ThreatExpert's Statistics for BackDoor-AWQ [McAfee]:

BackDoor-AWQ [McAfee] is also known as:

Threat Alias	Number of Incidents
not-a-virus:NetTool.Win32.Agent.b [Kaspersky Lab]	95,195
Hacktool [Symantec]	94,958
Trojan:Win32/Pepatch.E [Microsoft]	88,692
Trojan-Downloader.Agent.AEN [PC Tools]	73,505
Mal/Packer, Mal/EncPk-AI [Sophos]	47,237
Mal/EncPk-AI [Sophos]	42,175
Generic Malware.bc [McAfee]	26,510
Mal_MLWR-5 [Trend Micro]	24,825
Trojan-Dropper.Agent [Ikarus]	24,102
Virus.Win32.Virtualizer [Ikarus]	13,737
Generic Dropper.ex [McAfee]	8,917
not-a-virus:NetTool.Win32.Agent.b [Ikarus]	6,507
Backdoor.Win32.Popwin [Ikarus]	4,579
Trojan-PWS.Win32.Maran [Ikarus]	2,892
not-a-virus:NetTool.Win32.Agent [Ikarus]	2,651
Win-Trojan/HackTool.13531 [AhnLab]	2,410
Mal/EncPk-AI, Mal/Packer [Sophos]	1,205
TROJ_NSPM.RD [Trend Micro]	964
Packed/NSPack [PC Tools]	761
Backdoor.Win32.Popwin.beg [Ikarus]	723
Backdoor.Graybird [Symantec]	414
Backdoor:Win32/Hupigon [Microsoft]	89
Backdoor.Hupigon.GEN [PC Tools]	72
Backdoor.Trojan [Symantec]	62
Backdoor.Win32.Hupigon [Ikarus]	59
BKDR_HUPIGON.EVG [Trend Micro]	53
BKDR_HUPIGON.GEN [Trend Micro]	49
Backdoor.Graybird!Gen [Symantec]	46
Backdoor.Hupigon!sd5 [PC Tools]	45
Backdoor.Win32.Hupigon.emk [Kaspersky Lab]	45
Mal/Generic-A [Sophos]	39
Mal/Packer [Sophos]	38
BKDR_HUPIGON.CCS [Trend Micro]	36
Backdoor.Hupigeon [Symantec]	29
Backdoor.Graybird.GEN [PC Tools]	28
Trojan Horse [Symantec]	28
Backdoor.Win32.Hupigon.dkl [Kaspersky Lab]	25
Worm.PoeBot.KV [PC Tools]	25
BKDR_HUPIGON.JSF [Trend Micro]	22
W32.IRCBot [Symantec]	21
BKDR_VANBOT.NM [Trend Micro]	20
Backdoor.Hupigon [Ikarus]	17
Backdoor.Win32.Hupigon.ffu [Kaspersky Lab]	17
Packed.Win32.Klone.af [Kaspersky Lab]	17
Backdoor.Win32.Hupigon.atoe [Kaspersky Lab]	16
Backdoor.Win32.Hupigon.avi [Kaspersky Lab]	16
Backdoor.Win32.Hupigon.bjxn [Kaspersky Lab]	16
Backdoor.Win32.VanBot.dt [Kaspersky Lab]	16
BKDR_HUPIGON.ALU [Trend Micro]	16
BKDR_HUPIGON.VEM [Trend Micro]	16
Adware.eZula [PC Tools]	15
Mal/Behav-053 [Sophos]	15
Backdoor.Win32.Hupigon.mhp [Kaspersky Lab]	13
Backdoor.Win32.Hupigon.nqr [Kaspersky Lab]	13
Cryp_Pai-6 [Trend Micro]	13
Mal/GrayBird-B, Mal/Behav-043, Mal/Emogen-E [Sophos]	13
Backdoor.Win32.Hupigon.emb [Kaspersky Lab]	12
BKDR_HUPIGON.FVR [Trend Micro]	12
Backdoor.Graybird!sd6 [PC Tools]	11
Backdoor.Win32.Hupigon.ccc [Kaspersky Lab]	11
Backdoor.Win32.Hupigon.hsp [Kaspersky Lab]	11
Packed.Win32.PolyCrypt.d [Kaspersky Lab]	11
Trojan.Popwin [Symantec]	11
TrojanDropper:Win32/Hupigon.gen!A [Microsoft]	11
Backdoor.Win32.Hupigon.bap [Kaspersky Lab]	10
Backdoor.Win32.Hupigon.elw [Kaspersky Lab]	10
BKDR_HUPIGON.ETY [Trend Micro]	10
BKDR_HUPIGON.EWE [Trend Micro]	10
Trojan.Adclicker [Symantec]	10
VirTool:Win32/Obfuscator.P [Microsoft]	10
W32.Spybot.Worm [Symantec]	10
Win-Trojan/Xema.variant [AhnLab]	10
Backdoor.Win32.Hupigon.adi [Kaspersky Lab]	9
Backdoor.Win32.Hupigon.cda [Kaspersky Lab]	9
BKDR_GBIRD.A [Trend Micro]	9
Infostealer.Gampass [Symantec]	9
VirTool:Win32/DelfInject.gen!L [Microsoft]	9
Backdoor.GrayBird!sd5 [PC Tools]	8
Backdoor.Win32.Bifrose.abuy [Kaspersky Lab]	8
Backdoor.Win32.GrayBird.px [Kaspersky Lab]	8
Backdoor.Win32.Hupigon.abu [Kaspersky Lab]	8
Backdoor.Win32.Hupigon.dsx [Kaspersky Lab]	8
Backdoor:Win32/Hupigon.gen!B [Microsoft]	8
Backdoor:Win32/Small.D [Microsoft]	8
Cryp_Pai-3 [Trend Micro]	8
Mal/Emogen-R [Sophos]	8
Mal/EncPk-AP [Sophos]	8
MalwareScope.Backdoor.Hupigon [Ikarus]	8
not-a-virus:Server-Proxy.Win32.RCService.j [Kaspersky Lab]	8
Packed.Win32.Klone.d [Ikarus]	8
TROJ_HUPIGON.OWC [Trend Micro]	8
Backdoor.Graybird [PC Tools]	7
Backdoor.Win32.PoeBot.C [Ikarus]	7
BKDR_HUPIGON.ETH [Trend Micro]	7
Mal/Behav-043 [Sophos]	7
Packed/eXPressor [PC Tools]	7
W32.Versie.A [Symantec]	7
Backdoor.Hupigon.GTB [PC Tools]	6
Backdoor.Win32.Hupigon.axbr [Kaspersky Lab]	6
Backdoor.Win32.Hupigon.pv [Kaspersky Lab]	6

BackDoor-AWQ [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	523
	Brazil	9
	Russian Federation	6
	United Kingdom	5
	Germany	3
	Iran	2
	Oman	2
	Saudi Arabia	2
	Algeria	1
	Canada	1
	Sweden	1
	Taiwan	1

BackDoor-AWQ [McAfee] is known to be created as:

%CommonFavorites%\netservice.exe

%CommonFavorites%\plug\001.dll

%CommonFavorites%\plugin\001.dll

%InternetCache%\qq.exe

%ProgramFiles%\accessories\slitess.exe

%ProgramFiles%\advanced invisible keylogger\win16sys.dll

%ProgramFiles%\alertera.com

%ProgramFiles%\bitspirit\myupnp.exe

%ProgramFiles%\common files\directdb.com

%ProgramFiles%\common files\netdde.exe

%ProgramFiles%\common files\services\svchost.exe

%ProgramFiles%\common files\syskey.dll

%ProgramFiles%\common files\system\amtrtpn.exe

%ProgramFiles%\common files\system\jqjdsat.exe

%ProgramFiles%\common files\system\lkqpsmu.exe

%ProgramFiles%\common files\system\msadc\nettps.exe

%ProgramFiles%\common files\system\nvcpl.exe

%ProgramFiles%\common files\system\ojtgixe.exe

%ProgramFiles%\common files\system\svchostsers.com

%ProgramFiles%\common files\system\vncmnger32.exe

%ProgramFiles%\common files\system\vrkuevf.exe

%ProgramFiles%\common files\system\ykagbri.exe

%ProgramFiles%\hgzserver\g_server2006.exe

%ProgramFiles%\hgzserver\shuibai8.exe

%ProgramFiles%\hgzserver\svch0st.exe

%ProgramFiles%\hgzserver\windows.exe

%ProgramFiles%\hgzserver\www.darkst.com

%ProgramFiles%\intel\intell.dll

%ProgramFiles%\internet explorer\update.dll

%ProgramFiles%\kaspersky lab\kaspersky.exe

%ProgramFiles%\meex.exe

%ProgramFiles%\microsoft.net\svrecac.exe

%ProgramFiles%\msn gaming zone\svrecad.exe

%ProgramFiles%\noadware5.0\nutils.dll

%ProgramFiles%\outlook express\oemigs.exe

%ProgramFiles%\personal pc spy\win16sys.dll

%ProgramFiles%\svch0sts.exe

%ProgramFiles%\tencent\qq.exe

%ProgramFiles%\update\update.exe

%ProgramFiles%\windows media player\wmsetsdk.dll

%ProgramFiles%\windows media player\wmsetsdkkey.dll

%ProgramFiles%\windows nt\mscol.exe

%ProgramFiles%\windows nt\svchost.exe

%ProgramFiles%\windows nt\wordict.exe

%ProgramFiles%\winrar\zip.exe

%ProgramFiles%\winword.exe

%System%\_re082.exe

%System%\_versv.exe

%System%\_windows_wks.exe

%System%\0.exe

%System%\360box.exe

%System%\360tay.exe

%System%\360trac.exe

%System%\360traf.exe

%System%\360trag.exe

%System%\360traj.exe

%System%\360trak.exe

%System%\360trav.exe

%System%\360trax.exe

%System%\360tray.exe

%System%\36osafe.exe

%System%\36otray.exe

%System%\5.26.exe

%System%\a340d383.exe

%System%\accountsmanager.exe

%System%\alxres070619.exe

%System%\anti.dll

%System%\applictie.exe

%System%\awtqnkhe.dll

%System%\bluefire.exe

%System%\brc_server.exe

%System%\chdk.exe

%System%\chdskk.exe

%System%\cmd.com

%System%\cs.exe

%System%\dirx9.exe

%System%\dkdk.exe

%System%\dllcache\wuauclt.exe

%System%\drivers\suchost.exe

%System%\dxdiags.exe

%System%\e0chis.exe

%System%\f.pink dream\iexpl0er.exe

%System%\fuck.exe

%System%\hs1.exe

%System%\iexpl0er.exe

%System%\iexplorer.exe

%System%\iexplqre.exe

%System%\inf\scrsys070619.scr

%System%\install.dll

%System%\install.exe

%System%\installkey.dll

%System%\ipccamk.exe

%System%\irwww.exe

%System%\ivate.dll

%System%\iyoeuk.dll

%System%\logo.exe

%System%\ly_server2008.exe

%System%\msdans.dll

%System%\msxl32.dll

%System%\nerocheck.exe

Notes:

%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).