ThreatExpert's Statistics for W32/Autorun.worm.gen [McAfee]:

W32/Autorun.worm.gen [McAfee] is also known as:

Threat Alias	Number of Incidents
Worm.Win32.AutoRun [Ikarus]	501
Mal/Generic-A [Sophos]	490
Downloader [Symantec]	408
Worm.AutoRun!sd6 [PC Tools]	372
Worm.Win32.AutoRun.nvc [Kaspersky Lab]	332
W32.SillyFDC [Symantec]	252
Win32/Autorun.worm.17408.C [AhnLab]	132
Worm.Win32.AutoRun.eae [Kaspersky Lab]	120
Trojan:Win32/Chiviper.B [Microsoft]	114
VirTool:Win32/Vtub.WL [Microsoft]	110
Trojan Horse [Symantec]	71
W32.SillyP2P [Symantec]	68
Worm.Win32.Agent.lz [Kaspersky Lab]	66
W32.SillyDC [Symantec]	65
Worm.Win32.Agent [Ikarus]	64
Worm:Win32/Autorun.GR [Microsoft]	59
Virus.BAT.Agent.af [Kaspersky Lab]	52
HackTool.Win32.IISCrack.d [Ikarus]	50
WORM_SILLY.LC [Trend Micro]	49
Mal/Autorun-E [Sophos]	47
Worm.Win32.AutoRun.lnu [Kaspersky Lab]	45
WORM_AUTORUN.BFW [Trend Micro]	42
Win-Trojan/Inject.72704.E [AhnLab]	40
Mal/PWS-Fam [Sophos]	38
Packed.Generic.181 [Symantec]	38
Worm.Autorun.AJ [PC Tools]	36
Worm.Autorun.AYN [PC Tools]	36
Mal/Packer, Mal/EncPk-BW [Sophos]	31
W32/Autorun-ADO [Sophos]	30
Win-Trojan/Xema.7036 [AhnLab]	30
Worm.Win32.AutoRun.yze [Kaspersky Lab]	30
Trojan-Spy.Win32.Banker.anv [Ikarus]	26
W32/AutoRun-ZE [Sophos]	25
Worm.Autorun!ct [PC Tools]	25
P2P-Worm.Silly [PC Tools]	24
Virus.BAT.Agent [Ikarus]	20
Virus.Win32.Autoit.BX [Ikarus]	20
W32/Autorun.worm!w [McAfee]	20
W32/Autorun-AAA [Sophos]	20
Worm.Win32.Hamweq [Ikarus]	18
Worm:Win32/Hamweq.gen!C [Microsoft]	18
Mal/UnkPack-Fam [Sophos]	16
Troj/Olsa-A [Sophos]	16
Trojan.Agent [Ikarus]	16
Trojan-Downloader.Agent.BWH [PC Tools]	16
VirTool.Win32.DelfInject [Ikarus]	16
W32.Ircbrute [Symantec]	16
Worm.Agent!sd6 [PC Tools]	16
Worm:Win32/Rimecud.A [Microsoft]	16
Worm:Win32/Hamweq.A [Microsoft]	15
Backdoor.Trojan [Symantec]	14
Mal/Behav-160, Mal/Emogen-E, Mal/Behav-009, Mal/Basine-C [Sophos]	14
Mal/Behav-024, Mal/Behav-027, Mal/Behav-010 [Sophos]	13
Trojan:Win32/Meredrop [Microsoft]	13
Mal/Basine-C [Sophos]	12
TrojanDropper:Win32/Emold.C [Microsoft]	12
Trojan-GameThief.Win32.Lmir [Ikarus]	12
Win32.Worm.Autorun.LW [Ikarus]	12
Worm.Win32.AutoRun.doc [Kaspersky Lab]	12
Worm.Win32.AutoRun.lkx [Kaspersky Lab]	12
Worm.Win32.AutoRun.rye [Kaspersky Lab]	12
WORM_AUTORUN.BUT [Trend Micro]	12
AdWare.Win32.BHO [Ikarus]	11
Mal/Basine-A, Mal/Behav-160, Mal/Emogen-E, Mal/Behav-009, Mal/Basine-C [Sophos]	11
WORM_HAMWEQ.BU [Trend Micro]	11
Packed/Upack [AhnLab]	10
Trojan:Win32/Veslorn.gen!A [Microsoft]	10
VirTool:Win32/DelfInject.gen!AC [Microsoft]	10
Worm.AutoRun.GEN [PC Tools]	10
Worm.Win32.VB.nu [Kaspersky Lab]	10
Worm:AutoIt/Autorun.R [Microsoft]	10
Mal/Delf-L [Sophos]	9
Troj/Agent-HMB [Sophos]	9
W32/AutoRun-QD [Sophos]	9
Worm:Win32/Autorun.PL [Microsoft]	9
Backdoor.SdBot.DFSG [Ikarus]	8
Mal/Autorun-Fam [Sophos]	8
Mal/Delf-M [Sophos]	8
Mal/UnkPack-Fam, Mal/Autorun-E [Sophos]	8
TrojanSpy:Win32/Delf [Microsoft]	8
W32.IRCBot [Symantec]	8
Win-Trojan/Agent.59904.DJ [AhnLab]	8
Win-Trojan/Xema.variant [AhnLab]	8
Worm.AutoRun.qar [PC Tools]	8
Worm.Win32.AutoRun.eyb [Kaspersky Lab]	8
Backdoor.Graybird [Symantec]	7
Backdoor.Win32.Hupigon [Ikarus]	7
Mal/Behav-236 [Sophos]	7
Mal/Emogen-Y [Sophos]	7
Trojan.KillAV [Symantec]	7
Trojan:Win32/Alureon.BH [Microsoft]	7
Trojan-Dropper.Agent [Ikarus]	7
TrojanSpy:Win32/Hitpop.gen!C [Microsoft]	7
Worm:Win32/Autorun.MBS [Microsoft]	7
Worm:Win32/Emold.gen!D [Microsoft]	7
Worm:Win32/Orbina!rts [Microsoft]	7
Generic.dx [McAfee]	6
Mal/Autorun-C [Sophos]	6
Net-Worm.SillyFDC [PC Tools]	6
P2P-Worm.Win32.Agent [Ikarus]	6

W32/Autorun.worm.gen [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	206
	United Kingdom	24
	Russian Federation	10
	Czech Republic	8
	Spain	4
	Japan	3
	Slovenia	3
	Republic of Korea	2
	Brazil	1
	France	1
	Iran	1
	Italy	1
	Portugal	1
	Serbia and Montenegro	1
	Sweden	1
	Ukraine	1

W32/Autorun.worm.gen [McAfee] is known to be created as:

%AllUsersProfile%\favorites.exe

%AppData%\microsoft\windata\__arestra__best.exe

%AppData%\microsoft\winlogom.exe

%CommonAppData%\dllcache32.exe

%CommonAppData%\taskmgr.exe

%CommonPrograms%\startup\winlogon.exe

%Favorites%\links.exe

%FontsDir%\3c7780c0.dll

%FontsDir%\csrss.exe

%Profiles%\default user\templates\winword.doc.exe

%Profiles%\default user\templates\winword2.doc.exe

%Profiles%\images.exe

%ProgramFiles%\adobe\wsock32.dll

%ProgramFiles%\bifrost\defend64bit.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\common files\adobe\color\wsock32.dll

%ProgramFiles%\common files\adobe\typespt\wsock32.dll

%ProgramFiles%\common files\adobe\wsock32.dll

%ProgramFiles%\common files\designer\wsock32.dll

%ProgramFiles%\common files\mssoap\binaries\wsock32.dll

%ProgramFiles%\common files\mssoap\wsock32.dll

%ProgramFiles%\common files\odbc\data sources\wsock32.dll

%ProgramFiles%\common files\odbc\wsock32.dll

%ProgramFiles%\common files\services\wsock32.dll

%ProgramFiles%\common files\speechengines\microsoft\wsock32.dll

%ProgramFiles%\common files\speechengines\wsock32.dll

%ProgramFiles%\common files\system\ado\wsock32.dll

%ProgramFiles%\common files\system\fhxssom.exe

%ProgramFiles%\common files\system\msadc\wsock32.dll

%ProgramFiles%\common files\system\ole db\wsock32.dll

%ProgramFiles%\common files\system\rckywlq.exe

%ProgramFiles%\common files\system\wsock32.dll

%ProgramFiles%\common files\wise installation wizard\wsock32.dll

%ProgramFiles%\common files\wsock32.dll

%ProgramFiles%\complus applications\wsock32.dll

%ProgramFiles%\explorer.exe

%ProgramFiles%\images.exe

%ProgramFiles%\internet explorer\connection wizard\wsock32.dll

%ProgramFiles%\internet explorer\mui\0409\wsock32.dll

%ProgramFiles%\internet explorer\mui\wsock32.dll

%ProgramFiles%\internet explorer\signup\wsock32.dll

%ProgramFiles%\internet explorer\smss.exe

%ProgramFiles%\internet explorer\wsock32.dll

%ProgramFiles%\meex.exe

%ProgramFiles%\messenger\wsock32.dll

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\microsoft common\wuauclt.exe

%ProgramFiles%\microsoft frontpage\version3.0\bin\wsock32.dll

%ProgramFiles%\microsoft frontpage\version3.0\wsock32.dll

%ProgramFiles%\microsoft frontpage\wsock32.dll

%ProgramFiles%\movie maker\svchost.exe

%ProgramFiles%\movie maker\wsock32.dll

%ProgramFiles%\msn gaming zone\windows\wsock32.dll

%ProgramFiles%\msn gaming zone\wsock32.dll

%ProgramFiles%\msn\msncorefiles\install\wsock32.dll

%ProgramFiles%\msn\msncorefiles\oobe\wsock32.dll

%ProgramFiles%\msn\msncorefiles\wsock32.dll

%ProgramFiles%\msn\msnia\wsock32.dll

%ProgramFiles%\msn\msninstaller\wsock32.dll

%ProgramFiles%\msn\wsock32.dll

%ProgramFiles%\netmeeting\wsock32.dll

%ProgramFiles%\online services\wsock32.dll

%ProgramFiles%\outlook express\wsock32.dll

%ProgramFiles%\tg_data\updater.exe

%ProgramFiles%\uninstall information\wsock32.dll

%ProgramFiles%\web publish\logfiles\wsock32.dll

%ProgramFiles%\web publish\wsock32.dll

%ProgramFiles%\windows media player\icons\wsock32.dll

%ProgramFiles%\windows media player\sample playlists\wsock32.dll

%ProgramFiles%\windows media player\skins\wsock32.dll

%ProgramFiles%\windows media player\visualizations\wsock32.dll

%ProgramFiles%\windows media player\wsock32.dll

%ProgramFiles%\windows nt\accessories.exe

%ProgramFiles%\windows nt\accessories\wsock32.dll

%ProgramFiles%\windows nt\antivir.dll

%ProgramFiles%\windows nt\pinball\wsock32.dll

%ProgramFiles%\windows nt\wsock32.dll

%ProgramFiles%\windowsupdate\wsock32.dll

%ProgramFiles%\winer\winer.exe

%ProgramFiles%\winpcap\wsock32.dll

%ProgramFiles%\wsock32.dll

%Programs%\startup\hpclsrvs.exe

%Programs%\startup\hpcvlsers.exe

%Programs%\startup\kavsrv.exe

%System%\__arestra__best.exe

%System%\306a39\00c3ac.exe

%System%\acer.exe

%System%\asus.exe

%System%\bama08\csrss.exe

%System%\bama08\lsass.exe

%System%\bama08\services.exe

%System%\bama08\smss.exe

%System%\bbbcababced.dll

%System%\bcveat.exe

%System%\bfacfdffc.dll

%System%\ctfmons.exe.exe

%System%\dllcache\1028\svchost.exe

%System%\dllcache\lsoss.exe

%System%\dllcache\spoolsv.exe

%System%\dllcache\svchost.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%Favorites% is a variable that refers to the file system directory that serves as a common repository for the user's favorite items. A typical path is C:\Documents and Settings\[UserName]\Favorites.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).