ThreatExpert's Statistics for Win32/Virut.D [AhnLab]:

Win32/Virut.D [AhnLab] is also known as:

Threat Alias	Number of Incidents
W32/Virut.gen [McAfee]	277
W32/Vetor-A [Sophos]	200
Virus.Win32.Virut.n [Kaspersky Lab]	150
PE_VIRUT.D [Trend Micro]	146
Virus:Win32/Virut.AK [Microsoft]	143
Virus.Win32.Virut.q [Kaspersky Lab]	138
W32.Virut.B [Symantec]	132
W32.Virut.U [Symantec]	125
Win32.Virut.Gen.5 [PC Tools]	112
Win32.Virut.Gen [PC Tools]	89
W32/Virut-L [Sophos]	73
PE_VIRUT.XO [Trend Micro]	68
Virus.Win32.Cheburgen.a [Ikarus]	63
Virus:Win32/Virut.L [Microsoft]	54
Virus.Virut.na [PC Tools]	52
Virus.Win32.Virut [Ikarus]	48
PE_VIRUT.XP [Trend Micro]	32
PE_VIRUT.XL [Trend Micro]	30
Virus:Win32/Virut.AE [Microsoft]	29
Virus.Win32.Sality [Ikarus]	27
Virus:Win32/Virut.K [Microsoft]	19
Virus.Win32.Virut.q [Ikarus]	15
Virus:Win32/Virut.AP [Microsoft]	13
Virus:Win32/Virut.AF [Microsoft]	11
W32.Virut.H [Symantec]	11
Virus:Win32/Virut.D [Microsoft]	9
Mal/Dorf-A, W32/Vetor-A [Sophos]	8
Trojan Horse [Symantec]	8
PE_VIRUT.XS [Trend Micro]	7
Spam-Mailbot [McAfee]	7
Mal/EncPk-BW, W32/Vetor-A [Sophos]	5
Virus.Win32.Virut.d [Kaspersky Lab]	5
Virus.Win32.Virut.n [Ikarus]	5
Virus:Win32/Virut.AR [Microsoft]	5
Email-Worm.Win32.Brontok [Ikarus]	4
PWS-Banker.gen.aa [McAfee]	4
Virus.Win32.Cheburgen [Ikarus]	4
W32.IRCBot [Symantec]	4
W32.SillyFDC [Symantec]	4
Backdoor.Win32.Refpron [Ikarus]	3
Email-Worm.Win32.Runouce [Ikarus]	3
Mal/Behav-164, W32/Vetor-A [Sophos]	3
Net-Worm.Win32.Allaple [Ikarus]	3
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]	3
PE_VIRUT.XI [Trend Micro]	3
Trojan-Clicker.Win32.VB [Ikarus]	3
Virus.Win32.Virut.bo [Ikarus]	3
Virus.Win32.Virut.p [Kaspersky Lab]	3
Virus:Win32/Virut.AG [Microsoft]	3
W32.Spybot.Worm [Symantec]	3
Win32.Virtob [Ikarus]	3
Backdoor.Rbot [Ikarus]	2
Downloader-BPL [McAfee]	2
Generic PWS.ak [McAfee]	2
Generic.Sdbot [Ikarus]	2
Hider [McAfee]	2
Mal/Behav-164, W32/Vetor-DAM [Sophos]	2
Mal/Dorf-A [Sophos]	2
Mal/TibsPak, W32/Vetor-A [Sophos]	2
Spy-Agent.bv.gen.b [McAfee]	2
Trojan.Hider.G [PC Tools]	2
Trojan-Downloader.Win32.Banload [Ikarus]	2
Trojan-Downloader.Win32.Cutwail [Ikarus]	2
Trojan-Downloader.Win32.Genome.abou [Kaspersky Lab]	2
Trojan-Dropper.Agent [Ikarus]	2
Trojan-Dropper.Delf [Ikarus]	2
Trojan-Dropper.Win32.Vaultac [Ikarus]	2
Virus.Win32.Virut.ak [Ikarus]	2
Virus:Win32/Virut.gen!B [Microsoft]	2
Virus:Win32/Virut.gen!L [Microsoft]	2
W32.Rontokbro@mm [Symantec]	2
Win32.Cadoiac.A [Ikarus]	2
Worm.AutoIT.V [PC Tools]	2
Worm.Rbot.WKL [PC Tools]	2
Backdoor.IRC.Sdbot.945 [Ikarus]	1
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Agent.aeyu [Kaspersky Lab]	1
Backdoor.Win32.Inject [Ikarus]	1
Backdoor.Win32.IRCBot [Ikarus]	1
Backdoor.Win32.Nepoe [Ikarus]	1
Backdoor.Win32.PoeBot.C [Ikarus]	1
Backdoor.Win32.Rbot [Ikarus]	1
Backdoor.Wootbot.YZ [PC Tools]	1
Backdoor:Win32/Poebot.AD [Microsoft]	1
Backdoor:Win32/Poebot.AT [Microsoft]	1
Backdoor:Win32/Poebot.BP [Microsoft]	1
Backdoor:Win32/Rbot [Microsoft]	1
Backdoor:Win32/Rbot.HB [Microsoft]	1
Email-Worm.Win32.Generic [Ikarus]	1
Email-Worm.Win32.Joleee.bed [Kaspersky Lab]	1
Email-Worm.Win32.Runouce.B [Ikarus]	1
Email-Worm.Win32.Runouce.b [Kaspersky Lab]	1
Email-Worm.Win32.VB.cb [Ikarus]	1
Hoax.Win32.BadJoke.VB [Ikarus]	1
I-Worm.Brontok.CP [PC Tools]	1
Mal/Basine-C, W32/Vetor-A [Sophos]	1
Mal/Behav-035, W32/Vetor-A [Sophos]	1
Mal/Behav-043, W32/Vetor-A [Sophos]	1
Mal/Behav-164 [Sophos]	1
Mal/Dorf-A, Mal/Dorf-E, W32/Vetor-A [Sophos]	1

Win32/Virut.D [AhnLab] has the following possible countries of origin:

Origin		Number of Incidents
	China	29
	Brazil	8
	Russian Federation	5
	United Kingdom	5
	Belgium	1
	Germany	1
	Israel	1
	Italy	1
	Portugal	1
	Romania	1
	Taiwan	1
	Thailand	1
	Turkey	1

Win32/Virut.D [AhnLab] is known to be created as:

%AppData%\br6657on.exe

%AppData%\csrss.exe

%AppData%\explorer.exe

%AppData%\inetinfo.exe

%AppData%\lsass.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\start\update.exe

%AppData%\svchost.exe

%AppData%\winlogon.exe

%CommonPrograms%\startup\ctfmon.exe

%FontsDir%\services.exe

%FontsDir%\unwise_.exe

%ProgramFiles%\movie maker\moviemk.exe

%ProgramFiles%\thunmail\testabd.exe

%Programs%\startup\ctfmon.exe

%System%\3178629.exe

%System%\3267263.exe

%System%\332.exe

%System%\3361\svchost.exe

%System%\6292775.exe

%System%\793693.exe

%System%\algi.exe

%System%\algs.exe

%System%\avpo.exe

%System%\aycxem.exe

%System%\bttnserv.exe

%System%\chrome.exe

%System%\cmd-bro-lmx.exe

%System%\cmd-brontok.exe

%System%\cmd-bro-pkx.exe

%System%\cmd-bro-rlx.exe

%System%\dllcache\agentsvr.exe

%System%\dllcache\calc.exe

%System%\dllcache\charmap.exe

%System%\dllcache\cleanmgr.exe

%System%\dllcache\cmd.exe

%System%\dllcache\conf.exe

%System%\dllcache\ctfmon.exe

%System%\dllcache\drwatson.exe

%System%\dllcache\drwtsn32.exe

%System%\dllcache\dxdiag.exe

%System%\dllcache\explorer.exe

%System%\dllcache\freecell.exe

%System%\dllcache\mmc.exe

%System%\dllcache\moviemk.exe

%System%\dllcache\msconfig.exe

%System%\dllcache\mshearts.exe

%System%\dllcache\msiexec.exe

%System%\dllcache\msimn.exe

%System%\dllcache\msinfo32.exe

%System%\dllcache\mspaint.exe

%System%\dllcache\narrator.exe

%System%\dllcache\notepad.exe

%System%\dllcache\osk.exe

%System%\dllcache\packager.exe

%System%\dllcache\perfmon.exe

%System%\dllcache\pinball.exe

%System%\dllcache\recover.exe

%System%\dllcache\redir.exe

%System%\dllcache\regapi.dll

%System%\dllcache\regedit.exe

%System%\dllcache\regedit32.com

%System%\dllcache\regedt32.exe

%System%\dllcache\regini.exe

%System%\dllcache\register.exe

%System%\dllcache\shell32.com

%System%\dllcache\sigverif.exe

%System%\dllcache\sol.exe

%System%\dllcache\spider.exe

%System%\dllcache\sysedit.exe

%System%\dllcache\syskey.exe

%System%\dllcache\taskkill.exe

%System%\dllcache\tasklist.exe

%System%\dllcache\taskman.exe

%System%\dllcache\taskmgr.exe

%System%\dllcache\twunk_16.exe

%System%\dllcache\twunk_32.exe

%System%\dllcache\utilman.exe

%System%\dllcache\verifier.exe

%System%\dllcache\wab.exe

%System%\dllcache\winlogon.exe

%System%\dllcache\winver.exe

%System%\dllcache\wordpad.exe

%System%\dllcache\wowexec.exe

%System%\dllcache\wpabaln.exe

%System%\dllcache\write.exe

%System%\dllcache\wuauclt.exe

%System%\dllcache\wuauclt1.exe

%System%\dllcache\wupdmgr.exe

%System%\dllchache.exe

%System%\drivers\mouseclass.sys

%System%\dxblbh.exe

%System%\dxblbq.exe

%System%\exlorers.exe

%System%\fastnetsrv.exe

%System%\flashy.exe

%System%\iexplorer.exe

%System%\isass.exe

%System%\jzjthx.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).