ThreatExpert's Statistics for Win32/Kolab.worm.Gen [AhnLab]:

Win32/Kolab.worm.Gen [AhnLab] is also known as:

Threat Alias	Number of Incidents
Mal/EncPk-JU [Sophos]	33
BackDoor-EEF [McAfee]	13
BackDoor-EEC.gen [McAfee]	8
Trojan Horse [Symantec]	8
VirTool:Win32/Injector.gen!AD [Microsoft]	8
VirTool:Win32/CeeInject.gen!AJ [Microsoft]	7
Trojan-Downloader.Win32.Pher [Ikarus]	6
BackDoor-EBI.gen [McAfee]	5
Mal/KeInject-A, Mal/EncPk-JU [Sophos]	4
Packed.Generic.252 [Symantec]	4
Troj/Inject-JD [Sophos]	4
VirTool.Win32.Injector [Ikarus]	4
W32.Spybot.Worm [Symantec]	4
Worm.Win32.Pushbot [Ikarus]	4
Backdoor.Trojan [Symantec]	3
BackDoor-EEC [McAfee]	3
BackDoor-EED [McAfee]	3
Net-Worm.Spybot [PC Tools]	3
Trojan.Generic [PC Tools]	3
Trojan.Win32.Refroso [Ikarus]	3
Backdoor.Trojan [PC Tools]	2
HeurEngine.MaliciousPacker [PC Tools]	2
Mal/Generic-A, Mal/EncPk-JU [Sophos]	2
Net-Worm.Win32.Kolab [Ikarus]	2
Troj/Inject-JA [Sophos]	2
Trojan.Refroso [Ikarus]	2
Trojan.Win32.Refroso.jyu [Kaspersky Lab]	2
Trojan-Downloader.Win32.Pher.xx [Kaspersky Lab]	2
VirTool:Win32/Injector.gen!AG [Microsoft]	2
W32/Checkout!n [McAfee]	2
Backdoor:Win32/Phdet.gen!A [Microsoft]	1
Backdoor:Win32/Pushbot.PP [Microsoft]	1
Downloader [Symantec]	1
Downloader.Generic [PC Tools]	1
Email-Worm.Win32.BSpread.b [Kaspersky Lab]	1
Generic.dx!fgj [McAfee]	1
Malware.Ircbrute [PC Tools]	1
Net-Worm.SillyFDC [PC Tools]	1
Net-Worm.Win32.Kolab.dmn [Kaspersky Lab]	1
Net-Worm.Win32.Kolab.dqp [Kaspersky Lab]	1
Net-Worm.Win32.Kolab.drs [Kaspersky Lab]	1
Net-Worm.Win32.Kolab.dsu [Kaspersky Lab]	1
P2P-Worm.Win32.Palevo [Ikarus]	1
P2P-Worm.Win32.Palevo.jpm [Kaspersky Lab]	1
Trojan.Dropper [PC Tools]	1
Trojan.Dropper [Symantec]	1
Trojan.Win32.Agent2.chyh [Kaspersky Lab]	1
Trojan.Win32.Buzus.buyb [Kaspersky Lab]	1
Trojan.Win32.Refroso.jgm [Kaspersky Lab]	1
Trojan.Win32.Refroso.juq [Kaspersky Lab]	1
Trojan.Win32.Refroso.kqt [Kaspersky Lab]	1
Trojan.Win32.Refroso.ndx [Kaspersky Lab]	1
Trojan:Win32/Ircbrute [Microsoft]	1
Trojan:Win32/Meredrop [Microsoft]	1
Trojan-Downloader.Win32.Pher.bb [Kaspersky Lab]	1
Trojan-Downloader.Win32.Pher.bub [Kaspersky Lab]	1
Trojan-Downloader.Win32.Pher.il [Kaspersky Lab]	1
Trojan-Downloader.Win32.Pher.kw [Kaspersky Lab]	1
Trojan-Downloader.Win32.Pher.pz [Kaspersky Lab]	1
Trojan-Proxy.Win32.Agent.bub [Kaspersky Lab]	1
VirTool:Win32/CeeInject.gen!AO [Microsoft]	1
VirTool:Win32/CeeInject.gen!AS [Microsoft]	1
W32.Ircbrute [Symantec]	1
W32.SillyFDC [Symantec]	1
W32/Autorun.worm.h [McAfee]	1
Worm.Win32.AInfBot [Ikarus]	1
Worm.Win32.AInfBot.o [Kaspersky Lab]	1
Worm.Win32.AutoRun.gsf [Kaspersky Lab]	1
Worm.Win32.Slenfbot [Ikarus]	1
Worm:Win32/Pushbot.gen [Microsoft]	1
Worm:Win32/Pushbot.gen!C [Microsoft]	1
Worm:Win32/Slenfbot [Microsoft]	1

Win32/Kolab.worm.Gen [AhnLab] has the following possible country of origin:

Origin		Number of Incidents
	Canada	2

Win32/Kolab.worm.Gen [AhnLab] is known to be created as:

%AppData%\microsoft\svchost.exe

%Temp%\asadfg43rwaef.exe

%Temp%\ixp000.tmp\crypt.exe

%Windir%\nzmcrypt.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.