Threat Search: 

ThreatExpert's Statistics for Virus:Win32/Virut.K [Microsoft]:

Virus:Win32/Virut.K [Microsoft] is also known as:
Threat AliasNumber of Incidents
Win32.Virut.Gen.5 [PC Tools]66
W32/Vetor-A [Sophos]65
W32/Virut.gen [McAfee]59
W32.Virut.U [Symantec]58
PE_VIRUT.XP [Trend Micro]37
Virus.Win32.Virut.q [Kaspersky Lab]32
Virus.Win32.Virut.n [Kaspersky Lab]27
PE_VIRUT.XS [Trend Micro]25
Win32/Virut.D [AhnLab]19
Virus.Win32.Sality [Ikarus]9
Virus.Win32.Virut.q [Ikarus]9
Trojan-Downloader.Win32.VB.bbi [Ikarus]8
Email-Worm.Win32.Runouce [Ikarus]4
Virus.Win32.Virut [Ikarus]4
Win-Trojan/Downloader.11264.GK [AhnLab]4
Win-Trojan/Xema.variant [AhnLab]4
Email-Worm.Win32.Runouce.b [Kaspersky Lab]3
Generic.Sdbot [Ikarus]2
PE_Chir.B [Trend Micro]2
PWS-Gamania.gen.a [McAfee]2
Spy-Agent.bv.gen.b [McAfee]2
Trojan.Win32.Delf.bgp [Kaspersky Lab]2
Trojan-Downloader.Win32.Cutwail [Ikarus]2
W32.Chir.B@mm [Symantec]2
W32.Glupzy.A [Symantec]2
W32.SillyFDC [Symantec]2
W32/Chir.b@MM [McAfee]2
W32/Chir-B [Sophos]2
Win32/ChiHack.6652 [AhnLab]2
Backdoor.Rbot [Ikarus]1
Backdoor.Win32.Rbot.hwr [Kaspersky Lab]1
Backdoor.Win32.Small.uh [Kaspersky Lab]1
BackDoor-DIY [McAfee]1
Downloader [Symantec]1
Email-Worm.Win32.Brontok [Ikarus]1
Email-Worm.Win32.Brontok.N [Ikarus]1
Generic PWS.ak [McAfee]1
Hider [McAfee]1
IM-Worm.Win32.Sohanad.dz [Kaspersky Lab]1
Mal/Basine-C, W32/Vetor-A [Sophos]1
Mal/Behav-285 [Sophos]1
Mal/HckPk-A, Mal/TibsPak, Mal/EncPk-F, W32/Vetor-A [Sophos]1
Packer.RLPack.D [Ikarus]1
PWS-Gamania.gen.g [McAfee]1
Spam-Mailbot [McAfee]1
Spammer.Win32.Tedroo.Z [Ikarus]1
Trojan.DR.Small.UPY [PC Tools]1
Trojan.Hider.G [PC Tools]1
Trojan.VB.XFZ [PC Tools]1
Trojan.Win32.Agent2.ecb [Kaspersky Lab]1
Trojan.Win32.Pakes.cob [Kaspersky Lab]1
Trojan.Win32.VB [Ikarus]1
Trojan-GameThief.Win32.OnLineGames.yze [Kaspersky Lab]1
Virus.Trojan.Win32.VB [Ikarus]1
Virus.Win32.Hupigon.MAP [Ikarus]1
Virus.Win32.VB.bg [Ikarus]1
Virus.Win32.Virut.br [Ikarus]1
Virus.Win32.Virut.bt [Ikarus]1
Virus.Win32.Virut.o [Ikarus]1
Virus.Worm.Win32.AutoRun.doq [Ikarus]1
W32.Fakerecy [Symantec]1
W32.Gammima [Symantec]1
W32.Gammima.AG [Symantec]1
W32.Imaut [Symantec]1
W32.Imaut.U [Symantec]1
W32.IRCBot [Symantec]1
W32.Rontokbro@mm [Symantec]1
W32.Virut [Ikarus]1
W32/Glupzy-B [Sophos]1
W32/Sdbot.worm [McAfee]1
W32/VB-DZT [Sophos]1
W32/Virut.remnants [McAfee]1
Win32/ChiHack.worm.10748 [AhnLab]1
Win32/IRCBot.worm.variant [AhnLab]1
Win32/ReaBot.worm.60929 [AhnLab]1
Win32/Sohanad.worm.17920 [AhnLab]1
Win-Trojan/Agent.109724 [AhnLab]1
Win-Trojan/Agent.11264.JZ [AhnLab]1
Win-Trojan/Disabler.21185 [AhnLab]1
Win-Trojan/OnlineGameHack.136324 [AhnLab]1
Win-Trojan/Xema.240128 [AhnLab]1
Worm.Autoit.DU [PC Tools]1
Worm.VB.FMU [PC Tools]1
Worm.Win32.AutoIt [Ikarus]1
WORM_DELF.FKZ [Trend Micro]1
WORM_FLASHY.B [Trend Micro]1

Virus:Win32/Virut.K [Microsoft] has the following possible countries of origin:
OriginNumber of Incidents
United Kingdom3
Thailand2
China1
Germany1
Israel1
Netherlands1
Russian Federation1

Virus:Win32/Virut.K [Microsoft] is known to be created as:
%AppData%\br6657on.exe
%AppData%\csrss.exe
%AppData%\explorer.exe
%AppData%\inetinfo.exe
%AppData%\lsass.exe
%AppData%\services.exe
%AppData%\smss.exe
%AppData%\svchost.exe
%AppData%\winlogon.exe
%FontsDir%\unwise_.exe
%Programs%\startup\ctfmon.exe
%System%\amvo.exe
%System%\bttnserv.exe
%System%\chrome.exe
%System%\cmd-bro-rlx.exe
%System%\dllcache\regedit32.com
%System%\dllcache\shell32.com
%System%\dllchache.exe
%System%\dxblbq.exe
%System%\flashy.exe
%System%\igfsfdsda32.exe
%System%\isass.exe
%System%\kamsoft.exe
%System%\m5vbvm60.exe
%System%\olhrwef.exe
%System%\reader_s.exe
%System%\regsvr.exe
%System%\rund1132.exe
%System%\system.exe
%System%\ttlms.exe
%System%\wingate32.exe
%System%\winiogon.exe
%System%\wuauc1t.exe
%Templates%\11496-nendangbro.com
%UserProfile%\reader_s.exe
%Windir%\chrome.exe
%Windir%\dhcp\svchost.exe
%Windir%\regsvr.exe
%Windir%\sembako-cjzjlrg.exe
%Windir%\services.exe
%Windir%\shellnew\bbm-wpslrgjc.exe
%Windir%\svchost.exe
%Windir%\system32.exe
%Windir%\userinit.exe
c:\explorer.exe
c:\opgde.exe
c:\recycled\ctfmon.exe
c:\recycled\recycled\ctfmon.exe
c:\recycled\smss.exe
c:\recycled\spoolsv.exe
c:\recycled\svchost.exe
c:\xyw9tmdj.com
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
  • %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.