ThreatExpert's Statistics for PE_VIRUT.XQ [Trend Micro]:

PE_VIRUT.XQ [Trend Micro] is also known as:

Threat Alias	Number of Incidents
W32/Virut.gen [McAfee]	137
Virus.Win32.Virut.n [Kaspersky Lab]	114
Win32.Virut.Gen [PC Tools]	102
Bloodhound.Unknown [Symantec]	40
W32/Vetor-A [Sophos]	29
Virus:Win32/Virut.AH [Microsoft]	26
W32.Virut!gen [Symantec]	23
Virus.Win32.Virut.q [Kaspersky Lab]	20
W32.Rontokbro.U@mm [Symantec]	14
Worm.Brontok.BK [PC Tools]	14
W32.Spybot.Worm [Symantec]	9
W32.IRCBot [Symantec]	6
Trojan-Downloader.Win32.Small [Ikarus]	3
W32/Nachi.worm.a [McAfee]	3
Worm.SdBot.GAP [PC Tools]	3
Worm.Win32.Nachi [PC Tools]	3
Backdoor.Trojan [Symantec]	2
Worm.IRCBot.ATT [PC Tools]	2
Worm.Rbot.MCH [PC Tools]	2
Worm.RBot.USV [PC Tools]	2
Worm.RBot.UTA [PC Tools]	2
Backdoor.IRCBot.BFE [PC Tools]	1
Backdoor.IRCBot.BHH [PC Tools]	1
Backdoor.Sdbot [Symantec]	1
Backdoor.Win32.SdBot.xd [Kaspersky Lab]	1
Backdoor.Win32.VanBot.cx [Kaspersky Lab]	1
Backdoor:Win32/Poebot.AD [Microsoft]	1
Backdoor:Win32/Poebot.BA [Microsoft]	1
Backdoor:Win32/Poebot.BG [Microsoft]	1
BehavesLike.Trojan-Downloader [Ikarus]	1
Downloader [Symantec]	1
FakeAlert-AG.gen.c [McAfee]	1
I-Worm.Brontok.CE [PC Tools]	1
I-Worm.Brontok.CU [PC Tools]	1
I-Worm.Womble.B1 [PC Tools]	1
Net-Worm.Win32.Kolabc.bsb [Kaspersky Lab]	1
New Malware.gm [McAfee]	1
New Win32.g2 [McAfee]	1
Trojan.Buzus.E [PC Tools]	1
Trojan.Crypt [Ikarus]	1
Trojan-Downloader.Win32.Bagle.gk [Kaspersky Lab]	1
Trojan-Dropper.Kobcka [Ikarus]	1
Virus.Win32.Agent.aj [Ikarus]	1
Virus.Win32.Virut.n [Ikarus]	1
Virus.Worm.Win32.AutoRun.dht [Ikarus]	1
W32.Rinbot.V [Symantec]	1
W32.Rontokbro@mm [Symantec]	1
W32.Womble.A@mm [Symantec]	1
W32/Sdbot.worm.gen.q [McAfee]	1
Win32/Virut.C [AhnLab]	1
Win32/Virut.D [AhnLab]	1
Win-Trojan/Black.554496.B [AhnLab]	1
Worm.Allaple.AA [PC Tools]	1
Worm.Poebot.CY [PC Tools]	1
Worm.Poebot.IT [PC Tools]	1
Worm.PoeBot.NN [PC Tools]	1
Worm.RBot.AATC [PC Tools]	1
Worm.RBot.DBI [PC Tools]	1
Worm.RBot.OLC [PC Tools]	1
Worm.Rbot.UWN [PC Tools]	1
Worm.SdBot.CQI [PC Tools]	1
Worm.SdBot.ELD [PC Tools]	1

PE_VIRUT.XQ [Trend Micro] has the following possible countries of origin:

Origin		Number of Incidents
	Netherlands	5
	France	2
	Brazil	1
	China	1
	Germany	1
	Israel	1
	Sweden	1

PE_VIRUT.XQ [Trend Micro] is known to be created as:

%AppData%\br6657on.exe

%AppData%\csrss.exe

%AppData%\dv6173880x\yesbron.com

%AppData%\inetinfo.exe

%AppData%\jalak-931738815-bali.com

%AppData%\lsass.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\svchost.exe

%AppData%\winlogon.exe

%ProgramFiles%\common files\system\msiwa32.exe

%System%\cbkckkz32.exe

%System%\cmd-brontok.exe

%System%\csrs.exe

%System%\dllcache\mswords.exe

%System%\dllcache\qxchost.exe

%System%\dllcache\rtsecar.exe

%System%\dllcache\sxch0st.exe

%System%\dllcache\vvvhost.exe

%System%\dllcache\wingptd.exe

%System%\dllcache\wintcpack.exe

%System%\dllcache\wintcps.exe

%System%\e0chis.exe

%System%\explorer.exe

%System%\fagsaaz.exe

%System%\isass.exe

%System%\knpcoqwuo.exe

%System%\logon.exe

%System%\mmgf.exe

%System%\n7533\b8682.exe

%System%\n7533\csrss.exe

%System%\n7533\lsass.exe

%System%\n7533\services.exe

%System%\n7533\winlogon.exe

%System%\omqsztcix.exe

%System%\rs32net.exe

%System%\skdqrst.exe

%System%\spoolsvc.exe

%System%\svchoost.exe

%System%\tsqla.exe

%System%\upds.exe

%System%\winamp.exe

%System%\zodxvrpuow.exe

%Templates%\11496-nendangbro.com

%Templates%\wowtumpeh.com

%Windir%\antiv.exe

%Windir%\dllmgr64.exe

%Windir%\dnmee33.exe

%Windir%\eksplorasi.exe

%Windir%\ipv7.exe

%Windir%\kesenjangansosial.exe

%Windir%\mrshield.exe

%Windir%\mssmpp.exe

%Windir%\msword.exe

%Windir%\o4442927.exe

%Windir%\ofice.exe

%Windir%\princ.exe

%Windir%\services.exe

%Windir%\shellnew\bronstab.exe

%Windir%\shellnew\rakyatkelaparan.exe

%Windir%\ssldyn.exe

%Windir%\svchost.exe

%Windir%\sysmgr64.exe

%Windir%\system\vmwareservice.exe

%Windir%\us18336\ib8682.exe

%Windir%\winsys32.exe

%Windir%\wlmsngr.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.