ThreatExpert's Statistics for Trojan:Win32/Provis!rts [Microsoft]:

Trojan:Win32/Provis!rts [Microsoft] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	87
Mal/Generic-A [Sophos]	65
Win-Trojan/Xema.variant [AhnLab]	59
Trojan.Win32.VB [Ikarus]	39
Generic.dx [McAfee]	32
Trojan.Generic [PC Tools]	28
Trojan.VB!sd6 [PC Tools]	25
Trojan.Win32.VB.goe [Kaspersky Lab]	24
Backdoor.Trojan [Symantec]	17
Mal/Behav-160, Mal/Emogen-E [Sophos]	9
Trojan.Crypt [Ikarus]	9
Trojan.Win32.VB.zvl [Kaspersky Lab]	9
Hacktool [Symantec]	6
Infostealer [Symantec]	6
Backdoor.VB!sd6 [PC Tools]	5
Generic BackDoor [McAfee]	5
Backdoor.Win32.VB.hmq [Kaspersky Lab]	4
Constructor.VB!sd5 [PC Tools]	4
Constructor.Win32.VB.ak [Kaspersky Lab]	4
Generic.cd [McAfee]	4
Trojan.Win32.VB.jvc [Kaspersky Lab]	4
Backdoor.Trojan [PC Tools]	3
Backdoor.Win32.VB.jrm [Kaspersky Lab]	3
BackDoor-AWQ.b [McAfee]	3
Generic VB.b [McAfee]	3
Infostealer.Gampass [Symantec]	3
Mal/Generic-E [Sophos]	3
Troj/VB-AAP [Sophos]	3
Trojan-PSW.Generic [PC Tools]	3
Virus.Win32.Trojan [Ikarus]	3
Backdoor.IRC [PC Tools]	2
Backdoor.IRC.Bot [Symantec]	2
Backdoor.VB.E [PC Tools]	2
Backdoor.Win32.Inject [Ikarus]	2
Backdoor.Win32.Inject.asm [Kaspersky Lab]	2
BackDoor-DVB [McAfee]	2
Backdoor-DZP [McAfee]	2
Constructor.Win32.VB.AK [Ikarus]	2
Constructor/Xema.86016 [AhnLab]	2
Email-Flooder.VB!sd5 [PC Tools]	2
Email-Flooder.Win32.VB.bc [Kaspersky Lab]	2
Generic FDoS.b [McAfee]	2
Generic PUP.b [McAfee]	2
Generic PWS.y [McAfee]	2
Generic VB.i [McAfee]	2
Generic.dx!dnz [McAfee]	2
Generic.dx!iqe [McAfee]	2
Generic.dx!tz [McAfee]	2
Hacktool.Flooder [Symantec]	2
HackTool.VB!sd6 [PC Tools]	2
HackTool.Win32.VB.uj [Kaspersky Lab]	2
HackTool.Win32.VB.yd [Kaspersky Lab]	2
Mal/Packer [Sophos]	2
Mal/VB-AK [Sophos]	2
Mal/VBInject-D [Sophos]	2
Net-Worm.SillyFDC [PC Tools]	2
Packed.Win32.CPEX-based.ht [Kaspersky Lab]	2
Suspicious.MH690 [Symantec]	2
Trojan.Win32.Agent2 [Ikarus]	2
Trojan.Win32.Inject.orq [Kaspersky Lab]	2
Trojan.Win32.VB.hly [Kaspersky Lab]	2
Trojan.Win32.VBKrypt.bd [Kaspersky Lab]	2
Trojan-Mailfinder [Ikarus]	2
Trojan-Mailfinder.Win32.VB.e [Kaspersky Lab]	2
Trojan-Spy.Win32.VB.bjk [Kaspersky Lab]	2
TSPY_ONLINEG.IA [Trend Micro]	2
VB-BackDoor.a.gen [McAfee]	2
Virus.Trojan.Win32.VB [Ikarus]	2
Vundo.gen.n [McAfee]	2
W32.SillyFDC [Symantec]	2
Win-Trojan/Inject.96811.F [AhnLab]	2
Backdoor.IRCBot!sd6 [PC Tools]	1
Backdoor.Win32.Feardoor.15.B [Ikarus]	1
Backdoor.Win32.Hupigon.fpuo [Kaspersky Lab]	1
Backdoor.Win32.IRCBot.fvb [Kaspersky Lab]	1
Backdoor.Win32.Rbot.afpg [Kaspersky Lab]	1
Backdoor.Win32.Rbot.afuq [Kaspersky Lab]	1
Backdoor.Win32.Vatos.24 [Ikarus]	1
Backdoor.Win32.VB.agi [Kaspersky Lab]	1
Backdoor.Win32.VB.hhs [Kaspersky Lab]	1
Backdoor.Win32.VB.ivp [Kaspersky Lab]	1
Backdoor.Win32.VB.jpg [Kaspersky Lab]	1
Backdoor.Win32.VB.kpp [Kaspersky Lab]	1
BackDoor-DTO [McAfee]	1
BackDoor-DVB.e [McAfee]	1
DoS.Win32.VB [Ikarus]	1
DoS.Win32.VB.hc [Kaspersky Lab]	1
Downloader [Symantec]	1
Downloader.Generic [PC Tools]	1
Email-Flooder.Win32.VB [Ikarus]	1
Gen.Trojan [Ikarus]	1
Generic BackDoor!bf [McAfee]	1
Generic BackDoor!hs [McAfee]	1
Generic Downloader.x!bfy [McAfee]	1
Generic Downloader.x!cpb [McAfee]	1
Generic Malware.ja [McAfee]	1
Generic PUP.x [McAfee]	1
Generic PUP.z!t [McAfee]	1
Generic PWS.y!dk [McAfee]	1
Generic PWS.y!pr [McAfee]	1

Trojan:Win32/Provis!rts [Microsoft] has the following possible countries of origin:

Origin		Number of Incidents
	China	14
	Spain	4
	Turkey	3
	Egypt	1
	France	1
	Germany	1
	Netherlands	1
	Saudi Arabia	1
	Taiwan	1
	United Kingdom	1

Trojan:Win32/Provis!rts [Microsoft] is known to be created as:

%AppData%\microsoft\winlog.exe

%AppData%\winupdate.exe

%DesktopDir%\winupdaterwinnt.exe

%Profiles%\photo\photo1.exe

%ProgramFiles%\internet explorer\svchost.exe

%ProgramFiles%\mail bomber\bomber.exe

%ProgramFiles%\windowsupdate\imjpmig.exe

%ProgramFiles%\windowsupdate\winlogon.exe

%System%\2.exe

%System%\3361\services.exe

%System%\dnf.exe

%System%\drivers\psdriver.sys

%System%\drivers\svchost.exe

%System%\game.dll

%System%\ieupdate.dll

%System%\nwcworkstation360.dll

%System%\supersck2.dll

%System%\system\server.exe

%System%\windl32.exe

%System%\winupdateman.exe

%Temp%\bazooka.exe

%Temp%\crs.exe

%Temp%\decrypted.exe

%Temp%\file2.exe

%Temp%\ir_ext_temp_0\autoplay\docs\mini_metus..exe

%Temp%\ir_ext_temp_1\autoplay\docs\mini_metus..exe

%Temp%\ixp000.tmp\wincheck.exe

%Temp%\payload.exe

%Temp%\rundlll.exe

%Temp%\serial.exe

%Temp%\server.exe

%Temp%\setup.exe

%Temp%\tmp1.exe

%UserProfile%\winlogon.exe

%Windir%\config\wincheck.exe

%Windir%\sysproc.dll

c:\bitblt.exe

c:\sexgirls.exe

c:\userinit.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.