ThreatExpert's Statistics for W32.Koobface.A [Symantec]:

W32.Koobface.A [Symantec] is also known as:

Threat Alias	Number of Incidents
Worm.Win32.Koobface [Ikarus]	2,557
Mal/Generic-A, Mal/KoobHeur-A [Sophos]	2,507
Net-Worm.Win32.Koobface.cln [Kaspersky Lab]	2,448
Net-Worm.Koobface [PC Tools]	2,281
Win32/Koobface.worm.50688.C [AhnLab]	2,244
Net-Worm.Win32.Koobface [Ikarus]	490
Mal/KoobHeur-A, Mal/KoobHeur-A [Sophos]	440
Net-Worm.Win32.Koobface.cvn [Kaspersky Lab]	440
Win32/Koobface.worm.50688.D [AhnLab]	440
Mal/KoobHeur-A [Sophos]	168
W32/Koobfa-Gen [Sophos]	93
Trojan-Proxy.Win32.Koobface [Ikarus]	92
Trojan.Win32.Agent.cwjg [Kaspersky Lab]	81
Mal/Generic-A [Sophos]	74
W32/Koobfa-Gen, W32/Koobfa-Gen [Sophos]	31
Net-Worm.Win32.Koobface.asz [Kaspersky Lab]	30
Troj/Agent-HIP [Sophos]	30
Trojan-Downloader.Win32.Renos [Ikarus]	30
Trojan-Downloader.Win32.Injecter.ddn [Kaspersky Lab]	26
W32/Koobfa-Gen, Mal/KoobHeur-A [Sophos]	26
Rootkit.Win32.Agent [Ikarus]	24
Win32/Koobface.worm.131584 [AhnLab]	24
Win32/Koobface.worm.51200.B [AhnLab]	24
Win-Trojan/Agent.56064 [AhnLab]	24
Worm.Generic [Ikarus]	24
Worm:Win32/Koobface.gen!D [Microsoft]	24
Net-Worm.Win32.Koobface.hn [Kaspersky Lab]	19
Generic.dx [McAfee]	18
W32/Koobface.worm.gen.ah [McAfee]	16
Net-Worm.Koobface!sd6 [PC Tools]	15
W32/Koobface.worm [McAfee]	15
BackDoor-AWQ.b [McAfee]	12
Generic Proxy!m [McAfee]	12
Net-Worm.Win32.Koobface.cgk [Kaspersky Lab]	12
Rootkit.Win32.Agent.vir [Kaspersky Lab]	12
TROJ_AGENT.ALKB [Trend Micro]	12
Trojan-Dropper.Win32.Agent.bgpi [Kaspersky Lab]	12
W32/Koobface.worm.gen.o [McAfee]	12
WORM_AUTORUN.SA [Trend Micro]	12
W32/Koobface.worm.gen.j [McAfee]	11
Backdoor:Win32/Yewbmoat.gen [Microsoft]	10
Net-Worm.Win32.Koobface.d [Kaspersky Lab]	10
Win32/Koobface.worm.15360.FW [AhnLab]	10
Mal/Inet-Fam [Sophos]	9
Mal/EncPk-LW [Sophos]	8
Trojan-Clicker.Win32.Small.adw [Kaspersky Lab]	8
W32/Koobfa-Gen, W32/Koobfa-Gen, Mal/KoobHeur-A [Sophos]	8
Mal/Generic-A, Mal/EncPk-LW [Sophos]	7
Trojan-Proxy.Win32.Small [Ikarus]	7
Win32/Koobface.worm.16384.M [AhnLab]	7
Backdoor.Win32.Lithium.ed [Kaspersky Lab]	6
Net-Worm.Win32.Koobface.bka [Kaspersky Lab]	6
Trojan.Win32.Agent [Ikarus]	6
Generic.dx!bew [McAfee]	5
Net-Worm.Win32.Koobface.ast [Kaspersky Lab]	5
Net-Worm.Win32.Koobface.cju [Kaspersky Lab]	5
Trojan.Win32.Agent.cwzs [Kaspersky Lab]	5
Trojan.Win32.Agent2.hgm [Kaspersky Lab]	5
Win32/Koobface.worm.17920.C [AhnLab]	5
WORM_KOOBFACE.E [Trend Micro]	5
Generic Downloader.x!gy [McAfee]	4
Generic.dx!sh [McAfee]	4
Mal/FakeSpy-A [Sophos]	4
Net-Worm.Koobface.hx [PC Tools]	4
Net-Worm.Win32.Koobface.ahz [Kaspersky Lab]	4
Net-Worm.Win32.Koobface.ex [Kaspersky Lab]	4
Net-Worm.Win32.Koobface.gr [Kaspersky Lab]	4
Net-Worm.Win32.Koobface.k [Kaspersky Lab]	4
Trojan.Win32.Qhost.kld [Kaspersky Lab]	4
Trojan-Downloader.Win32.Agent.cgza [Kaspersky Lab]	4
W32.Koobface.D [Symantec]	4
W32/Koobface.worm.gen.s [McAfee]	4
W32/Koobfa-Gen, W32/Koobfa-Gen, W32/Koobfa-Gen, Mal/KoobHeur-A [Sophos]	4
Win32/Koobface.worm.12288.V [AhnLab]	4
Win-Trojan/Agent.17920.ME [AhnLab]	4
Win-Trojan/Agent.51200.JT [AhnLab]	4
Win-Trojan/Downloader.15360.IO [AhnLab]	4
Worm.Win32.AutoRun.lye [Kaspersky Lab]	4
Worm:Win32/Koobface.P [Microsoft]	4
Worm:Win32/SillyShareCopy.gen [Microsoft]	4
Generic.dam [McAfee]	3
Generic.dx!w [McAfee]	3
Net-Worm.Win32.Koobface.hc [Kaspersky Lab]	3
Net-Worm.Win32.Koobface.he [Kaspersky Lab]	3
Trojan-Dropper.Agent [Ikarus]	3
W32/Koobface-H [Sophos]	3
Win-Trojan/Downloader.15360.IR [AhnLab]	3
Worm:Win32/Koobface.W [Microsoft]	3
Backdoor.Win32.Lithium.ei [Kaspersky Lab]	2
Generic.dx!df [McAfee]	2
Generic.dx!h [McAfee]	2
Generic.dx!v [McAfee]	2
Mal/Behav-314, Mal/Fakecor-B [Sophos]	2
Mal/Heuri-E, Mal/Heuri-D, Mal/Emogen-N [Sophos]	2
Net-Worm.Koobface.bgr [PC Tools]	2
Net-Worm.Koobface.ccd [PC Tools]	2
Net-Worm.Win32.Koobface.awm [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.bku [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.fn [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.gj [Kaspersky Lab]	2

W32.Koobface.A [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	8
	Australia	3
	Ukraine	2
	France	1

W32.Koobface.A [Symantec] is known to be created as:

%ProgramFiles%\adult tube xxx codec\antivirus\dad.exe

%ProgramFiles%\adult tube xxx codec\antivirus\lol.exe

%ProgramFiles%\adult tube xxx codec\antivirus\service.exe

%ProgramFiles%\ddnsfilter\ddnsfilter.dll

%ProgramFiles%\pornotubexxx\antivirus\service.exe

%System%\drivers\fio32.sys

%System%\fio32.dll

%System%\splm\kbdsapi.dll

%System%\splm\lmfunit32.dll

%System%\splm\mcaserv32.dll

%Temp%\fio32.dll

%Temp%\ld15.exe

%Temp%\net-worm.win32.koobface.k.exe

%Temp%\pp11.exe

%Windir%\bill102.exe

%Windir%\bolivar23.exe

%Windir%\bolivar24.exe

%Windir%\bolivar25.exe

%Windir%\bolivar26.exe

%Windir%\bolivar27.exe

%Windir%\bolivar29.exe

%Windir%\bolivar30.exe

%Windir%\che3.exe

%Windir%\che4.exe

%Windir%\fbtre8.exe

%Windir%\freddy35.exe

%Windir%\freddy39.exe

%Windir%\freddy40.exe

%Windir%\freddy41.exe

%Windir%\freddy42.exe

%Windir%\freddy43.exe

%Windir%\freddy46.exe

%Windir%\freddy47.exe

%Windir%\freddy48.exe

%Windir%\freddy49.exe

%Windir%\freddy50.exe

%Windir%\freddy51.exe

%Windir%\freddy52.exe

%Windir%\freddy54.exe

%Windir%\freddy58.exe

%Windir%\freddy59.exe

%Windir%\freddy60.exe

%Windir%\freddy63.exe

%Windir%\freddy64.exe

%Windir%\freddy71.exe

%Windir%\fu02.exe

%Windir%\higeorge11.exe

%Windir%\julieta09.exe

%Windir%\ld01.exe

%Windir%\ld02.exe

%Windir%\ld03.exe

%Windir%\ld06.exe

%Windir%\ld07.exe

%Windir%\ld08.exe

%Windir%\ld09.exe

%Windir%\ld10.exe

%Windir%\ld11.exe

%Windir%\ld12.exe

%Windir%\ld14.exe

%Windir%\ld15.exe

%Windir%\ld16.exe

%Windir%\loadernew.exe

%Windir%\mstre15.exe

%Windir%\mstre16.exe

%Windir%\mstre17.exe

%Windir%\mstre19.exe

%Windir%\mstre24.exe

%Windir%\nl15.exe

%Windir%\pp06.exe

%Windir%\pp10.exe

%Windir%\pp11.exe

%Windir%\rdr_1256317094.exe

%Windir%\rdr_1256317144.exe

%Windir%\rdr_1256335166.exe

%Windir%\rdr_1256335252.exe

%Windir%\rdr_1256493663.exe

%Windir%\rdr_1256496822.exe

%Windir%\rdr_1256496909.exe

%Windir%\rdr_1256505392.exe

%Windir%\rdr_1256505486.exe

%Windir%\rdr_1256664957.exe

%Windir%\rdr_1256665044.exe

%Windir%\rdr_1256666925.exe

%Windir%\rdr_1256667011.exe

%Windir%\rdr_1256690986.exe

%Windir%\rdr_1256691073.exe

%Windir%\rdr_1256698400.exe

%Windir%\rdr_1256698488.exe

%Windir%\rdr_1256700754.exe

%Windir%\rdr_1256700842.exe

%Windir%\rdr_1256739016.exe

%Windir%\rdr_1256739091.exe

%Windir%\rdr_1256753521.exe

%Windir%\rdr_1256753521.exe.exe

%Windir%\rdr_1256867889.exe

%Windir%\rdr_1256867978.exe

%Windir%\rdr_1256888541.exe

%Windir%\rdr_1256893712.exe

%Windir%\rdr_1256893802.exe

%Windir%\rdr_1256943259.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.