ThreatExpert's Statistics for W32.Koobface.B [Symantec]:

W32.Koobface.B [Symantec] is also known as:

Threat Alias	Number of Incidents
W32/Koobfa-Gen [Sophos]	34
Net-Worm.Koobface [PC Tools]	9
Net-Worm.Win32.Koobface [Ikarus]	7
Backdoor.Win32.Lithium.dz [Kaspersky Lab]	6
Backdoor.Win32.Lithium.dy [Kaspersky Lab]	4
Net-Worm.Koobface!sd6 [PC Tools]	4
Trojan-Dropper.Agent [Ikarus]	4
Mal/Inet-Fam [Sophos]	3
W32/Koobfa-Gen, Mal/KoobHeur-A [Sophos]	3
Worm.Win32.Koobface [Ikarus]	3
Generic Proxy!a [McAfee]	2
Generic.dx [McAfee]	2
Generic.dx!cj [McAfee]	2
Mal/Generic-A [Sophos]	2
Mal/Heuri-D, Mal/Heuri-E [Sophos]	2
Net-Worm.Win32.Koobface.ck [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.d [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.hw [Kaspersky Lab]	2
Troj/Proxy-JJ [Sophos]	2
Trojan.Win32.Agent [Ikarus]	2
Trojan-Downloader.Agent!sd6 [PC Tools]	2
Trojan-Downloader.Win32.Agent.atbf [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.chpc [Kaspersky Lab]	2
Trojan-Proxy.Win32.Koobface [Ikarus]	2
W32/Koobface.worm [McAfee]	2
W32/Koobface.worm.gen.g [McAfee]	2
W32/Koobfa-Gen, W32/Koobfa-Gen [Sophos]	2
Win32/Koobface.worm.10752 [AhnLab]	2
Win32/Koobface.worm.27136 [AhnLab]	2
Win32/Koobface.worm.36352 [AhnLab]	2
Win-Trojan/Agent.73728.LD [AhnLab]	2
Worm:Win32/Koobface.gen!D [Microsoft]	2
Backdoor [Ikarus]	1
Backdoor.Win32.Lithium.ei [Kaspersky Lab]	1
Generic.dx!cd [McAfee]	1
Generic.dx!ci [McAfee]	1
Generic.dx!cq [McAfee]	1
Generic.dx!mm [McAfee]	1
Generic.dx!pz [McAfee]	1
Generic.dx!qp [McAfee]	1
Generic.dx!v [McAfee]	1
Mal/EncPk-IO [Sophos]	1
Mal/EncPk-JB, Mal/EncPk-IO [Sophos]	1
Mal/Heuri-D [Sophos]	1
Net-Worm.Koobface.B [PC Tools]	1
Net-Worm.Win32.Koobface.a [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.aa [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.aid [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.aiw [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.bp [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.dl [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.ec [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.ho [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.im [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.iu [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.ix [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.jp [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.xu [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.yx [Kaspersky Lab]	1
Troj/Bckdr-QVU [Sophos]	1
Troj/Buzus-W [Sophos]	1
TROJ_AGENT.AFBG [Trend Micro]	1
Trojan.Buzus!sd6 [PC Tools]	1
Trojan.Win32.Agent.atff [Kaspersky Lab]	1
Trojan.Win32.Agent.bhpy [Kaspersky Lab]	1
Trojan.Win32.Agent.bkcc [Kaspersky Lab]	1
Trojan.Win32.Agent.cfwv [Kaspersky Lab]	1
Trojan.Win32.Agent.cnfo [Kaspersky Lab]	1
Trojan.Win32.Agent2.kwh [Kaspersky Lab]	1
Trojan.Win32.Buzus.pzs [Kaspersky Lab]	1
Trojan-Downloader.Agent [Ikarus]	1
Trojan-Downloader.Win32.Agent.asvg [Kaspersky Lab]	1
Trojan-Downloader.Win32.Agent.asxp [Kaspersky Lab]	1
Trojan-Dropper.Win32.Agent.auoy [Kaspersky Lab]	1
VirTool:Win32/Delfsnif.gen [Microsoft]	1
W32/Koobface.worm.gen.e [McAfee]	1
Win32.SuspectCrc [Ikarus]	1
Win32.Worm.Koobface [Ikarus]	1
Win32/Koobface.worm.11776.F [AhnLab]	1
Win32/Koobface.worm.11776.J [AhnLab]	1
Win32/Koobface.worm.15872.J [AhnLab]	1
Win32/Koobface.worm.16384 [AhnLab]	1
Win32/Koobface.worm.25600.I [AhnLab]	1
Win32/Koobface.worm.29184.C [AhnLab]	1
Win32/Koobface.worm.31232 [AhnLab]	1
Win32/Koobface.worm.32768.I [AhnLab]	1
Win32/Koobface.worm.43520.C [AhnLab]	1
Win32/Koobface.worm.46592 [AhnLab]	1
Win32/Kooface.worm.22016 [AhnLab]	1
Win-Trojan/Fackav.16384 [AhnLab]	1
Worm:Win32/Koobface.gen!A [Microsoft]	1
Worm:Win32/Koobface.I [Microsoft]	1
WORM_FACE.AB [Trend Micro]	1
WORM_KOOBFACE.D [Trend Micro]	1

W32.Koobface.B [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	3
	United Kingdom	1

W32.Koobface.B [Symantec] is known to be created as:

%ProgramFiles%\drv\drv.dll

%System%\splm\ncsjapi32.exe

%Windir%\bolivar20.exe

%Windir%\bolivar27.exe

%Windir%\bolivar28.exe

%Windir%\fbtre6.exe

%Windir%\fbtre9.exe

%Windir%\freddy35.exe

%Windir%\freddy42.exe

%Windir%\freddy46.exe

%Windir%\freddy49.exe

%Windir%\ld02.exe

%Windir%\ld03.exe

%Windir%\ld08.exe

%Windir%\ld09.exe

%Windir%\ld10.exe

%Windir%\mstre18.exe

%Windir%\pp06.exe

%Windir%\pp07.exe

%Windir%\romeo14.exe

%Windir%\tag11.exe

%Windir%\ugo02.exe

%Windir%\ugo04.exe

c:\techload.dll

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.