Threat Search: 

ThreatExpert's Statistics for Win32.Virut.Gen.5 [PC Tools]:

Win32.Virut.Gen.5 [PC Tools] is also known as:
Threat AliasNumber of Incidents
W32/Virut.gen [McAfee]1,145
Virus.Win32.Virut.q [Kaspersky Lab]880
W32/Vetor-A [Sophos]790
W32.Virut.U [Symantec]787
PE_VIRUT.XO [Trend Micro]406
PE_VIRUT.XP [Trend Micro]294
Virus:Win32/Virut.AP [Microsoft]239
Virus:Win32/Virut.AE [Microsoft]219
Virus.Win32.Virut.n [Kaspersky Lab]216
PE_VIRUT.XL [Trend Micro]207
PE_VIRUT.GEN-2 [Trend Micro]205
Virus:Win32/Virut.AF [Microsoft]142
Win32/Virut.D [AhnLab]112
Bloodhound.Unknown [Symantec]108
Virus.Win32.Sality [Ikarus]95
Virus:Win32/Virut.L [Microsoft]95
Trojan-Downloader.Win32.VB.bbi [Ikarus]89
Virus.Win32.Virut.o [Kaspersky Lab]66
Virus:Win32/Virut.K [Microsoft]66
Virus.Win32.Virut [Ikarus]61
PE_VIRUT.XS [Trend Micro]50
Virus:Win32/Virut.AR [Microsoft]46
Virus.Win32.Virut.q [Ikarus]33
Virus.Win32.Virut.o [Ikarus]30
PE_PAGIPEF.BS-O [Trend Micro]25
Spam-Mailbot [McAfee]19
W32.SillyFDC [Symantec]18
Email-Worm.Win32.Runouce.b [Kaspersky Lab]15
Generic FakeAlert.d [McAfee]14
W32.Spybot.Worm [Symantec]14
PWS-Gamania.gen.a [McAfee]13
Email-Worm.Win32.VB.cp [Kaspersky Lab]12
W32/MoonLig-J [Sophos]12
WORM_MOONLIGHT.C [Trend Micro]12
Email-Worm.Win32.Runouce.B [Ikarus]11
PE_Chir.B [Trend Micro]11
W32/Chir.b@MM [McAfee]11
W32/Chir-B [Sophos]11
W32.Chir.B@mm [Symantec]10
Win-Trojan/Downloader.11264.GK [AhnLab]10
Trojan-Spy.Win32.Banker.RM [Ikarus]9
W32/Virut.remnants [McAfee]9
Win-Trojan/Xema.variant [AhnLab]9
FakeAlert-AG.gen.c [McAfee]8
Virus.Win32.Virut.au [Ikarus]6
Virus.Win32.Virut.bo [Ikarus]6
Downloader [Symantec]5
Trojan Horse [Symantec]5
Virus:Win32/Virut.gen!AI [Microsoft]5
W32.Glupzy.A [Symantec]5
W32/Nuwar@MM [McAfee]5
Win32/Virut.C [AhnLab]5
Worm.Win32.AutoRun [Ikarus]5
Email-Worm.Win32.Runouce [Ikarus]4
Mal_Banker [Trend Micro]4
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]4
Trojan.Dropper [Symantec]4
Virus.Win32.Sality.s [Ikarus]4
Virus.Win32.Virut.ak [Ikarus]4
W32/Autorun.worm.bx.gen [McAfee]4
W32/Autorun.worm.eb [McAfee]4
Win32.Virtob.2 [Ikarus]4
Win32/ChiHack.6652 [AhnLab]4
Win-Trojan/Agent.11264.JZ [AhnLab]4
Backdoor:Win32/Poebot.AT [Microsoft]3
Backdoor:Win32/Poebot.BA [Microsoft]3
BackDoor-DIY [McAfee]3
Email-Worm.Win32.Brontok.N [Ikarus]3
Email-Worm.Win32.Tanatos.B [Ikarus]3
Generic.Sdbot [Ikarus]3
Mal/Behav-164, W32/Vetor-A [Sophos]3
QHosts-77 [McAfee]3
TROJ_NUWAR.DDJ [Trend Micro]3
Trojan-Clicker.Win32.Klik [Ikarus]3
Trojan-Downloader.VB.AXY [Ikarus]3
Trojan-Downloader.Win32.Small [Ikarus]3
Trojan-Dropper.Delf [Ikarus]3
Trojan-Dropper.Kobcka [Ikarus]3
Trojan-Dropper.Win32.Small.azk [Ikarus]3
Virus.Win32.Small [Ikarus]3
Virus.Win32.Virut.n [Ikarus]3
Virus:Win32/Azero.A [Microsoft]3
W32.Gammima.AG [Symantec]3
W32.Rontokbro.AN@mm [Symantec]3
W32.Rontokbro@mm [Symantec]3
W32.SillyDC [Symantec]3
W32/Dref-AW [Sophos]3
W32/Glupzy-B [Sophos]3
W32/MoonLight.worm [McAfee]3
W32/Virut [McAfee]3
Win-Trojan/Agent.9216.FL [AhnLab]3
Worm.Win32.VB.cj [Ikarus]3
Worm:Win32/Autorun.OX [Microsoft]3
WORM_AGENT.XSB [Trend Micro]3
WORM_FLASHY.B [Trend Micro]3
Backdoor.Trojan [Symantec]2
Backdoor.Win32.Hupigon.fba [Kaspersky Lab]2
Backdoor.Win32.Rbot.rqg [Kaspersky Lab]2
Backdoor.Win32.Refpron [Ikarus]2
Backdoor:Win32/Nuwar.A [Microsoft]2

Win32.Virut.Gen.5 [PC Tools] has the following possible countries of origin:
OriginNumber of Incidents
China67
Netherlands32
Russian Federation22
United Kingdom17
Brazil15
Italy12
Germany11
Thailand11
Spain8
Israel7
Republic of Korea7
France6
Portugal4
Belgium2
Denmark2
Greece2
Iran2
Taiwan2
Turkey2
Ukraine2
Canada1
Poland1
Romania1
Sweden1
Viet Nam1

Win32.Virut.Gen.5 [PC Tools] is known to be created as:
%AllUsersProfile%\desktop.exe
%AllUsersProfile%\favorites.exe
%AppData%\br6657on.exe
%AppData%\csrss.exe
%AppData%\explorer.exe
%AppData%\facegame\facegame.exe
%AppData%\inetinfo.exe
%AppData%\lsass.exe
%AppData%\microsoft\cd burning\khatra.exe
%AppData%\microsoft\nuxa.exe
%AppData%\real\ntoscore.exe
%AppData%\services.exe
%AppData%\smss.exe
%AppData%\spool.exe
%AppData%\start\update.exe
%AppData%\svchost.exe
%AppData%\update.exe
%AppData%\usrinit.exe
%AppData%\waultc.exe
%AppData%\winlogon.exe
%CommonDesktopDir%\desktop.exe
%CommonFavorites%\favorites.exe
%CommonPrograms%\programs.exe
%CommonPrograms%\startup\autorun.exe
%CommonPrograms%\startup\msconfig.exe
%DesktopDir%\desktop.exe
%FontsDir%\fonts.exe
%FontsDir%\services.exe
%FontsDir%\svchost.exe
%FontsDir%\tskmgr.exe
%FontsDir%\unwise_.exe
%LocalSettings%\explorer.exe
%LocalSettings%\services.exe
%LocalSettings%\smss.exe
%LocalSettings%\startup.exe
%LocalSettings%\svchost.exe
%LocalSettings%\winlogon.exe
%Profiles%\mscrss.exe
%ProgramFiles%\antivirus 2008\antvrs.exe
%ProgramFiles%\common files\adobeupdate.exe
%ProgramFiles%\common files\system\msasp32.exe
%ProgramFiles%\common files\system\msiwa32.exe
%ProgramFiles%\justzipit\justzipit.exe
%ProgramFiles%\microsoft common\wuauclt.exe
%ProgramFiles%\microsoft office\winword.exe
%ProgramFiles%\mirc\irc bot\services.exe
%ProgramFiles%\thunmail\testabd.exe
%ProgramFiles%\twain\twain.exe
%ProgramFiles%\xpcode\sexgame.exe
%ProgramFiles%\xpcode\sexscreensaver.scr
%Programs%\startup\findfast.exe
%System%\_svchost.exe
%System%\0617152d\services.exe
%System%\1126\ctfmon.exe
%System%\28463\naje.exe
%System%\3361\svchost.exe
%System%\440510867285l.exe
%System%\4e17c240.exe
%System%\6292775.exe
%System%\662832100427l.exe
%System%\662832180427l.exe
%System%\673843201528l.exe
%System%\793693.exe
%System%\8040\data.exe
%System%\8040\lsass.exe
%System%\8040\svchost.exe
%System%\884054312630l.exe
%System%\abyl.exe
%System%\afub.exe
%System%\algi.exe
%System%\algs.exe
%System%\amvo.exe
%System%\autochl.exe
%System%\avsp.exe
%System%\blastclnnn.exe
%System%\bttnserv.exe
%System%\ccapps.exe
%System%\chrome.exe
%System%\ckvo.exe
%System%\cmd.com
%System%\cmd-bro-ikx.exe
%System%\cmd-brontok.exe
%System%\cmd-bro-pkx.exe
%System%\cmd-bro-plx.exe
%System%\cmd-bro-rlx.exe
%System%\com\lsass.exe
%System%\cpl32ver.exe
%System%\csrs.exe
%System%\csrsc.exe
%System%\cyf5k4u.exe
%System%\dllcache\default.exe
%System%\dllcache\global.exe
%System%\dllcache\log.exe
%System%\dllcache\qxchost.exe
%System%\dllcache\rtsecar.exe
%System%\dllcache\svchost.exe
%System%\dllcache\winlogon.exe
%System%\dllcache\winppa.exe
%System%\dllcache\zipexr.dll
%System%\drivers\ctfmon.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).