Threat Search: 

ThreatExpert's Statistics for Virus:Win32/Virut.gen!O [Microsoft]:

Virus:Win32/Virut.gen!O [Microsoft] is also known as:
Threat AliasNumber of Incidents
W32.Virut.CF [Symantec]342
W32/Scribble-B [Sophos]340
Virus.Win32.Virut.ce [Kaspersky Lab]294
W32/Virut.n.gen [McAfee]248
Win32/Virut.F [AhnLab]223
Win32/Virut.E [AhnLab]178
New Win32 [McAfee]81
Malware.Virut [PC Tools]64
New Win32.g4 [McAfee]25
Mal/Scribble-C, W32/Scribble-B [Sophos]14
Backdoor.Win32.Small.uc [Kaspersky Lab]13
New Poly Win32 [McAfee]12
Virus.Win32.Virut [Ikarus]10
Virus.Win32.JunkPoly [Ikarus]9
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]8
Virus.Win32.Sality [Ikarus]8
Mal/Scribble-D [Sophos]5
Trojan-Downloader.LoadAdv [Ikarus]5
Trojan-Spy.Win32.Banker.RM [Ikarus]5
Virus.Win32.Virut.bo [Ikarus]5
Suspicious.MH690 [Symantec]4
Trojan-Banker.Win32.Bancos [Ikarus]4
Virus.Win32.Virut.n [Ikarus]4
Backdoor.Rustock [Ikarus]3
Mal/FakeAV-AX [Sophos]3
Mal/HckPk-A [Sophos]3
PE_VIRUX.F-2 [Trend Micro]3
Spam-Mailbot [McAfee]3
Trojan.Pandex [PC Tools]3
Trojan.Pandex [Symantec]3
Trojan-Clicker.Win32.VB [Ikarus]3
Trojan-Downloader.Win32.Zlob [Ikarus]3
Backdoor.Win32.Bifrose [Ikarus]2
Backdoor.Win32.HareBot.anq [Kaspersky Lab]2
Backdoor.Win32.Small.tv [Kaspersky Lab]2
Backdoor.Win32.Small.uh [Kaspersky Lab]2
Cutwail [McAfee]2
Mal/EncPk-HJ, W32/Scribble-B [Sophos]2
Mal/FakeAV-AX, W32/Scribble-B [Sophos]2
New Malware.fa [McAfee]2
Trojan-Downloader.Win32.Cutwail [Ikarus]2
W32.Virut [Ikarus]2
W32/DelpBck-Gen [Sophos]2
Win32/ReaBot.worm.60929 [AhnLab]2
Win-Trojan/Agent.11776.KS [AhnLab]2
Win-Trojan/Agent.35328.KG [AhnLab]2
Backdoor.Win32.Popwin [Ikarus]1
Backdoor.Win32.Rbot.hyj [Kaspersky Lab]1
Downloader.Delphi [Ikarus]1
Exploit.Win32.IMG-WMF [Ikarus]1
Gen.Trojan [Ikarus]1
Mal/Behav-043, W32/Scribble-B [Sophos]1
Mal/Behav-103, Mal/Behav-043, W32/Scribble-B [Sophos]1
Mal/Behav-116, Mal/Emogen-Y, W32/Scribble-B [Sophos]1
Mal/Bifrose-S [Sophos]1
Mal/Bifrose-X, Mal/Midgar-A, Mal/Bifrose-Z, W32/Scribble-B [Sophos]1
Mal/Bifrose-Z, W32/Scribble-B [Sophos]1
Mal/Generic-A, W32/Scribble-B [Sophos]1
Mal/Krap-B, W32/Scribble-B [Sophos]1
Mal/MDrop-Gen, W32/Scribble-B [Sophos]1
Mal/Scribble-C, Mal/TibsPak, W32/Scribble-B [Sophos]1
Mal/SkimTrim-C, W32/Scribble-B [Sophos]1
Mal/TibsPak, W32/Scribble-B [Sophos]1
Mal/Zlob-AG, W32/Scribble-B [Sophos]1
New Win32.g2 [McAfee]1
New Win32.g3 [McAfee]1
not-a-virus:AdWare.Win32.ISearch [Ikarus]1
Packed.Win32.Krap.w [Kaspersky Lab]1
PE_VIRUX.F-3 [Trend Micro]1
Trojan.Buzus [PC Tools]1
Trojan.CryptRedol [Ikarus]1
Trojan.Generic [Ikarus]1
Trojan.Win32.LipGame.cd [Kaspersky Lab]1
Trojan.Win32.Obfuscated [Ikarus]1
Trojan.Win32.Patched [Ikarus]1
Trojan-Clicker.VB.cwf [PC Tools]1
Trojan-Clicker.Win32.Delf [Ikarus]1
Trojan-Downloader.Agent [Ikarus]1
Trojan-Downloader.Win32.Cbeplay [Ikarus]1
Trojan-Downloader.Win32.Delf [Ikarus]1
Trojan-Downloader.Win32.Fload [Ikarus]1
Trojan-Downloader.Win32.Small [Ikarus]1
Trojan-Downloader.Win32.Ufraie [Ikarus]1
Trojan-Downloader.Win32.VB.IP [Ikarus]1
Trojan-Dropper.Delf [Ikarus]1
Trojan-GameThief.Win32.WOW [Ikarus]1
Trojan-Proxy.Win32.Agent [Ikarus]1
Trojan-PSW.LdPinch.abbc [PC Tools]1
Virus.Win32.Virtob [Ikarus]1
Virus.Win32.Virut.q [Ikarus]1
W32/Autorun.worm.f [McAfee]1
Win-Trojan/Downloader.35328.JD [AhnLab]1

Virus:Win32/Virut.gen!O [Microsoft] has the following possible countries of origin:
OriginNumber of Incidents
China55
Russian Federation15
United Kingdom5
France4
Germany4
Brazil3
Saudi Arabia3
Sweden3
Hungary2
Italy2
Spain2
Turkey2
Israel1
Poland1
Taiwan1

Virus:Win32/Virut.gen!O [Microsoft] is known to be created as:
%CommonPrograms%\chkdisk.exe
%FontsDir%\uninstall_.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\thunmail\testabd.exe
%Programs%\startup\1sass.exe
%System%\3361\svchost.exe
%System%\ashevtsvc.exe
%System%\bndmss.exe
%System%\fastnetsrv.exe
%System%\implayok.exe
%System%\msword98.exe
%System%\mutelupo.exe
%System%\ntos.exe
%System%\opeia.exe
%System%\patch.exe
%System%\peersvc.exe
%System%\photo_id.exe
%System%\reader_s.exe
%System%\system.exe
%System%\userini.exe
%System%\wmdtc.exe
%Temp%\7zs6.tmp\keygen.exe
%Temp%\7zs6.tmp\patch.exe
%Temp%\7zs6.tmp\serial.exe
%Temp%\a.exe
%Temp%\b.exe
%Temp%\c.exe
%Temp%\driver_detective_6.4.0.7_key.exe
%Temp%\driver_detective_6.4.1.3_key.exe
%Temp%\nsbf.tmp\ctfmon.exe
%Temp%\nsp3.tmp\e4u.exe
%Temp%\nsp3.tmp\ep.exe
%Temp%\nss12.tmp\converter7.exe
%Temp%\nsu3.tmp\e4u.exe
%Temp%\rtv_winupd.exe
%UserProfile%\implayok.exe
%UserProfile%\photo_id.exe
%UserProfile%\reader_s.exe
%Windir%\av.exe
%Windir%\dhcp\svchost.exe
%Windir%\dll\rundll32.exe
%Windir%\explorer.exe:userini.exe
%Windir%\isvchost.exe
%Windir%\ld08.exe
%Windir%\msa.exe
%Windir%\services.exe
%Windir%\svchost.exe
%Windir%\svchust.exe
%Windir%\windows.exe
c:\inetpub\inetpub.exe
c:\lsass.exe
Notes:
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.