ThreatExpert's Statistics for Backdoor-CEP [McAfee]:

Backdoor-CEP [McAfee] is also known as:

Threat Alias	Number of Incidents
Backdoor.Bifrose [Symantec]	148
Backdoor.Win32.Bifrose [Ikarus]	130
Troj/BadCab-A [Sophos]	62
Mal/Generic-A [Sophos]	56
Backdoor.Bifrose!sd6 [PC Tools]	46
Backdoor.Trojan [Symantec]	29
Constructor.Win32.Bifrose.j [Kaspersky Lab]	22
Constructor.Bifrose!sd6 [PC Tools]	19
Trojan Horse [Symantec]	19
Trojan:Win32/Midgare.A [Microsoft]	18
Troj/Bifrose-WC [Sophos]	17
Backdoor.Win32.Bifrose.adql [Kaspersky Lab]	16
Backdoor:Win32/Bifrose.AE [Microsoft]	13
Infostealer [Symantec]	13
Backdoor.Win32.Bifrose.aeod [Kaspersky Lab]	12
Backdoor:Win32/Bifrose.gen!E [Microsoft]	12
Virus.Win32.Bifrose [Ikarus]	12
Win-Trojan/Xema.variant [AhnLab]	12
Backdoor:Win32/Bifrose [Microsoft]	11
Backdoor:Win32/Bifrose.EY [Microsoft]	11
BKDR_AHZE.NY [Trend Micro]	10
Backdoor.Win32.Bifrose.adpd [Kaspersky Lab]	9
Backdoor:Win32/Agent.CQ [Microsoft]	7
VirTool:Win32/CeeInject.gen!J [Microsoft]	7
Win-Trojan/Bifrose.30208.S [AhnLab]	7
Backdoor.Bifrose.D [Symantec]	6
Backdoor.Win32.Bifrose.apav [Kaspersky Lab]	6
Mal/Bifrose-S [Sophos]	6
Trojan.Crypt [Ikarus]	6
Backdoor.Win32.Bifrose.adnm [Kaspersky Lab]	5
Backdoor.Win32.Bifrose.aebs [Kaspersky Lab]	5
Backdoor.Win32.Bifrose.aosq [Kaspersky Lab]	5
Backdoor:Win32/Poisonivy.E [Microsoft]	5
Cryp_PESpin [Trend Micro]	5
Trojan.Win32.Agent.bcn [Kaspersky Lab]	5
VirTool.Win32.CeeInject [Ikarus]	5
Backdoor.Bifrose [Ikarus]	4
Backdoor.Win32.Bifrose.abmf [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.acci [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.aduw [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.advf [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.aiqv [Kaspersky Lab]	4
Backdoor:Win32/Trenk!rts [Microsoft]	4
BehavesLikeWin32.ProcessHijack [Ikarus]	4
Constructor/Bifrose.1466368 [AhnLab]	4
Constructor/Bifrose.617472 [AhnLab]	4
Constructor/Bifrose.723456 [AhnLab]	4
Email-Worm.Warezov!sd6 [PC Tools]	4
Mal/Behav-285 [Sophos]	4
Mal/Bifrose-I [Sophos]	4
Mal/Packer [Sophos]	4
Trojan.Win32.Midgare [Ikarus]	4
Trojan:Win32/Meredrop [Microsoft]	4
Trojan-Downloader.Win32.Banload.acjd [Kaspersky Lab]	4
Trojan-Dropper.Win32.VB [Ikarus]	4
VirTool.Win32.Vtub [Ikarus]	4
VirTool:Win32/Vtub.NP [Microsoft]	4
Virus.Win32.Crypt.CIK [Ikarus]	4
W32.Stration@mm [Symantec]	4
W32/AutoRun-RT [Sophos]	4
Win-Trojan/Banload.526848.C [AhnLab]	4
Win-Trojan/Bifrose.40172.D [AhnLab]	4
Win-Trojan/Bifrose.81920.J [AhnLab]	4
Backdoor.Win32.Bifrose.aci [Kaspersky Lab]	3
Mal/Behav-103, Mal/Behav-043 [Sophos]	3
Mal/Dropper-AL [Sophos]	3
Mal/EncPk-FH [Sophos]	3
Mal/EncPk-FL [Sophos]	3
Packed.Win32.Krap [Ikarus]	3
Suspicious.MH690 [Symantec]	3
Trojan.Dropper [Symantec]	3
Trojan.Packed.64 [Ikarus]	3
Trojan.Win32.Midgare.eyz [Kaspersky Lab]	3
Trojan.Win32.Midgare.mqa [Kaspersky Lab]	3
Trojan-Spy.Win32.Banker.ark [Ikarus]	3
VirTool:Win32/DelfInject.gen!AC [Microsoft]	3
VirTool:Win32/VBInject.gen!Q [Microsoft]	3
Virus.Trojan.Win32.Midgare.hhn [Ikarus]	3
Virus.Win32.Poison.HJ [Ikarus]	3
Win-Trojan/Midgare.34685 [AhnLab]	3
Win-Trojan/Midgare.92672 [AhnLab]	3
Backdoor.Bifrose [PC Tools]	2
Backdoor.Bifrose.AHY [PC Tools]	2
Backdoor.Win32.Bifrose.aimu [Kaspersky Lab]	2
Backdoor.Win32.Bifrose.aisz [Kaspersky Lab]	2
Backdoor.Win32.Bifrose.alvm [Kaspersky Lab]	2
Backdoor.Win32.Bifrose.alvt [Kaspersky Lab]	2
Backdoor.Win32.Bifrose.zoj [Kaspersky Lab]	2
Backdoor:Win32/Bifrose.ACI [Microsoft]	2
Backdoor:Win32/Bifrose.B [Microsoft]	2
Backdoor:Win32/Bifrose.ES [Microsoft]	2
Backdoor:Win32/Bifrose.gen!B [Microsoft]	2
Backdoor:Win32/Bifrose.gen!C [Microsoft]	2
Backdoor:Win32/Poison.AC [Microsoft]	2
Backdoor:Win32/Rbot.gen [Microsoft]	2
BKDR_BIFROSE.MIC [Trend Micro]	2
Constructor.Win32.Bifrose [Ikarus]	2
Constructor:Win32/Bifrose.A [Microsoft]	2
Mal/EncPk-DW [Sophos]	2
Mal/Sparow-A [Sophos]	2

Backdoor-CEP [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	Sweden	50
	Spain	8
	United Kingdom	8
	Germany	7
	China	6
	Russian Federation	6
	Portugal	3
	Italy	2
	Saudi Arabia	2
	Turkey	2
	Brazil	1
	Croatia	1
	France	1
	Israel	1
	Switzerland	1

Backdoor-CEP [McAfee] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\opp.exe

%LocalSettings%\alg.exe

%LocalSettings%\realsched.exe

%LocalSettings%\winstry.exe

%ProgramFiles%\1k66434m4jeq.exe.com

%ProgramFiles%\5cfbkt53\vgci1ffzl.exe

%ProgramFiles%\5cfbkt53\vgci1ffzl.exe.com

%ProgramFiles%\bifrost\gdgfk.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\gnerals\ceral.exe

%ProgramFiles%\internet explorer\iedw.exe.com

%ProgramFiles%\internet explorer\iexplore.exe.com

%ProgramFiles%\messenger\msmsgs.exe.com

%ProgramFiles%\msn\msncorefiles\install\msnsusii.exe.com

%ProgramFiles%\msn\msnia\msniasvc.exe.com

%ProgramFiles%\msn\msninstaller\msninst.exe.com

%ProgramFiles%\msn\msns.exe

%ProgramFiles%\netmeeting\cb32.exe.com

%ProgramFiles%\outlook express\msimn.exe.com

%ProgramFiles%\programsis\m5z.exe

%ProgramFiles%\server.exe

%ProgramFiles%\web publish\wpwiz.exe.com

%ProgramFiles%\windows media player\migrate.exe.com

%ProgramFiles%\windows nt\accessories\wordpad.exe.com

%ProgramFiles%\windows nt\dialer.exe.com

%ProgramFiles%\winpcap\rpcapd.exe.com

%ProgramFiles%\winprinter\winpramer.exe

%System%\adobe\adobefg.exe

%System%\bifrost\server.exe

%System%\bifrost\system80.exe

%System%\config32\system.exe

%System%\dygyjqq.exe

%System%\font.com

%System%\game_over.exe

%System%\jpijkxo.exe

%System%\load.exe

%System%\ovuhscf.exe

%System%\paint\paintr.exe

%System%\sghafwk.exe

%System%\sysdriver.exe

%System%\system\svchost.exe

%System%\system\system.exe

%System%\system32.exe

%System%\systeme\msn.exe

%System%\uninstall.exe

%System%\win32\update.exe

%System%\win32gl\svchost.exe

%System%\windows\server.exe

%System%\wmnist.exe

%Temp%\bifrost-indtc.exe

%Temp%\coffin.exe

%Temp%\file1.exe

%Temp%\file2.exe

%Temp%\ixp000.tmp\adobe.exe

%Temp%\ixp000.tmp\adobephotoshop.exe

%Temp%\ixp000.tmp\critical_setup.exe

%Temp%\ixp000.tmp\critical_updates.exe

%Temp%\ixp000.tmp\downloader.exe

%Temp%\ixp000.tmp\installer.exe

%Temp%\ixp000.tmp\server.exe

%Temp%\ixp000.tmp\svchost.exe

%Temp%\kafan virlist 2009.04.08\090408-b-12.exe

%Temp%\lulzcrip-lc.exe

%Temp%\real.exe

%Temp%\server.exe

%Temp%\svchost.exe

%Temp%\system.exe

%Temp%\tmp1.exe

%Temp%\winpcap_4_0.exe

%Windir%\2.exe

%Windir%\bifrost\server.exe

%Windir%\cftmon32.exe

%Windir%\easysoft.exe

%Windir%\kys7r.exe

%Windir%\mstwain32.exe

%Windir%\qfgt11nuz.exe

%Windir%\shvhost.exe

%Windir%\svchost.exe

%Windir%\system\vmwar.exe

%Windir%\system\ymaws.exe

%Windir%\system32:winupd.exe

%Windir%\system-94837450\windowsupd.exe

%Windir%\winini.exe

%Windir%\winstry.exe

%Windir%\y.exe

c:\bifrost.exe

c:\server.exe

c:\wmnist.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.