Threat Search: 

ThreatExpert's Statistics for New Win32 [McAfee]:

New Win32 [McAfee] is also known as:
Threat AliasNumber of Incidents
Win32/Virut.F [AhnLab]497
Virus.Win32.Virut.ce [Kaspersky Lab]490
W32.Virut.CF [Symantec]480
W32/Scribble-B [Sophos]420
Virus:Win32/Virut.BM [Microsoft]331
Virus:Win32/Virut.gen!O [Microsoft]81
Win32/MalPackedB.suspicious [AhnLab]75
W32/Scribble-A [Sophos]69
Virus:Win32/Virut.gen!E [Microsoft]68
Suspicious.MH690 [Symantec]42
Virus.Win32.Agent.GZY [Ikarus]40
Packer.RLPack [Ikarus]31
Packer.RLPack.D [Ikarus]30
Malware.Virut [PC Tools]29
Mal/Generic-A [Sophos]28
Mal/HckPk-A, W32/Scribble-B [Sophos]28
Trojan Horse [Symantec]25
W32/Virut-Gen [Sophos]25
W32.Virut!gen [Symantec]24
Mal/HckPk-A [Sophos]23
PE_VIRUT.ABY [Trend Micro]22
Virus.Win32.Virut.bl [Kaspersky Lab]22
Virus:Win32/Virut.BB [Microsoft]22
Mal/EncPk-EG [Sophos]18
TrojanSpy:Win32/Bancos.gen!A [Microsoft]17
Win32.Otwycal.A [PC Tools]17
Mal/DelpBanc-A [Sophos]16
Mal/Packer [Sophos]15
Trojan:Win32/Puzlice.A [Microsoft]14
Virus.Win32.Virut.bl [Ikarus]14
Backdoor.Trojan [Symantec]13
TrojanDropper:Win32/Puzlice.A [Microsoft]13
Email-Worm.Win32.Mydoom.bj [Ikarus]12
PE_OTWYCAL.MIC [Trend Micro]12
Trojan-Banker.Win32.Bancos [Ikarus]12
W32.Mytob@mm [Symantec]12
Trojan.Agent.DEL [PC Tools]11
TrojanDropper:Win32/OnLineGames [Microsoft]11
Mal/Helpud-A [Sophos]10
Trojan-Downloader.Win32.Cutwail [Ikarus]10
VirTool:Win32/CeeInject.gen!J [Microsoft]10
Backdoor:Win32/Refpron.M [Microsoft]9
Downloader [Symantec]9
Bloodhound.W32.EP [Symantec]8
TrojanDownloader:Win32/Cutwail.gen!C [Microsoft]8
Backdoor.Pcclient [Ikarus]7
Backdoor.Win32.Hupigon [Ikarus]7
Bloodhound.Unknown [Symantec]7
TrojanSpy:Win32/Bancos.gen!C [Microsoft]7
W32.Wowinzi.A [Symantec]7
Win32.SuspectCrc [Ikarus]7
Exploit.Win32.IMG-WMF [Ikarus]6
Infostealer [Symantec]6
not-a-virus:RiskTool.Win32.Crypter.c [Kaspersky Lab]6
Trojan.Win32.LaSta [Ikarus]6
Trojan.Win32.VB.mxl [Kaspersky Lab]6
Trojan-PSW.Win32.QQPass.ezq [Kaspersky Lab]6
Virus:Win32/Virut.gen!M [Microsoft]6
W32.SillyDC [Symantec]6
W32.Virut.W [Symantec]6
Win32.Virut.Gen.4 [PC Tools]6
WORM_BANWOR.AB [Trend Micro]6
Backdoor.Graybird [Symantec]5
Backdoor.Win32.Refpron [Ikarus]5
Backdoor:Win32/Bifrose.gen!B [Microsoft]5
Bloodhound.W32.1 [Symantec]5
Trojan.Win32.Patched.aa [Kaspersky Lab]5
Trojan.Win32.Piptea [Ikarus]5
Trojan:Win32/Anomaly.gen!D [Microsoft]5
Trojan-Clicker.Win32.VB.cvg [Ikarus]5
TrojanDownloader:Win32/Delf.GK [Microsoft]5
Win32.Agent.IMP [PC Tools]5
Worm.Win32.Otwycal.ag [Kaspersky Lab]5
Backdoor.Win32.Beastdoor [Ikarus]4
Backdoor.Win32.Poison.k [Kaspersky Lab]4
Backdoor.Win32.Poison.pg [Kaspersky Lab]4
Backdoor.Win32.Small.ly [Kaspersky Lab]4
Gen.Trojan [Ikarus]4
Infostealer.Bancos [Symantec]4
Mal/Banspy-F [Sophos]4
Mal/Behav-251 [Sophos]4
Mal/Behav-328, Mal/Behav-103 [Sophos]4
Mal/VB-A [Sophos]4
Mal_Banker [Trend Micro]4
Net-Worm.Win32.Mytob [Ikarus]4
not-a-virus:Porn-Dialer.Win32.Agent.bk [Ikarus]4
TROJ_PROXY.FZ [Trend Micro]4
Trojan.DL.CKSPost.A [PC Tools]4
Trojan.Dropper [Symantec]4
Trojan-Banker.Win32.Agent.z [Kaspersky Lab]4
Trojan-Downloader.Win32.Delf.aup [Ikarus]4
Trojan-Dropper.Agent [Ikarus]4
Trojan-Proxy.Win32.Xorpix.cq [Kaspersky Lab]4
Trojan-Proxy.Xorpix [PC Tools]4
Trojan-PWS.Tanspy [PC Tools]4
TrojanSpy:Win32/Banker [Microsoft]4
VirTool.Win32.DelfInject [Ikarus]4
Virus.Win32.Virut [Ikarus]4
Virus.Win32.Virut.av [Kaspersky Lab]4
Virus:Win32/Otwycal.A [Microsoft]4

New Win32 [McAfee] has the following possible countries of origin:
OriginNumber of Incidents
China335
Brazil154
United Kingdom73
Russian Federation32
France22
Sweden21
Spain15
Germany13
Saudi Arabia12
Netherlands11
Portugal8
Taiwan5
Belgium4
Turkey4
Canada3
Poland3
Australia2
Egypt2
Greece2
Israel2
Czech Republic1
Italy1
Nicaragua1
Norway1
Republic of Korea1
Uzbekistan1

New Win32 [McAfee] is known to be created as:
%AllUsersProfile%\desktop.exe
%AllUsersProfile%\favorites.exe
%AppData%\e4u.exe
%CommonDesktopDir%\desktop.exe
%CommonFavorites%\aheklcpf.exe
%CommonFavorites%\favorites.exe
%CommonPrograms%\startup\csrss.exe
%CommonPrograms%\startup\lsass.exe
%CommonPrograms%\startup\startup.exe
%CommonPrograms%\startup\svchost.exe
%CommonPrograms%\startup\systemil2.exe
%CommonPrograms%\startup\windows32.exe
%DesktopDir%\desktop.exe
%FontsDir%\fonts.exe
%FontsDir%\services.exe
%FontsDir%\syn00-11-22-33-44\system\smss.exe
%FontsDir%\tskmgr.exe
%FontsDir%\unwise_.exe
%ProgramFiles%\advancedvirusremover\pavrm.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\explorer.exe
%ProgramFiles%\injstar wallpaper video player\injstar.exe
%ProgramFiles%\internet explorer\mui.exe
%ProgramFiles%\internet explorer\mui\0409.exe
%ProgramFiles%\internet explorer\mui\0409\0409.exe
%ProgramFiles%\internet explorer\mui\mui.exe
%ProgramFiles%\meex.exe
%ProgramFiles%\messenger.exe
%ProgramFiles%\messenger\messenger.exe
%ProgramFiles%\microsoft common\svchost.exe
%ProgramFiles%\netmeeting.exe
%ProgramFiles%\netmeeting\netmeeting.exe
%ProgramFiles%\windows media player\skins.exe
%ProgramFiles%\windows media player\skins\skins.exe
%ProgramFiles%\windows\csrss.exe
%ProgramFiles%\winpcap.exe
%ProgramFiles%\winpcap\winpcap.exe
%System%\1163889.exe
%System%\2985758.exe
%System%\3216959.exe
%System%\3361\svchost.exe
%System%\3362833.exe
%System%\3649343.exe
%System%\3955942.exe
%System%\3976359.exe
%System%\5581308.exe
%System%\5700937.exe
%System%\5791727.exe
%System%\6933075.exe
%System%\7888895.exe
%System%\8054758.exe
%System%\8875223.exe
%System%\acer.exe
%System%\afisicx.exe
%System%\asus.exe
%System%\audiohq.exe
%System%\cmd.com
%System%\com\lsass.exe
%System%\diskdrive.exe
%System%\dllcache\default.exe
%System%\dllcache\explorer.exe
%System%\dllcache\global.exe
%System%\dllcache\rndll32.exe
%System%\dllcache\svchost.exe
%System%\dllcache\tskmgr.exe
%System%\dnfexe.exe
%System%\dns.exe
%System%\drivers\disdn\flower.exe
%System%\drivers\drivers.cab.exe
%System%\drivers\messages.exe
%System%\drivers\ntndis.exe
%System%\dxdiag.com
%System%\eeebbz.exe
%System%\ekrewj.dll
%System%\events.exe
%System%\fastnetsrv.exe
%System%\firewall.exe
%System%\flash.10.exe
%System%\flower.exe
%System%\frmwrk32.exe
%System%\h4ck.exe
%System%\hfdf0725.exe
%System%\hyjgr.exe
%System%\inf\scrsys071223.scr
%System%\internet.exe
%System%\interneter.exe
%System%\isass.exe
%System%\jambanmu.com
%System%\kernel32.exe
%System%\kork.exe
%System%\ldr.exe
%System%\mousie.exe
%System%\msconfig.com
%System%\msrstart.exe
%System%\mssrv32.exe
%System%\msvrhost32.exe
%System%\mutelupo.exe
%System%\ntos.exe
%System%\nxtepad.exe
%System%\opeia.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).