Threat Search: 

ThreatExpert's Statistics for BackDoor-DSS.gen.a [McAfee]:

BackDoor-DSS.gen.a [McAfee] is also known as:
Threat AliasNumber of Incidents
Backdoor.Win32.Poison.pg [Kaspersky Lab]747
Win-Trojan/Poison.8192.AF [AhnLab]724
Troj/Keylog-JV [Sophos]718
Virus.Win32.Poison [Ikarus]488
Backdoor.Ciadoor [Symantec]463
Trojan.DL.CKSPost.Gen [PC Tools]422
Backdoor:Win32/Poisonivy.H [Microsoft]251
Backdoor:Win32/Poison.M [Microsoft]197
Backdoor:Win32/Poisonivy.E [Microsoft]193
Backdoor.Trojan [Symantec]163
Win-Trojan/Poison.9728.F [AhnLab]48
Troj/Smalla-Gen, Mal/EncPk-CI, Mal/Poison-A [Sophos]43
Troj/Poison-AE [Sophos]35
Trojan.DL.Agent.XGB [PC Tools]23
Infostealer [Symantec]22
Virus.Win32.Agent.AAGI [Ikarus]21
Mal/EncPk-CI [Sophos]19
Backdoor.Win32.Poison.cpb [Kaspersky Lab]16
Virus.Win32.Poison.DE [Ikarus]7
Win-Trojan/Poison.8192.AB [AhnLab]7
Backdoor.Poison!sd6 [PC Tools]6
Backdoor.Win32.Small.uz [Kaspersky Lab]6
Win-Trojan/Agent.8192.EL [AhnLab]6
Win-Trojan/Poison.6400 [AhnLab]6
Backdoor.Win32.Agent.gpp [Kaspersky Lab]5
Suspicious.MH690 [Symantec]5
Trojan Horse [Symantec]5
Win-Trojan/Poison.8192.I [AhnLab]5
Backdoor.Win32.Poison [Ikarus]4
Backdoor.Win32.Poison.kmq [Kaspersky Lab]4
Backdoor.Win32.PoisonIvy [Ikarus]4
BackDoor-DSS [McAfee]4
BKDR_POISONIV.DQ [Trend Micro]4
BackDoor-DKI.gen.d [McAfee]3
Mal/EncPk-CI, Mal/Poison-A [Sophos]3
Mal/EncPk-GW, Mal/Poison-A, W32/Scribble-B [Sophos]3
Troj/Smalla-Gen, Mal/EncPk-CI [Sophos]3
Virus:Win32/Virut.BM [Microsoft]3
W32.Virut.CF [Symantec]3
Backdoor.Win32.Poison.cpc [Kaspersky Lab]2
Backdoor.Win32.Poison.mim [Kaspersky Lab]2
Backdoor.Win32.Poison.syr [Kaspersky Lab]2
Trojan.Generic [PC Tools]2
Trojan.Trash [Ikarus]2
Trojan-Downloader.Win32.Small [Ikarus]2
Virus.Win32.Trojan [Ikarus]2
Win32/Virut.E [AhnLab]2
Backdoor.Win32.Poison.aet [Kaspersky Lab]1
Backdoor.Win32.Poison.agtn [Kaspersky Lab]1
Backdoor.Win32.Poison.ahou [Kaspersky Lab]1
Backdoor.Win32.Poison.aoor [Kaspersky Lab]1
Backdoor.Win32.Poison.jha [Kaspersky Lab]1
Backdoor.Win32.Poison.pii [Kaspersky Lab]1
Backdoor.Win32.Poison.tkd [Kaspersky Lab]1
BackDoor-DKI.gen.a [McAfee]1
BKDR_POISON.FM [Trend Micro]1
Hacktool.Keylogger [Symantec]1
Mal/EncPk-CI, Mal/Poison-A, Mal/Behav-043 [Sophos]1
PE_VIRUX.E-4 [Trend Micro]1
PE_VIRUX.F-2 [Trend Micro]1
PE_VIRUX.H-3 [Trend Micro]1
Troj/Smalla-Gen, Mal/EncPk-GW, Mal/EncPk-CI, Mal/Poison-A [Sophos]1
Trojan-PSW.Generic [PC Tools]1
Virus.Win32.Agent.ACII [Ikarus]1
Virus.Win32.Crypt.CIK [Ikarus]1
Win-Trojan/Poisonivy.17920.D [AhnLab]1

BackDoor-DSS.gen.a [McAfee] has the following possible countries of origin:
OriginNumber of Incidents
South Africa1
Sweden1

BackDoor-DSS.gen.a [McAfee] is known to be created as:
%AllUsersProfile%\dev10.exe
%AllUsersProfile%\dev3.exe
%AllUsersProfile%\dev5.exe
%AllUsersProfile%\dev8.exe
%InternetCache%\1.exe
%LocalSettings%\temptmp.exe
%Profiles%\an\desktop\update.exe
%Profiles%\ggg.exe
%ProgramFiles%\haxy\haxy\server_pi.exe
%ProgramFiles%\hellz\server.exe
%ProgramFiles%\server.exe
%ProgramFiles%\sex.exe
%System%\3b.exe
%System%\444.exe
%System%\5.exe
%System%\aa.exe
%System%\avp.exe
%System%\cmdd.exe
%System%\crs.exe
%System%\dsdsd.exe
%System%\fail.exe
%System%\fg.exe
%System%\hh.exe
%System%\impo-file.exe
%System%\interxpoler.exe
%System%\j2.exe
%System%\j4x3d.exe
%System%\jogo.exe
%System%\jx2.exe
%System%\ki.exe
%System%\kkookkaa.exe
%System%\ma.exe
%System%\massenger.exe
%System%\mcs.exe
%System%\mesenger.exe
%System%\messenger.exe
%System%\microsoft.exe
%System%\moop.exe
%System%\msmsgs.exe
%System%\msn.exe
%System%\msngr.exe
%System%\msnmsgr.exe
%System%\msvessfinal.exe
%System%\new.exe
%System%\nm.exe
%System%\ntfstate.exe
%System%\photo.exe
%System%\pi_server.exe
%System%\pi-server.exe
%System%\poop.exe
%System%\poye.exe
%System%\poza.exe
%System%\realplayerr.exe
%System%\rset542115.exe
%System%\rundl32.exe
%System%\server.exe
%System%\server_poison.exe
%System%\skype.exe
%System%\stub.dll
%System%\svhost.exe
%System%\system.exe
%System%\system32.exe
%System%\toni.exe
%System%\victims121.exe
%System%\windl32.exe
%System%\window.exe
%System%\windows.exe
%System%\windows32wn.exe
%System%\winupd.exe
%System%\zero.exe
%Temp%\-.exe
%Temp%\0.exe
%Temp%\2.exe
%Temp%\585.exe
%Temp%\613818.exe
%Temp%\665716.exe
%Temp%\78.exe
%Temp%\808561.exe
%Temp%\82708.exe
%Temp%\828580.exe
%Temp%\852578.exe
%Temp%\88.exe
%Temp%\aaa.exe
%Temp%\cryptedfile.exe
%Temp%\decrypted.exe
%Temp%\f.exe
%Temp%\ff.exe
%Temp%\filetmp.exe
%Temp%\gmn7ej.exe
%Temp%\ir_ext_temp_0\autoplay\docs\4564.exe
%Temp%\iricuc.exe
%Temp%\ixp000.tmp\123.exe
%Temp%\ixp000.tmp\33.exe
%Temp%\ixp000.tmp\58.exe
%Temp%\ixp000.tmp\msnmsgr.exe
%Temp%\ixp000.tmp\nn.exe
%Temp%\ixp000.tmp\nour.exe
%Temp%\ixp000.tmp\play.exe
%Temp%\ixp000.tmp\ragaa.exe
%Temp%\ixp000.tmp\rotq8.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).