ThreatExpert's Statistics for W32/Scribble-B [Sophos]:

W32/Scribble-B [Sophos] is also known as:

Threat Alias	Number of Incidents
W32.Virut.CF [Symantec]	2,871
Virus.Win32.Virut.ce [Kaspersky Lab]	2,772
Virus:Win32/Virut.BM [Microsoft]	2,324
Win32/Virut.F [AhnLab]	2,074
W32/Virut.n.gen [McAfee]	1,883
Win32/Virut.E [AhnLab]	808
Malware.Virut [PC Tools]	470
New Win32 [McAfee]	420
Virus:Win32/Virut.gen!O [Microsoft]	340
New Win32.g4 [McAfee]	147
W32/Virut.n [McAfee]	133
Virus.Win32.Virut [Ikarus]	116
PE_VIRUX.H-3 [Trend Micro]	111
Virus:Win32/Virut.gen!E [Microsoft]	92
Virus.Win32.Sality [Ikarus]	83
New Poly Win32 [McAfee]	57
PE_VIRUX.E-2 [Trend Micro]	56
Virus.Win32.Virut.bo [Ikarus]	41
PE_VIRUX.E-3 [Trend Micro]	36
Trojan-Downloader.Win32.Agent.czsd [Kaspersky Lab]	34
Trojan-Banker.Win32.Bancos [Ikarus]	32
PE_VIRUX.A-1 [Trend Micro]	30
PE_VIRUX.F-2 [Trend Micro]	28
Virus.Win32.Bifrose [Ikarus]	25
Spam-Mailbot [McAfee]	24
New Win32.g2 [McAfee]	23
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]	23
W32.Virut [Ikarus]	22
PE_VIRUX.F-3 [Trend Micro]	21
Virus.Virut.j [PC Tools]	21
Backdoor.Win32.Small.uc [Kaspersky Lab]	20
Trojan-Spy.Win32.Banker.RM [Ikarus]	20
Trojan.Win32.Banker [Ikarus]	19
Trojan-Downloader.Win32.Cutwail [Ikarus]	19
PE_VIRUX.A [Trend Micro]	17
Trojan:Win32/Puzlice.A [Microsoft]	17
Exploit.Win32.IMG-WMF [Ikarus]	16
Trojan-Dropper.Agent [Ikarus]	16
TrojanDropper:Win32/Puzlice.A [Microsoft]	16
Trojan-Spy.Win32.VB [Ikarus]	16
Backdoor.Win32.Popwin [Ikarus]	15
Spammer [Ikarus]	13
Virus.Win32.Virut.q [Ikarus]	13
Backdoor.Win32.Beastdoor [Ikarus]	12
Backdoor.Win32.Bifrose [Ikarus]	12
New Win32.g3 [McAfee]	12
VirTool.Win32.DelfInject [Ikarus]	11
Virus.Win32.Virtob [Ikarus]	11
Generic PWS.ak [McAfee]	10
Spam-Mailbot.h.gen.a [McAfee]	10
Trojan.Win32.Agent2.hxw [Kaspersky Lab]	10
Trojan-Downloader.Win32.Banload [Ikarus]	10
Backdoor.Win32.Refpron [Ikarus]	9
Packed.Win32.Koblu [Ikarus]	9
PE_VIRUX.E-4 [Trend Micro]	9
Trojan-Clicker.Win32.Delf [Ikarus]	9
Trojan-Clicker.Win32.VB [Ikarus]	9
Trojan-Downloader.Win32.Small [Ikarus]	9
TrojanProxy:Win32/Slenugga.A [Microsoft]	9
Virus.Win32.Virut.n [Ikarus]	9
PE_VIRUX.D-1 [Trend Micro]	8
PE_VIRUX.J-4 [Trend Micro]	8
Spy-Agent.bv.gen.b [McAfee]	8
Trojan Horse [Symantec]	8
Virus:Win32/Virut.gen!N [Microsoft]	8
Trojan.Win32.Patched [Ikarus]	7
Trojan-Dropper [Ikarus]	7
Win32.Cadoiac.A [Ikarus]	7
Backdoor:Win32/Refpron.M [Microsoft]	6
Downloader [Symantec]	6
Gen.Malware [Ikarus]	6
Trojan-Dropper.VB.ggm [PC Tools]	6
W32.SillyFDC [Symantec]	6
Win32.Virtob [Ikarus]	6
Win-Trojan/Spammer.31744 [AhnLab]	6
Backdoor.Win32.Small.uh [Kaspersky Lab]	5
Packed.Win32.Krap.b [Kaspersky Lab]	5
Trojan.Crypt [Ikarus]	5
Trojan.Win32.VB [Ikarus]	5
Trojan-Clicker.VB.cwf [PC Tools]	5
Trojan-Clicker.Win32.VB.cvg [Ikarus]	5
Trojan-Downloader.LoadAdv [Ikarus]	5
Trojan-Downloader.Win32.Zlob [Ikarus]	5
Trojan-PWS.Win32.LdPinch [Ikarus]	5
Trojan-Spy.Win32.Banker [Ikarus]	5
VirTool.Win32.VBInject [Ikarus]	5
Vundo.gen.aq [McAfee]	5
W32.Imaut [Symantec]	5
W32.IRCBot [Symantec]	5
W32/Sality.gen [McAfee]	5
Win32/ReaBot.worm.60929 [AhnLab]	5
Worm.Win32.AutoRun [Ikarus]	5
Worm:Win32/Taterf.B [Microsoft]	5
Backdoor.Win32.Poison [Ikarus]	4
Backdoor.Win32.PoisonIvy.az [Ikarus]	4
Backdoor.Win32.VB [Ikarus]	4
P2P-Worm.Win32.Palevo [Ikarus]	4
PE_VIRUX.J-3 [Trend Micro]	4
PWS-Banker [McAfee]	4
Trojan.Autoit [Ikarus]	4

W32/Scribble-B [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	377
	Russian Federation	135
	Germany	56
	Sweden	54
	Spain	43
	United Kingdom	41
	Saudi Arabia	18
	France	17
	Brazil	15
	Taiwan	15
	Poland	13
	Italy	11
	Turkey	10
	Australia	7
	Israel	7
	Netherlands	6
	Portugal	5
	Czech Republic	4
	Egypt	4
	Belgium	3
	Greece	3
	Iran	3
	Austria	2
	Iraq	2
	Jordan	2
	Slovenia	2
	Canada	1
	Chile	1
	Finland	1
	Hungary	1
	Japan	1
	Lebanon	1
	Norway	1
	Oman	1
	Romania	1
	Slovakia	1
	Syria	1

W32/Scribble-B [Sophos] is known to be created as:

%AllUsersProfile%\desktop.exe

%AllUsersProfile%\favorites.exe

%AppData%\sysdate32.exe

%CommonDesktopDir%\desktop.exe

%CommonFavorites%\favorites.exe

%CommonPrograms%\chkdisk.exe

%CommonPrograms%\startup\startup.exe

%DesktopDir%\desktop.exe

%FontsDir%\fonts.exe

%FontsDir%\logcde.dll

%FontsDir%\services.exe

%FontsDir%\svchost.exe

%FontsDir%\tskmgr.exe

%FontsDir%\uninstall_.exe

%FontsDir%\unwise_.exe

%FontsDir%\windef.dll

%LocalSettings%\tempkey.exe

%ProgramFiles%\alphaant\alpha.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\common files\system\msasp32.exe

%ProgramFiles%\gamazer.3.exe

%ProgramFiles%\internet explorer\mui.exe

%ProgramFiles%\internet explorer\mui\0409.exe

%ProgramFiles%\internet explorer\mui\0409\0409.exe

%ProgramFiles%\internet explorer\mui\mui.exe

%ProgramFiles%\kegen.exe

%ProgramFiles%\manson\liser.exe

%ProgramFiles%\meex.exe

%ProgramFiles%\messenger.exe

%ProgramFiles%\messenger\messenger.exe

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\netmeeting.exe

%ProgramFiles%\netmeeting\netmeeting.exe

%ProgramFiles%\no-ip\duc20.exe

%ProgramFiles%\thunmail\testabd.exe

%ProgramFiles%\windows media player\skins.exe

%ProgramFiles%\windows media player\skins\skins.exe

%ProgramFiles%\windows\csrss.exe

%ProgramFiles%\winpcap.exe

%ProgramFiles%\winpcap\winpcap.exe

%System%\.00cd1a40\00cd1a40.exe

%System%\1054v.exe

%System%\1061044.exe

%System%\1114878.exe

%System%\1124216.exe

%System%\1163889.exe

%System%\1392618.exe

%System%\1438649.exe

%System%\1472391.exe

%System%\1502472.exe

%System%\155309.exe

%System%\1587167.exe

%System%\1673281.exe

%System%\1772553.exe

%System%\1775869.exe

%System%\1949257.exe

%System%\2501627.exe

%System%\2713724.exe

%System%\28463\svchost.exe

%System%\2851786.exe

%System%\28892.exe

%System%\294748.exe

%System%\2985758.exe

%System%\3216959.exe

%System%\3361\svchost.exe

%System%\3362833.exe

%System%\3429789.exe

%System%\3555246.exe

%System%\3649343.exe

%System%\3780283.exe

%System%\3824534.exe

%System%\3827158.exe

%System%\3833211.exe

%System%\3955942.exe

%System%\3967233.exe

%System%\3976359.exe

%System%\4067301.exe

%System%\4121012.exe

%System%\4337687.exe

%System%\4348703.exe

%System%\4350657.exe

%System%\4358164.exe

%System%\4548869.exe

%System%\4662394.exe

%System%\467663.exe

%System%\5220132.exe

%System%\5510813.exe

%System%\5556131.exe

%System%\5581308.exe

%System%\5621714.exe

%System%\5700937.exe

%System%\5781036.exe

%System%\5791727.exe

%System%\5915293.exe

%System%\5919718.exe

%System%\5922922.exe

%System%\5934549.exe

%System%\5941568.exe

%System%\6180215.exe

%System%\6383005.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).