ThreatExpert's Statistics for BackDoor-EEF [McAfee]:

BackDoor-EEF [McAfee] is also known as:

Threat Alias	Number of Incidents
VirTool:Win32/Injector.gen!AG [Microsoft]	146
Mal/EncPk-JU [Sophos]	85
Trojan.Win32.Refroso [Ikarus]	68
Trojan-Downloader.Win32.Pher.xx [Kaspersky Lab]	46
Downloader [Symantec]	39
Trojan.Win32.Refroso.ktw [Kaspersky Lab]	39
Trojan Horse [Symantec]	25
VirTool.Win32.Injector [Ikarus]	22
Backdoor.Trojan [Symantec]	21
Mal/Generic-A [Sophos]	20
Trojan.Generic [PC Tools]	19
VirTool:Win32/Injector.gen!AD [Microsoft]	17
Backdoor.Trojan [PC Tools]	15
Downloader.Generic [PC Tools]	13
Win32/Kolab.worm.Gen [AhnLab]	13
TrojanDownloader:Win32/Buzus.F [Microsoft]	10
Mal/EncPk-JU, Mal/Behav-103, Mal/Behav-043 [Sophos]	9
Backdoor.Win32.Donbot.b [Kaspersky Lab]	8
Troj/Buzus-AU [Sophos]	8
Trojan-Downloader.Win32.Pher [Ikarus]	8
Virus:Win32/Sality.AM [Microsoft]	8
Win32/Kashu.B [AhnLab]	8
Virus.Win32.Sality.aa [Kaspersky Lab]	7
Mal/Behav-103, Mal/Behav-043 [Sophos]	6
Mal/Generic-A, Mal/EncPk-JU [Sophos]	6
Mal/KeInject-A, Mal/EncPk-LR [Sophos]	6
Win-Trojan/Injector.66461 [AhnLab]	6
Win-Trojan/Refroso.87933 [AhnLab]	6
Mal/KeInject-A, Mal/EncPk-JU [Sophos]	5
Trojan-Spy.Win32.Agent.azbj [Kaspersky Lab]	5
VirTool:Win32/CeeInject.gen!AO [Microsoft]	5
W32/Sality-AM [Sophos]	5
Win-Trojan/Refroso.81920.E [AhnLab]	5
Mal/KeInject-A [Sophos]	4
Net-Worm.Spybot [PC Tools]	4
Packed.Generic.252 [Symantec]	4
VirTool:Win32/CeeInject.F [Microsoft]	4
W32.Sality.AE [Symantec]	4
W32.Spybot.Worm [Symantec]	4
Win-Trojan/Pher.58368 [AhnLab]	4
Mal/Sality-B [Sophos]	3
PE_SALITY.BU [Trend Micro]	3
PE_SALITY.EK [Trend Micro]	3
Troj/Inject-JF [Sophos]	3
Trojan.Loader [Ikarus]	3
Trojan.Win32.Agent2.kjd [Kaspersky Lab]	3
Trojan.Win32.Buzus [Ikarus]	3
Trojan.Win32.Buzus.cuxi [Kaspersky Lab]	3
Trojan-Downloader.Win32.Buzus [Ikarus]	3
Trojan-Dropper.Win32.Refroso [Ikarus]	3
VirTool:Win32/CeeInject.gen!AJ [Microsoft]	3
VirTool:Win32/Injector.gen!Y [Microsoft]	3
Win32.Sality.AM.Gen [PC Tools]	3
Win-Trojan/Agent2.20992.HT [AhnLab]	3
Win-Trojan/Refroso.62976.D [AhnLab]	3
Backdoor.IRC [PC Tools]	2
Backdoor.IRC.Bot [Symantec]	2
Backdoor:Win32/Bifrose.DN [Microsoft]	2
Email-Worm.Win32.BSpread.b [Kaspersky Lab]	2
Generic.dx!su [McAfee]	2
HeurEngine.MaliciousPacker [PC Tools]	2
Infostealer.Gampass [Symantec]	2
Mal/EncPk-JU, Mal/Behav-043 [Sophos]	2
Mal/Generic-E [Sophos]	2
P2P-Worm.Win32.Palevo [Ikarus]	2
PE_SALITY.AE [Trend Micro]	2
PE_SALITY.EN [Trend Micro]	2
Troj/Dloadr-CUT [Sophos]	2
Trojan.Win32.Agent [Ikarus]	2
Trojan-PSW.Gampass [PC Tools]	2
VirTool:Win32/CeeInject.gen!Y [Microsoft]	2
VirTool:Win32/CeeInject.gen!Z [Microsoft]	2
Virus:Win32/Virut.BM [Microsoft]	2
W32.IRCBot [Symantec]	2
W32.Sality.X [Symantec]	2
W32.Virut.CF [Symantec]	2
W32/Sality-AI [Sophos]	2
Win32.Sality.AA.Gen [PC Tools]	2
Win32/Sality.F [AhnLab]	2
Win-Trojan/Buzus.41472.M [AhnLab]	2
Win-Trojan/Pher.29184 [AhnLab]	2
Win-Trojan/Refroso.135680 [AhnLab]	2
Win-Trojan/Refroso.62464.D [AhnLab]	2
Win-Trojan/Xema.variant [AhnLab]	2
Worm:Win32/Pushbot.gen [Microsoft]	2
Backdoor:Win32/Bifrose.gen!C [Microsoft]	1
Backdoor:Win32/Poison.M [Microsoft]	1
Backdoor:Win32/Pushbot.PN [Microsoft]	1
Generic Dropper.gz [McAfee]	1
Mal/Behav-043 [Sophos]	1
Mal/Behav-043, Mal/EncPk-JU, Mal/Behav-103 [Sophos]	1
Mal/EncPk-JU, Mal/Swizzor-D, Mal/Behav-103 [Sophos]	1
Mal/EncPk-LR [Sophos]	1
Mal/EncPk-LR, W32/Scribble-B [Sophos]	1
Mal/Generic-E, Mal/Behav-043, Mal/Wintrim-E, Mal/EncPk-JU, Mal/Behav-103 [Sophos]	1
Mal/Generic-E, Mal/Wintrim-E, Mal/EncPk-JU [Sophos]	1
Mal/Wintrim-E, Mal/EncPk-JU, Mal/Behav-103, Mal/Behav-043 [Sophos]	1
Malware.Ircbrute [PC Tools]	1
Malware.Sality [PC Tools]	1
Malware.SillyDC [PC Tools]	1

BackDoor-EEF [McAfee] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\microsoft\svchost.exe

%AppData%\system\taskmgr.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\mrd\server.exe

%ProgramFiles%\server.exe

%ProgramFiles%\system of down\system.exe

%ProgramFiles%\system32\dll.exe

%System%\2195\lass.exe

%System%\4578\exploir.exe

%System%\asd\14.exe

%System%\bifrost\r.exe

%System%\bifrost\server.exe

%System%\info.dll

%System%\lncom_.exe

%System%\masnger\masnger.exe

%System%\sdra64.exe

%System%\sys\serv.exe

%System%\system\taskmgr.exe

%System%\text.exe

%Temp%\2.exe

%Temp%\file2.exe

%Temp%\girl.exe

%Temp%\ixp000.tmp\31.exe

%Temp%\ixp000.tmp\crypt.exe

%Temp%\ixp000.tmp\med.exe

%Temp%\ixp001.tmp\med.exe

%Temp%\ixp002.tmp\med.exe

%Temp%\proexa2.exe

%Temp%\server..exe

%Temp%\server.exe

%Temp%\stubdvh_4.exe

%Temp%\w.exe

%Temp%\win8.exe

%Windir%\bifrost\server.exe

%Windir%\kasber-server1.exe

%Windir%\msngr.exe

%Windir%\nzmcrypt.exe

c:\recycled\bin\ok.exe

c:\server.exe

c:\ses.exe

c:\xxx.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.