ThreatExpert's Statistics for W32.Imaut [Symantec]:

W32.Imaut [Symantec] is also known as:

Threat Alias	Number of Incidents
W32/YahLover.worm.gen [McAfee]	184
IM-Worm.Win32.Sohanad [Ikarus]	178
Trojan.Win32.Autoit.ci [Kaspersky Lab]	162
Trojan.Autoit [Ikarus]	161
Worm.Win32.AutoIt [Ikarus]	142
IM-Worm.Win32.Sohanad.t [Kaspersky Lab]	138
WORM_SOHANAD.BO [Trend Micro]	124
W32/Sality-AM [Sophos]	123
W32/YahLover.worm [McAfee]	120
Worm:AutoIt/Sohanad.AI [Microsoft]	120
W32/Sohana-R [Sophos]	116
W32/AutoIt-AO [Sophos]	100
Worm.Win32.AutoIt.bg [Kaspersky Lab]	98
Virus:Win32/Sality.AM [Microsoft]	95
W32/Autorun.worm.et [McAfee]	92
Mal/Airworm-A [Sophos]	85
IM-Worm.Sohanad!sd5 [PC Tools]	84
W32/Sality.gen [McAfee]	80
Worm:Win32/Autorun.FH [Microsoft]	80
WORM_DELF.FKZ [Trend Micro]	80
Mal/Packer [Sophos]	77
Mal/Sohana-A [Sophos]	73
Trojan.Win32.Autoit.eg [Kaspersky Lab]	72
IM-Worm.Win32.Sohanad.bm [Kaspersky Lab]	71
W32/SillyFDC-G [Sophos]	70
Mal_AUMAL-2 [Trend Micro]	68
Trojan.DL.AutoIt.DO [PC Tools]	59
WORM_IMAUT.BY [Trend Micro]	57
Trojan-Downloader.Win32.AutoIt.q [Kaspersky Lab]	50
Worm:Win32/Nuqel.H [Microsoft]	49
W32/Hakag-A [Sophos]	48
WORM_SOHANAD.BZ [Trend Micro]	48
Win32/Kashu.B [AhnLab]	45
Worm.AutoIt.dn [PC Tools]	45
W32/Hakaglan.worm.gen [McAfee]	44
Win32/Hakaglan.worm.462264 [AhnLab]	39
Application.Perfect_Keylogger [PC Tools]	36
PE_SALITY.EN-1 [Trend Micro]	36
Win32/Sohanad.worm.239905 [AhnLab]	34
IM-Worm.Win32.Sohanad.gen [Kaspersky Lab]	32
Trojan.Win32.Autoit [Ikarus]	32
Virus.Win32.Sality.aa [Kaspersky Lab]	29
Malware.Imaut [PC Tools]	28
Trojan-Downloader.Win32.AutoIt.q [Ikarus]	27
Win32/Autoit.worm.678913 [AhnLab]	26
Trojan.Win32.Zapchast.mv [Kaspersky Lab]	25
W32/Sality.ag [McAfee]	25
Worm:Win32/Sohonad.S [Microsoft]	25
PE_SALITY.JER [Trend Micro]	23
Worm.Autoit.DU [PC Tools]	23
PE_SALITY.EN [Trend Micro]	22
Trojan-Downloader.Win32.AutoIt.aa [Kaspersky Lab]	22
PE_SALITY.EK [Trend Micro]	21
Trojan.Autoit.BF [PC Tools]	21
Trojan.Win32.Autoit.bm [Kaspersky Lab]	21
Win-Trojan/Xema.variant [AhnLab]	19
Worm.Win32.AutoRun [Ikarus]	18
Trojan.Autoit.CI.14 [Ikarus]	17
Trojan-Downloader.Win32.AutoIt [Ikarus]	17
Worm:AutoIt/Sohanad.AQ [Microsoft]	17
W32.Yautoit [Symantec]	16
Worm:Win32/Sohanad.K [Microsoft]	16
W32/Autorun-DB [Sophos]	15
Worm.Win32.AutoIt.dn [Kaspersky Lab]	15
Mal/Generic-A [Sophos]	14
Mal/Sohana-B, Mal/Sohana-A [Sophos]	14
Trojan.Autoit [PC Tools]	14
Trojan:Win32/Malagent [Microsoft]	14
Win32.Sality.AM.Gen [PC Tools]	14
Win32/Sohanad.worm.617343 [AhnLab]	14
Worm.Sohanad.R [PC Tools]	14
Worm.Win32.AutoRun.dkk [Kaspersky Lab]	13
Backdoor.Win32.Small.fqn [Kaspersky Lab]	12
W32/AutoRun-IR [Sophos]	12
W32/Sality.ah [McAfee]	12
Worm.Autorun.ADN [PC Tools]	12
WORM_SOHANAD.DX [Trend Micro]	12
WORM_SOHANAD.FG [Trend Micro]	12
IM-Worm.Sohanad!sd6 [PC Tools]	11
Trojan.Jonben.A [PC Tools]	11
Win32/Autorun.worm.401408 [AhnLab]	11
Win32/Sohaned.worm.230400 [AhnLab]	11
not-a-virus:Monitor.Win32.Ardamax.ds [Kaspersky Lab]	10
Virus.Win32.AutoRun.bm [Ikarus]	10
W32/Autorun-GG [Sophos]	10
IM-Worm.Win32.Sohanad.bh [Kaspersky Lab]	9
Virus.Win32.Sality.z [Kaspersky Lab]	9
W32/Autorun.worm.cs [McAfee]	9
W32/Sohana-AO [Sophos]	9
Win-Trojan/AutoRun.267085 [AhnLab]	9
Worm.AutoIt.s [PC Tools]	9
Troj/Dloadr-BHO [Sophos]	8
Virus.Win32.Sality [Ikarus]	8
W32/Autorun.worm.dt [McAfee]	8
Worm.Sohanad.AU [PC Tools]	8
WORM_IMAUT.HB [Trend Micro]	8
Email-Worm.Win32.Brontok.ab [Ikarus]	7
VirTool:Win32/ModTool.A [Microsoft]	7
Virus.Win32.Alman [Ikarus]	7
W32/Sality.ao [McAfee]	7

W32.Imaut [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	United Kingdom	570
	Germany	75
	Saudi Arabia	5
	Russian Federation	2

W32.Imaut [Symantec] is known to be created as:

%AppData%\control.exe

%AppData%\microsoft\cd burning\mp3.exe

%CommonPrograms%\startup\a.m.k.b_pk.exe

%CommonPrograms%\startup\msconfig.exe

%CommonPrograms%\startup\winlogon.exe

%System%\360mn.dll

%System%\360mo.dll

%System%\anhui.exe

%System%\blastclnnn.exe

%System%\chrome.exe

%System%\explorar.exe

%System%\extramain.exe

%System%\gphone.exe

%System%\iexplorer.exe

%System%\iexplorers.exe

%System%\ljcnn.dll

%System%\lwinn.dll

%System%\macfee_.exe

%System%\mmb.exe

%System%\msrun32.exe

%System%\regsvr.exe

%System%\rvhost.exe

%System%\scvhost.exe

%System%\scvhosti.exe

%System%\scvhsot.exe

%System%\sichost.exe

%System%\sscvihost.exe

%System%\ssvichosst.exe

%System%\system3_.exe

%System%\system32_.exe

%System%\wincnn.dll

%System%\winhelp.exe

%System%\winkbbest.dll

%System%\winlcnn.dll

%System%\winscnn.dll

%System%\winsysfis.dll

%System%\wisysfs.dll

%System%\wisysfxs.dll

%Temp%\_systemupdate.exe

%Temp%\00050576_rar\scvhsot.exe

%Temp%\00050ce8_rar\rvhost.exe

%Temp%\00050d75_rar\sscvihost.exe

%Temp%\00053ef4_rar\scvhsot.exe

%Temp%\00053f33_rar\hinhem.scr

%Temp%\00053fa0_rar\scvhsot.exe

%Temp%\00053fc0_rar\blastclnnn.exe

%Temp%\0005456d_rar\rvhost.exe

%Temp%\00054667_rar\sscvihost.exe

%Temp%\000546d4_rar\rvhost.exe

%Temp%\00054703_rar\sscvihost.exe

%Temp%\00054770_rar\blastclnnn.exe

%Temp%\0005558a_rar\scvhsot.exe

%Temp%\00055599_rar\scvhsot.exe

%Temp%\000555e7_rar\scvhsot.exe

%Temp%\00055626_rar\ssvichosst.exe

%Temp%\00055664_rar\ssvichosst.exe

%Temp%\00055674_rar\scvhsot.exe

%Temp%\000556a3_rar\ssvichosst.exe

%Temp%\000556c2_rar\ssvichosst.exe

%Temp%\000556e1_rar\ssvichosst.exe

%Temp%\000556f1_rar\ssvichosst.exe

%Temp%\00055720_rar\rvhost.exe

%Temp%\00055730_rar\ssvichosst.exe

%Temp%\0005576e_rar\ssvichosst.exe

%Temp%\0005577e_rar\ssvichosst.exe

%Temp%\000557bc_rar\ssvichosst.exe

%Temp%\000558a7_rar\sscvihost.exe

%Temp%\00055904_rar\ssvichosst.exe

%Temp%\00055943_rar\scvhsot.exe

%Temp%\00055a0e_rar\scvhsot.exe

%Temp%\00055a4c_rar\scvhsot.exe

%Temp%\00055ac9_rar\sscvihost.exe

%Temp%\00055ba4_rar\ssvichosst.exe

%Temp%\00055c02_rar\ssvichosst.exe

%Temp%\00055cae_rar\scvhsot.exe

%Temp%\00056057_rar\rvhost.exe

%Temp%\00056067_rar\ssvichosst.exe

%Temp%\000560b5_rar\ssvichosst.exe

%Temp%\000560f4_rar\sscvihost.exe

%Temp%\000564eb_rar\ssvichosst.exe

%Temp%\00058535_rar\sscvihost.exe

%Temp%\0005863e_rar\blastclnnn.exe

%Temp%\0005865e_rar\sscvihost.exe

%Temp%\00058ca7_rar\rvhost.exe

%Temp%\00058ca7_rar\sscvihost.exe

%Temp%\00058cc6_rar\ssvichosst.exe

%Temp%\00058d43_rar\ssvichosst.exe

%Temp%\00058dd0_rar\ssvichosst.exe

%Temp%\00058def_rar\rvhost.exe

%Temp%\00058dff_rar\sscvihost.exe

%Temp%\00058e0e_rar\blastclnnn.exe

%Temp%\00058e6c_rar\scvhsot.exe

%Temp%\00058eab_rar\ssvichosst.exe

%Temp%\00058ef9_rar\hinhem.scr

%Temp%\00058ef9_rar\scvhsot.exe

%Temp%\00058f08_rar\blastclnnn.exe

%Temp%\00058f08_rar\ssvichosst.exe

%Temp%\00058f37_rar\ssvichosst.exe

%Temp%\00058f47_rar\ssvichosst.exe

%Temp%\00058f66_rar\scvhsot.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).