ThreatExpert's Statistics for Win32.Virut.Gen.5 [PC Tools]:

Win32.Virut.Gen.5 [PC Tools] is also known as:

Threat Alias	Number of Incidents
W32/Virut.gen [McAfee]	1,145
Virus.Win32.Virut.q [Kaspersky Lab]	880
W32/Vetor-A [Sophos]	790
W32.Virut.U [Symantec]	787
PE_VIRUT.XO [Trend Micro]	406
PE_VIRUT.XP [Trend Micro]	294
Virus:Win32/Virut.AP [Microsoft]	239
Virus:Win32/Virut.AE [Microsoft]	219
Virus.Win32.Virut.n [Kaspersky Lab]	216
PE_VIRUT.XL [Trend Micro]	207
PE_VIRUT.GEN-2 [Trend Micro]	205
Virus:Win32/Virut.AF [Microsoft]	142
Win32/Virut.D [AhnLab]	112
Bloodhound.Unknown [Symantec]	108
Virus.Win32.Sality [Ikarus]	95
Virus:Win32/Virut.L [Microsoft]	95
Trojan-Downloader.Win32.VB.bbi [Ikarus]	89
Virus.Win32.Virut.o [Kaspersky Lab]	66
Virus:Win32/Virut.K [Microsoft]	66
Virus.Win32.Virut [Ikarus]	61
PE_VIRUT.XS [Trend Micro]	50
Virus:Win32/Virut.AR [Microsoft]	46
Virus.Win32.Virut.q [Ikarus]	33
Virus.Win32.Virut.o [Ikarus]	30
PE_PAGIPEF.BS-O [Trend Micro]	25
Spam-Mailbot [McAfee]	19
W32.SillyFDC [Symantec]	18
Email-Worm.Win32.Runouce.b [Kaspersky Lab]	15
Generic FakeAlert.d [McAfee]	14
W32.Spybot.Worm [Symantec]	14
PWS-Gamania.gen.a [McAfee]	13
Email-Worm.Win32.VB.cp [Kaspersky Lab]	12
W32/MoonLig-J [Sophos]	12
WORM_MOONLIGHT.C [Trend Micro]	12
Email-Worm.Win32.Runouce.B [Ikarus]	11
PE_Chir.B [Trend Micro]	11
W32/Chir.b@MM [McAfee]	11
W32/Chir-B [Sophos]	11
W32.Chir.B@mm [Symantec]	10
Win-Trojan/Downloader.11264.GK [AhnLab]	10
Trojan-Spy.Win32.Banker.RM [Ikarus]	9
W32/Virut.remnants [McAfee]	9
Win-Trojan/Xema.variant [AhnLab]	9
FakeAlert-AG.gen.c [McAfee]	8
Virus.Win32.Virut.au [Ikarus]	6
Virus.Win32.Virut.bo [Ikarus]	6
Downloader [Symantec]	5
Trojan Horse [Symantec]	5
Virus:Win32/Virut.gen!AI [Microsoft]	5
W32.Glupzy.A [Symantec]	5
W32/Nuwar@MM [McAfee]	5
Win32/Virut.C [AhnLab]	5
Worm.Win32.AutoRun [Ikarus]	5
Email-Worm.Win32.Runouce [Ikarus]	4
Mal_Banker [Trend Micro]	4
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]	4
Trojan.Dropper [Symantec]	4
Virus.Win32.Sality.s [Ikarus]	4
Virus.Win32.Virut.ak [Ikarus]	4
W32/Autorun.worm.bx.gen [McAfee]	4
W32/Autorun.worm.eb [McAfee]	4
Win32.Virtob.2 [Ikarus]	4
Win32/ChiHack.6652 [AhnLab]	4
Win-Trojan/Agent.11264.JZ [AhnLab]	4
Backdoor:Win32/Poebot.AT [Microsoft]	3
Backdoor:Win32/Poebot.BA [Microsoft]	3
BackDoor-DIY [McAfee]	3
Email-Worm.Win32.Brontok.N [Ikarus]	3
Email-Worm.Win32.Tanatos.B [Ikarus]	3
Generic.Sdbot [Ikarus]	3
Mal/Behav-164, W32/Vetor-A [Sophos]	3
QHosts-77 [McAfee]	3
TROJ_NUWAR.DDJ [Trend Micro]	3
Trojan-Clicker.Win32.Klik [Ikarus]	3
Trojan-Downloader.VB.AXY [Ikarus]	3
Trojan-Downloader.Win32.Small [Ikarus]	3
Trojan-Dropper.Delf [Ikarus]	3
Trojan-Dropper.Kobcka [Ikarus]	3
Trojan-Dropper.Win32.Small.azk [Ikarus]	3
Virus.Win32.Small [Ikarus]	3
Virus.Win32.Virut.n [Ikarus]	3
Virus:Win32/Azero.A [Microsoft]	3
W32.Gammima.AG [Symantec]	3
W32.Rontokbro.AN@mm [Symantec]	3
W32.Rontokbro@mm [Symantec]	3
W32.SillyDC [Symantec]	3
W32/Dref-AW [Sophos]	3
W32/Glupzy-B [Sophos]	3
W32/MoonLight.worm [McAfee]	3
W32/Virut [McAfee]	3
Win-Trojan/Agent.9216.FL [AhnLab]	3
Worm.Win32.VB.cj [Ikarus]	3
Worm:Win32/Autorun.OX [Microsoft]	3
WORM_AGENT.XSB [Trend Micro]	3
WORM_FLASHY.B [Trend Micro]	3
Backdoor.Trojan [Symantec]	2
Backdoor.Win32.Hupigon.fba [Kaspersky Lab]	2
Backdoor.Win32.Rbot.rqg [Kaspersky Lab]	2
Backdoor.Win32.Refpron [Ikarus]	2
Backdoor:Win32/Nuwar.A [Microsoft]	2

Win32.Virut.Gen.5 [PC Tools] has the following possible countries of origin:

Origin		Number of Incidents
	China	67
	Netherlands	32
	Russian Federation	22
	United Kingdom	17
	Brazil	15
	Italy	12
	Germany	11
	Thailand	11
	Spain	8
	Israel	7
	Republic of Korea	7
	France	6
	Portugal	4
	Belgium	2
	Denmark	2
	Greece	2
	Iran	2
	Taiwan	2
	Turkey	2
	Ukraine	2
	Canada	1
	Poland	1
	Romania	1
	Sweden	1
	Viet Nam	1

Win32.Virut.Gen.5 [PC Tools] is known to be created as:

%AllUsersProfile%\desktop.exe

%AllUsersProfile%\favorites.exe

%AppData%\br6657on.exe

%AppData%\csrss.exe

%AppData%\explorer.exe

%AppData%\facegame\facegame.exe

%AppData%\inetinfo.exe

%AppData%\lsass.exe

%AppData%\microsoft\cd burning\khatra.exe

%AppData%\microsoft\nuxa.exe

%AppData%\real\ntoscore.exe

%AppData%\services.exe

%AppData%\smss.exe

%AppData%\spool.exe

%AppData%\start\update.exe

%AppData%\svchost.exe

%AppData%\update.exe

%AppData%\usrinit.exe

%AppData%\waultc.exe

%AppData%\winlogon.exe

%CommonDesktopDir%\desktop.exe

%CommonFavorites%\favorites.exe

%CommonPrograms%\programs.exe

%CommonPrograms%\startup\autorun.exe

%CommonPrograms%\startup\msconfig.exe

%DesktopDir%\desktop.exe

%FontsDir%\fonts.exe

%FontsDir%\services.exe

%FontsDir%\svchost.exe

%FontsDir%\tskmgr.exe

%FontsDir%\unwise_.exe

%LocalSettings%\explorer.exe

%LocalSettings%\services.exe

%LocalSettings%\smss.exe

%LocalSettings%\startup.exe

%LocalSettings%\svchost.exe

%LocalSettings%\winlogon.exe

%Profiles%\mscrss.exe

%ProgramFiles%\antivirus 2008\antvrs.exe

%ProgramFiles%\common files\adobeupdate.exe

%ProgramFiles%\common files\system\msasp32.exe

%ProgramFiles%\common files\system\msiwa32.exe

%ProgramFiles%\justzipit\justzipit.exe

%ProgramFiles%\microsoft common\wuauclt.exe

%ProgramFiles%\microsoft office\winword.exe

%ProgramFiles%\mirc\irc bot\services.exe

%ProgramFiles%\thunmail\testabd.exe

%ProgramFiles%\twain\twain.exe

%ProgramFiles%\xpcode\sexgame.exe

%ProgramFiles%\xpcode\sexscreensaver.scr

%Programs%\startup\findfast.exe

%System%\_svchost.exe

%System%\0617152d\services.exe

%System%\1126\ctfmon.exe

%System%\28463\naje.exe

%System%\3361\svchost.exe

%System%\440510867285l.exe

%System%\4e17c240.exe

%System%\6292775.exe

%System%\662832100427l.exe

%System%\662832180427l.exe

%System%\673843201528l.exe

%System%\793693.exe

%System%\8040\data.exe

%System%\8040\lsass.exe

%System%\8040\svchost.exe

%System%\884054312630l.exe

%System%\abyl.exe

%System%\afub.exe

%System%\algi.exe

%System%\algs.exe

%System%\amvo.exe

%System%\autochl.exe

%System%\avsp.exe

%System%\blastclnnn.exe

%System%\bttnserv.exe

%System%\ccapps.exe

%System%\chrome.exe

%System%\ckvo.exe

%System%\cmd.com

%System%\cmd-bro-ikx.exe

%System%\cmd-brontok.exe

%System%\cmd-bro-pkx.exe

%System%\cmd-bro-plx.exe

%System%\cmd-bro-rlx.exe

%System%\com\lsass.exe

%System%\cpl32ver.exe

%System%\csrs.exe

%System%\csrsc.exe

%System%\cyf5k4u.exe

%System%\dllcache\default.exe

%System%\dllcache\global.exe

%System%\dllcache\log.exe

%System%\dllcache\qxchost.exe

%System%\dllcache\rtsecar.exe

%System%\dllcache\svchost.exe

%System%\dllcache\winlogon.exe

%System%\dllcache\winppa.exe

%System%\dllcache\zipexr.dll

%System%\drivers\ctfmon.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).