McAfee has received multiple reports of customers who are severely affected by variants of W32/autorun.worm.aaeb-h.
W32/Autorun.worm.aaeb-h has the ability to infect removable media devices and mounted network shares. It can also copy itself into .zip and .rar archive files.
The infection starts either with manual execution of an infected file or by navigating to a folder that contains infected files. This threat has the ability to download other malware or updates to itself as directed by a Command-and-Control (C&C) server.
McAfee has released an Extra.DAT to detect and clean this threat. A new version of Stinger will be available later. McAfee will send another SNS notice when the Stinger is available.
To download the Extra.DAT and Stinger (when available), see KB76807:
For more information on McAfee product coverage and mitigation for this threat, see PD24169 – Threat Advisory: W32/Autorun.worm.aaeb: