Threat Search: 

ThreatExpert's Statistics for W32.Virut.CF [Symantec]:

W32.Virut.CF [Symantec] is also known as:
Threat AliasNumber of Incidents
Virus.Win32.Virut.ce [Kaspersky Lab]3,094
W32/Scribble-B [Sophos]2,871
Virus:Win32/Virut.BM [Microsoft]2,830
Win32/Virut.F [AhnLab]2,131
W32/Virut.n.gen [McAfee]1,901
Win32/Virut.E [AhnLab]849
Malware.Virut [PC Tools]562
New Win32 [McAfee]480
Virus:Win32/Virut.gen!O [Microsoft]342
W32/Virut.n [McAfee]304
W32/Scribble-A [Sophos]293
New Win32.g4 [McAfee]172
Virus.Win32.Sality [Ikarus]129
Virus.Win32.Virut [Ikarus]117
PE_VIRUX.H-3 [Trend Micro]115
Virus:Win32/Virut.gen!E [Microsoft]105
New Poly Win32 [McAfee]93
Mal/HckPk-A, W32/Scribble-B [Sophos]89
Virus.Win32.Bifrose [Ikarus]60
PE_VIRUX.E-2 [Trend Micro]50
Virus.Win32.Virut.bo [Ikarus]48
Mal/Bifrose-S, W32/Scribble-B [Sophos]46
Trojan-Banker.Win32.Bancos [Ikarus]40
PE_VIRUX.A-1 [Trend Micro]37
PE_VIRUX.E-3 [Trend Micro]36
PE_VIRUX.A [Trend Micro]33
Spam-Mailbot [McAfee]33
Trojan-Downloader.Win32.Agent.czsd [Kaspersky Lab]32
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]29
BackDoor-CEP.gen.au [McAfee]26
Trojan-Spy.Win32.Banker.RM [Ikarus]23
Virus.Win32.Virut.q [Ikarus]23
W32.Virut [Ikarus]23
Backdoor.Rbot [Ikarus]22
PE_VIRUX.F-2 [Trend Micro]22
Trojan-Downloader.Win32.Cutwail [Ikarus]22
W32/Sdbot.worm.gen.g [McAfee]22
WORM_RBOT.GEN-1 [Trend Micro]22
Backdoor.Win32.Popwin [Ikarus]21
Virus.Virut.j [PC Tools]21
W32/Rbot-Fam, W32/Scribble-B [Sophos]21
Worm.Akbot.Gen [PC Tools]21
Exploit.Win32.IMG-WMF [Ikarus]20
New Win32.g2 [McAfee]20
Trojan.Win32.Banker [Ikarus]20
Backdoor.Win32.Small.uc [Kaspersky Lab]19
PE_VIRUX.F-3 [Trend Micro]19
New Win32.g3 [McAfee]17
Mal/Scribble-C, W32/Scribble-B [Sophos]16
Packed.Win32.Koblu [Ikarus]15
Trojan-Dropper.Agent [Ikarus]15
Backdoor.Win32.Bifrose [Ikarus]14
Spammer [Ikarus]14
Backdoor.Win32.Beastdoor [Ikarus]12
Spam-Mailbot.h.gen.a [McAfee]12
Trojan-Downloader.Win32.Banload [Ikarus]12
Virus.Win32.JunkPoly [Ikarus]12
Virus.Win32.Virtob [Ikarus]12
Virus.Win32.Virut.n [Ikarus]12
Mal/FakeVirPk-A, W32/Scribble-B [Sophos]11
Mal/HckPk-A [Sophos]11
Trojan.Win32.Agent2.hxw [Kaspersky Lab]11
Trojan.Win32.Patched [Ikarus]11
Trojan-Spy.Win32.VB [Ikarus]11
Virus:Win32/Virut.gen!M [Microsoft]11
Win-Trojan/Midgare.32256 [AhnLab]11
Backdoor.Win32.Refpron [Ikarus]10
Mal/Bifrose-S, Mal/Bifrose-S, W32/Scribble-B [Sophos]10
PWS-Banker [McAfee]10
TrojanProxy:Win32/Slenugga.A [Microsoft]10
BackDoor-CEP.gen.g [McAfee]9
Generic PWS.ak [McAfee]9
Trojan-Clicker.Win32.VB [Ikarus]9
Win32.Cadoiac.A [Ikarus]9
PE_VIRUX.E-4 [Trend Micro]8
PE_VIRUX.J-4 [Trend Micro]8
Trojan.Midgare.hhn [PC Tools]8
Trojan:Win32/Puzlice.A [Microsoft]8
Trojan-Clicker.Win32.Delf [Ikarus]8
Trojan-Downloader.Win32.Small [Ikarus]8
VirTool.Win32.DelfInject [Ikarus]8
Backdoor.Win32.Bifrose.fpb [Kaspersky Lab]7
Backdoor:Win32/Refpron.M [Microsoft]7
BKDR_AHZE.NY [Trend Micro]7
Mal/EncPk-HJ, W32/Scribble-B [Sophos]7
New Malware.bj [McAfee]7
Packed.Win32.Katusha.c [Kaspersky Lab]7
PE_VIRUX.D-1 [Trend Micro]7
Trojan-Dropper [Ikarus]7
Virus.Trojan.Win32.Midgare [Ikarus]7
W32/DelpBck-Gen [Sophos]7
Backdoor.Win32.Small.tv [Kaspersky Lab]6
Cutwail [McAfee]6
Mal/Generic-A [Sophos]6
New Malware.fa [McAfee]6
P2P-Worm.Win32.Palevo [Ikarus]6
Packed.Win32.Krap.b [Kaspersky Lab]6
Trojan Horse [Symantec]6
Trojan-Downloader.Win32.Zlob [Ikarus]6
Trojan-Dropper.VB.ggm [PC Tools]6

W32.Virut.CF [Symantec] has the following possible countries of origin:
OriginNumber of Incidents
China420
Russian Federation124
Sweden94
Germany65
Spain44
United Kingdom41
Brazil22
France20
Saudi Arabia19
Taiwan19
Italy14
Poland13
Turkey12
Australia7
Belgium7
Israel7
Portugal7
Netherlands6
Czech Republic5
Egypt4
Greece4
Republic of Korea3
Austria2
Canada2
Hungary2
Jordan2
Norway2
Chile1
Indonesia1
Iran1
Iraq1
Japan1
Lebanon1
Oman1
Romania1
Slovakia1
Slovenia1
Syria1

W32.Virut.CF [Symantec] is known to be created as:
%AppData%\csrss.exe
%AppData%\e4u.exe
%AppData%\microsoft\windows\lsass.exe
%AppData%\sysdate32.exe
%CommonPrograms%\chkdisk.exe
%CommonPrograms%\startup\startup.exe
%FontsDir%\logcde.dll
%FontsDir%\services.exe
%FontsDir%\uninstall_.exe
%FontsDir%\unwise_.exe
%FontsDir%\windef.dll
%LocalSettings%\carbon.exe
%LocalSettings%\tempkey.exe
%ProgramFiles%\alphaant\alpha.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\bifrost\sosue.exe
%ProgramFiles%\common files\system\msasp32.exe
%ProgramFiles%\gamazer.3.exe
%ProgramFiles%\manson\liser.exe
%ProgramFiles%\microsoft common\svchost.exe
%ProgramFiles%\movie maker\svchost.exe
%ProgramFiles%\no-ip\duc20.exe
%ProgramFiles%\superantispyware\keygen.exe
%ProgramFiles%\thunmail\testabd.exe
%ProgramFiles%\windows\csrss.exe
%System%\.00cd1a40\00cd1a40.exe
%System%\1054v.exe
%System%\1061044.exe
%System%\1114878.exe
%System%\1124216.exe
%System%\1392618.exe
%System%\1438649.exe
%System%\1472391.exe
%System%\1502472.exe
%System%\1587167.exe
%System%\1673281.exe
%System%\1772553.exe
%System%\1775869.exe
%System%\1949257.exe
%System%\2501627.exe
%System%\2713724.exe
%System%\28463\svchost.exe
%System%\2851786.exe
%System%\28892.exe
%System%\294748.exe
%System%\2985758.exe
%System%\3361\svchost.exe
%System%\3429789.exe
%System%\3555246.exe
%System%\3649343.exe
%System%\3780283.exe
%System%\3827158.exe
%System%\3833211.exe
%System%\3967233.exe
%System%\3976359.exe
%System%\4067301.exe
%System%\4121012.exe
%System%\4337687.exe
%System%\4348703.exe
%System%\4350657.exe
%System%\4358164.exe
%System%\4548869.exe
%System%\4662394.exe
%System%\467663.exe
%System%\5220132.exe
%System%\5510813.exe
%System%\5556131.exe
%System%\5621714.exe
%System%\5781036.exe
%System%\5919718.exe
%System%\5922922.exe
%System%\5934549.exe
%System%\5941568.exe
%System%\6180215.exe
%System%\6383005.exe
%System%\6424219.exe
%System%\6568857.exe
%System%\6603799.exe
%System%\7607646.exe
%System%\8010345.exe
%System%\8062185.exe
%System%\8076701.exe
%System%\8149465.exe
%System%\8293861.exe
%System%\8502908.exe
%System%\8661598.exe
%System%\8938547.exe
%System%\9189962.exe
%System%\9305519.exe
%System%\9474588.exe
%System%\9480844.exe
%System%\9749246.exe
%System%\adodca.exe
%System%\afisicx.exe
%System%\amvo.exe
%System%\ansid.exe
%System%\ashevtsvc.exe
%System%\autmgr.exe
%System%\av_md.exe
%System%\bifrost\server.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).