ThreatExpert's Statistics for Trojan:Win32/Remhead [Microsoft]:

Trojan:Win32/Remhead [Microsoft] is also known as:

Threat Alias	Number of Incidents
Mal/Behav-010, Mal/Behav-027 [Sophos]	32
Trojan.Win32.Pasta.cwh [Kaspersky Lab]	32
Virus.Win32.Crypt.CQW [Ikarus]	32
Generic.dx!ffx [McAfee]	20
Trojan Horse [Symantec]	19
Win-Trojan/Pasta.130560 [AhnLab]	16
Mal/Generic-A [Sophos]	4
Downloader.Lop [Symantec]	3
Trojan.Win32.Swizzor.b [Kaspersky Lab]	3
Trojan.Generic [PC Tools]	2
Win-Trojan/Swizzor.331776.SO [AhnLab]	2
Backdoor.Graybird [PC Tools]	1
Backdoor.Graybird [Symantec]	1
Backdoor.Trojan [PC Tools]	1
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Poison.vuk [Kaspersky Lab]	1
Backdoor-DZP [McAfee]	1
BackDoor-EGO [McAfee]	1
Downloader-BWG [McAfee]	1
Generic Downloader.dv [McAfee]	1
Generic Downloader.x!bod [McAfee]	1
Generic VB.cb [McAfee]	1
Generic.dx!byi [McAfee]	1
Generic.dx!hzd [McAfee]	1
Generic.dx!lbq [McAfee]	1
HeurEngine.MaliciousPacker [PC Tools]	1
Infostealer.Gampass [Symantec]	1
Mal/Behav-116 [Sophos]	1
Mal/Behav-229 [Sophos]	1
Mal/Dropper-MAP [Sophos]	1
Mal/EncPk-AP [Sophos]	1
Mal/Generic-A, Mal/Emogen-Y [Sophos]	1
Mal/KeInject-A, Mal/EncPk-LR [Sophos]	1
Mal/Swizzor-B [Sophos]	1
Mal/Swizzor-F [Sophos]	1
Packed.Generic.114 [Symantec]	1
Packed/Upack [AhnLab]	1
Swizzor!cc [McAfee]	1
Trojan.Dropper [Symantec]	1
Trojan.Hijacker [Ikarus]	1
Trojan.IRCBot [PC Tools]	1
Trojan.Win32.Buzus.ciyl [Kaspersky Lab]	1
Trojan.Win32.Buzus.cvvd [Kaspersky Lab]	1
Trojan.Win32.Pasta [Ikarus]	1
Trojan.Win32.Pasta.dgz [Kaspersky Lab]	1
Trojan.Win32.Refroso.aldn [Kaspersky Lab]	1
Trojan.Win32.VB [Ikarus]	1
Trojan:Win32/C2Lop.gen!L [Microsoft]	1
Trojan-Downloader.Agent [PC Tools]	1
Trojan-Downloader.Win32.Agent.chjs [Kaspersky Lab]	1
Trojan-Downloader.Win32.Swizzor [Ikarus]	1
Trojan-GameThief.Win32.Magania.crvp [Kaspersky Lab]	1
Trojan-GameThief.Win32.OnLineGames.vpgf [Kaspersky Lab]	1
Trojan-PSW.Gampass [PC Tools]	1
W32.IRCBot [Symantec]	1
Win-Trojan/Agent.33624 [AhnLab]	1
Win-Trojan/Antisb.62464 [AhnLab]	1
Win-Trojan/Hupigon.Gen [AhnLab]	1
Win-Trojan/OnlineGameHack.61952.T [AhnLab]	1
Win-Trojan/Poison.32768.BH [AhnLab]	1
Worm.Win32.AutoRun [Ikarus]	1
Worm.Win32.AutoRun.gjx [Kaspersky Lab]	1

Trojan:Win32/Remhead [Microsoft] has the following possible country of origin:

Origin		Number of Incidents
	China	2

Trojan:Win32/Remhead [Microsoft] is known to be created as:

%Profiles%\cpa.exe

%Temp%\mesh3lan.exe

%Temp%\nsq3.tmp\minime.exe

c:\extracted\good.exe

c:\extracted\mesh3lan.exe

Notes:

%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).