ThreatExpert's Statistics for W32/Xirtem@MM [McAfee]:

W32/Xirtem@MM [McAfee] is also known as:

Threat Alias	Number of Incidents
VirTool:Win32/CeeInject.gen!J [Microsoft]	21
W32.Ackantta@mm [Symantec]	14
Worm.Win32.AutoRun [Ikarus]	13
Mal/CryptBox-A [Sophos]	12
Mal/VB-AD [Sophos]	11
Trojan Horse [Symantec]	11
VirTool:Win32/VBInject.gen!BF [Microsoft]	11
W32.Ackantta.F@mm [Symantec]	11
Worm:Win32/Prolaco.gen!B [Microsoft]	11
Win-Trojan/VBInject.258088 [AhnLab]	9
Packed.Win32.Tdss.c [Kaspersky Lab]	8
Troj/Agent-ISF [Sophos]	8
W32/Autorun-XI [Sophos]	8
Win-Trojan/Xema.variant [AhnLab]	8
Worm.Win32.AutoRun.eve [Kaspersky Lab]	8
Trojan.Win32.Buzus [Ikarus]	6
Trojan.Win32.Inject.akjn [Kaspersky Lab]	6
Backdoor.Hupigon [PC Tools]	5
Email-Worm.Agent!sd6 [PC Tools]	5
Email-Worm.Win32.Agent.gfm [Kaspersky Lab]	5
Trojan.Dropper [Symantec]	5
W32/AutoVrt-Gen, Mal/CryptBox-A [Sophos]	5
Worm.Win32.AutoRun.uhr [Kaspersky Lab]	5
Worm:Win32/Prolaco.gen!C [Microsoft]	5
Backdoor.Trojan [Symantec]	4
Email-Worm.Ackantta [PC Tools]	4
Packed.Win32.Tdss [Ikarus]	4
Rootkit.TDSS!sd6 [PC Tools]	4
Rootkit.Win32.TDSS [Ikarus]	4
VirTool.Win32.CeeInject [Ikarus]	4
VirTool:Win32/DelfInject.gen!L [Microsoft]	4
W32/Scribble-B [Sophos]	4
Win32/Virut.E [AhnLab]	4
Worm.Win32.Prolaco [Ikarus]	4
W32.Ackantta.B@mm [Symantec]	3
Hacktool.Spammer [Symantec]	2
Mal/CryptBox-A, Mal/Behav-319 [Sophos]	2
PE_VIRUX.F-2 [Trend Micro]	2
Rootkit.Win32.TDSS.eyj [Kaspersky Lab]	2
Trojan.Buzus!sd6 [PC Tools]	2
Trojan-Dropper.Agent [Ikarus]	2
Trojan-Dropper.Win32.Agent.aefe [Kaspersky Lab]	2
W32.Ackantta.G@mm [Symantec]	2
W32.Mytob@mm [Symantec]	2
Win32/Autorun.worm.78848 [AhnLab]	2
Win32/Spammer.worm.346112 [AhnLab]	2
Backdoor.Win32.Hupigon.fbom [Kaspersky Lab]	1
Dropper/Agent.349696.B [AhnLab]	1
Email-Worm.Win32.Agent.gew [Kaspersky Lab]	1
Email-Worm.Win32.Agent.kf [Kaspersky Lab]	1
Hacktool.Spammer!sd6 [PC Tools]	1
HeurEngine.MaliciousPacker [PC Tools]	1
Mal/FakeAV-AX [Sophos]	1
Mal/Generic-A, Mal/CryptBox-A [Sophos]	1
Mal/Prolaco-A, Mal/CryptBox-A [Sophos]	1
Packed.Generic.264 [Symantec]	1
Trojan.Agent.ASDJ [PC Tools]	1
Trojan.IRCBot [PC Tools]	1
Trojan.Win32.Buzus.albs [Kaspersky Lab]	1
Trojan.Win32.Buzus.alvw [Kaspersky Lab]	1
Trojan.Win32.Buzus.amkd [Kaspersky Lab]	1
Trojan.Win32.Buzus.aole [Kaspersky Lab]	1
Trojan.Win32.Buzus.cgqa [Kaspersky Lab]	1
Trojan.Win32.Buzus.cgys [Kaspersky Lab]	1
Trojan.Win32.Buzus.ciyw [Kaspersky Lab]	1
Trojan.Win32.Buzus.cpcu [Kaspersky Lab]	1
Trojan.Win32.Buzus.cvcz [Kaspersky Lab]	1
Trojan.Win32.FraudPack.vtk [Kaspersky Lab]	1
Trojan.Win32.Inject.aetb [Kaspersky Lab]	1
Trojan.Win32.Small [Ikarus]	1
Trojan.Zbot [Ikarus]	1
Trojan-Downloader.Injecter [PC Tools]	1
Trojan-Downloader.Win32.Injecter.bca [Kaspersky Lab]	1
VirTool:Win32/DelfInject.gen!AG [Microsoft]	1
W32.IRCBot [Symantec]	1
W32.SillyFDC [Symantec]	1
W32/Autorun-AAE [Sophos]	1
W32/Autorun-RI [Sophos]	1
W32/Autorun-RU [Sophos]	1
Win32/Ceein.worm.449024 [AhnLab]	1
Win-Trojan/Buzus.218624.C [AhnLab]	1
Win-Trojan/Buzus.240128.D [AhnLab]	1
Win-Trojan/Buzus.292352 [AhnLab]	1
Win-Trojan/Buzus.304640.C [AhnLab]	1
Win-Trojan/Buzus.323072.F [AhnLab]	1
Win-Trojan/BypassAgent.441344 [AhnLab]	1
Win-Trojan/BypassAgent.517120 [AhnLab]	1
Win-Trojan/CeeInject.449536 [AhnLab]	1
Win-Trojan/Fraudpack.2082304.B [AhnLab]	1
Win-Trojan/Injector.79872 [AhnLab]	1
Win-Trojan/Malware.451584 [AhnLab]	1
Win-Trojan/VBInject.544808 [AhnLab]	1
Worm.AutoRun!sd6 [PC Tools]	1
Worm.Win32.AutoRun.esn [Kaspersky Lab]	1
Worm:Win32/Prolaco.A@mm [Microsoft]	1
Worm:Win32/Prolaco.B [Microsoft]	1
Worm:Win32/Prolaco.D [Microsoft]	1
Worm:Win32/Prolaco.G [Microsoft]	1

W32/Xirtem@MM [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	1
	United Kingdom	1

W32/Xirtem@MM [McAfee] is known to be created as:

%CommonAppData%\2deb8\wp064.exe

%CommonAppData%\fcc6\windowsedefender.exe

%System%\crs.exe

%System%\crss.exe

%System%\daemon.exe

%System%\ipx.exe

%System%\java13.exe

%System%\java2.exe

%System%\javacpl.exe

%System%\javacypt.exe

%System%\javafxs.exe

%System%\javajre.exe

%System%\javame.exe

%System%\javame2.exe

%System%\javap3.exe

%System%\javare.exe

%System%\javarun.exe

%System%\javaup.exe

%System%\javaw.exe

%System%\jqsched.exe

%System%\jrsched.exe

%System%\jrshed.exe

%System%\juschd.exe

%System%\jushed.exe

%System%\jushid.exe

%System%\mf.exe

%System%\reader_s.exe

%System%\vxworks.exe

%System%\wmimngr.exe

%UserProfile%\reader_s.exe

%Windir%\jvm.exe

Notes:

%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.