
	Taiwan	3
	Viet Nam	3
	Brazil	2
	France	2
	Turkey	2
	Australia	1
	Belgium	1
	Canada	1
	Denmark	1
	Israel	1
	Japan	1
	Thailand	1
	Ukraine	1

PE_VIRUT.GEN-2 [Trend Micro] is known to be created as:

%AppData%\%username%.task\services.exe

%AppData%\csrss.exe

%AppData%\inetinfo.exe

%AppData%\jalak-931738815-bali.com

%AppData%\lsass.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\waultc.exe

%AppData%\winlogon.exe

%CommonAppData%\normal.exe

%CommonPrograms%\startup\lsass.exe

%CommonPrograms%\startup\msconfig.exe

%FontsDir%\internat.exe

%FontsDir%\svchost.exe

%FontsDir%\taskmgr.exe

%LocalSettings%\explorer.exe

%LocalSettings%\services.exe

%LocalSettings%\smss.exe

%LocalSettings%\svchost.exe

%LocalSettings%\winlogon.exe

%Profiles%\default user\services.exe

%Profiles%\localservice\services.exe

%Profiles%\networkservice\services.exe

%ProgramFiles%\common files\system\msasp32.exe

%ProgramFiles%\common files\system\mswvr32.exe

%ProgramFiles%\explorer.exe

%ProgramFiles%\uninstall information\aagbe.exe

%System%\_svchost.exe

%System%\1025.exe

%System%\1028.exe

%System%\1031.exe

%System%\1033.exe

%System%\1037.exe

%System%\1041.exe

%System%\1042.exe

%System%\1054.exe

%System%\2052.exe

%System%\28463\kytc.exe

%System%\3076.exe

%System%\3com_dmi.exe

%System%\3fabe9c0.exe

%System%\440510867285l.exe

%System%\4e17c240.exe

%System%\algs.exe

%System%\amvo.exe

%System%\autochl.exe

%System%\av-prev.exe

%System%\blastclnnn.exe

%System%\bttnserv.exe

%System%\catroot.exe

%System%\catroot2.exe

%System%\cmd.com

%System%\com.exe

%System%\com\lsass.exe

%System%\config.exe

%System%\controls.exe

%System%\csml.exe

%System%\dhcp.exe

%System%\directx.exe

%System%\dkvlbkndc.exe

%System%\dllcache\ivchost.exe

%System%\dllcache\log.exe

%System%\dllcache\regedit32.com

%System%\dllcache\rtsecar.exe

%System%\dllcache\shell32.com

%System%\dllcache\sxchost.exe

%System%\dllcache\windmns.exe

%System%\dllcache\winlogon.exe

%System%\dllcache\winsop.exe

%System%\dllcache\wintcpack.exe

%System%\dllcache\zipexr.dll

%System%\dllchache.exe

%System%\drivers.exe

%System%\drivers\105943\csrss.exe

%System%\drivers\52918\csrss.exe

%System%\drivers\55388\csrss.exe

%System%\drivers\71010810\csrss.exe

%System%\drivers\93443\csrss.exe

%System%\drivers\991075\csrss.exe

%System%\dxdiag.com

%System%\e0chis.exe

%System%\exerun.exe

%System%\ex-plorer.exe

%System%\export.exe

%System%\fibqqv.exe

%System%\flash.10.exe

%System%\fun.exe

%System%\ias.exe

%System%\icsxml.exe

%System%\ime.exe

%System%\inetsrv.exe

%System%\isass.exe

%System%\isfmm.exe

%System%\jambanmu.com

%System%\kdedm.exe

%System%\lap.exe

%System%\lssas.exe

%System%\m5vbvm60.exe

%System%\macromed.exe

%System%\meex.com

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).