Threat Search: 

ThreatExpert's Statistics for Backdoor.Trojan [PC Tools]:

Backdoor.Trojan [PC Tools] is also known as:
Threat AliasNumber of Incidents
Backdoor.Trojan [Symantec]1,067
Mal/Generic-A [Sophos]284
VirTool:Win32/Injector.gen!AG [Microsoft]163
Troj/Wimpix-Gen [Sophos]57
BackDoor-EGO [McAfee]55
BackDoor-EHE [McAfee]51
Troj/Refroso-D [Sophos]50
Backdoor.Win32.Agent.ampk [Kaspersky Lab]40
Win-Trojan/Xema.variant [AhnLab]38
BackDoor-DKI.gen.bn [McAfee]36
BackDoor-CEP.gen.am [McAfee]30
Troj/Inject-JV [Sophos]30
Mal/EncPk-LR, Mal/KeInject-A [Sophos]28
Trojan-Dropper.Agent [Ikarus]28
Mal/KeInject-A, Mal/EncPk-LR [Sophos]27
Trojan.Win32.Refroso.ztk [Kaspersky Lab]25
Trojan:Win32/Wimpixo.gen!A [Microsoft]24
BackDoor-DKI.gen.bo [McAfee]23
VirTool:Win32/VBInject.gen!BY [Microsoft]23
BackDoor-CEP.gen.av [McAfee]22
Constructor:Win32/Bifrose.A [Microsoft]22
BackDoor-CEP.gen.au [McAfee]21
TROJ_REFROSO.SME [Trend Micro]20
Constructor/Bifrose.1466368 [AhnLab]16
Mal/Pukish-B, Mal/Pukish-B, Mal/TSlip-A [Sophos]16
Trojan-Proxy.Win32.Glukelira.wi [Kaspersky Lab]16
Backdoor.Win32.Poison [Ikarus]15
BackDoor-EEF [McAfee]15
Constructor.Win32.Bifrose.j [Kaspersky Lab]15
Mal/Bifrose-S, Mal/Bifrose-S [Sophos]15
Trojan:Win32/Bumat!rts [Microsoft]15
TrojanSpy:Win32/Ursnif.gen!I [Microsoft]15
Backdoor.Win32.Agent.aokq [Kaspersky Lab]14
Mal/DelpDldr-F [Sophos]14
Trojan:Win32/Oficla.E [Microsoft]14
VirTool:Win32/VBInject.gen!BP [Microsoft]14
Backdoor.Litmus [PC Tools]13
Backdoor:Win32/Bifrose.AE [Microsoft]13
Dropper/Stabs.65949 [AhnLab]13
Backdoor.IRC.Fylex [Ikarus]12
Backdoor.Win32.Donbot.b [Kaspersky Lab]12
Generic.dx [McAfee]12
not-a-virus:Server-Proxy.Win32.3proxy.dd [Kaspersky Lab]12
Trojan-Downloader.Win32.VB.rrl [Kaspersky Lab]12
Trojan-Dropper.Win32.VB.mwt [Kaspersky Lab]12
Win-Trojan/Backdoor.64000.C [AhnLab]12
Worm:Win32/Autorun.RX [Microsoft]12
Backdoor.Win32.Papras.t [Kaspersky Lab]11
VirTool:Win32/VBInject.CK [Microsoft]11
Backdoor:Win32/Poison.M [Microsoft]10
Backdoor-DZP [McAfee]10
Downloader-BYK [McAfee]10
Generic VB.i [McAfee]10
Generic.dx!fjp [McAfee]10
Mal/EncPk-JU [Sophos]10
Mal/Refroso-B [Sophos]10
Troj/Bifrose-ZC [Sophos]10
Win32/IRCBot.worm.variant [AhnLab]10
Backdoor:Win32/Bifrose.HO [Microsoft]9
Generic BackDoor [McAfee]9
Generic BackDoor!mz [McAfee]9
Generic PWS.y!byi [McAfee]9
Generic.dx!fhi [McAfee]9
not-a-virus:Server-Proxy.Win32.3proxy [Ikarus]9
Trojan.Win32.Refroso.abks [Kaspersky Lab]9
Trojan-Dropper.Win32.Nail.hm [Kaspersky Lab]9
VirTool.Win32.Injector [Ikarus]9
Backdoor.Win32.Hupigon [Ikarus]8
Backdoor:Win32/Poisonivy.H [Microsoft]8
BackDoor-EEC [McAfee]8
BKDR_BIFROSE.SMI [Trend Micro]8
Generic VB.by [McAfee]8
Trojan:Win32/Meredrop [Microsoft]8
Trojan-Dropper.Delf [Ikarus]8
VirTool:Win32/CeeInject.gen!AA [Microsoft]8
Generic Dropper!hv.f [McAfee]7
Mal/Behav-053 [Sophos]7
Mal/Bifrose-S [Sophos]7
Packed.Win32.Krap.c [Kaspersky Lab]7
Trojan.Win32.DelfInject.b [Kaspersky Lab]7
Trojan:Win32/Malat [Microsoft]7
Trojan:Win32/VB [Microsoft]7
VirTool:Win32/VBInject.gen!CH [Microsoft]7
Win-Trojan/Poison.17408.U [AhnLab]7
Constructor/Bifrose.1466056 [AhnLab]6
FakeAlert-ID [McAfee]6
Mal/Generic-A, Mal/EncPk-JU [Sophos]6
Trojan.Inject [Ikarus]6
Trojan.Win32.Buzus [Ikarus]6
Trojan:Win32/Malagent [Microsoft]6
Trojan-Downloader.Win32.Mutant.fka [Kaspersky Lab]6
Trojan-Downloader.Win32.Pher.xx [Kaspersky Lab]6
TrojanDownloader:Win32/Cutwail.AQ [Microsoft]6
Win-Trojan/Mutant.27174 [AhnLab]6
Backdoor.Win32.Agent.ajyu [Kaspersky Lab]5
Backdoor.Win32.Bifrose.fpb [Kaspersky Lab]5
Backdoor.Win32.Bredavi [Ikarus]5
Backdoor:Win32/Bisar!rts [Microsoft]5
Backdoor:Win32/Turkojan.AI [Microsoft]5
BackDoor-CEP.gen.g [McAfee]5

Backdoor.Trojan [PC Tools] has the following possible countries of origin:
OriginNumber of Incidents
China51
Spain36
Sweden27
Germany22
Russian Federation14
United Kingdom11
Australia4
Brazil4
France4
Republic of Korea4
Saudi Arabia4
Egypt2
Portugal2
Taiwan2
Turkey2
Iran1
Italy1
Japan1
Jordan1
Kyrgyzstan1
Netherlands1
Poland1
Romania1
Ukraine1

Backdoor.Trojan [PC Tools] is known to be created as:
%AllUsersProfile%\drm\userdata.dll
%AppData%\awserv\svchost.exe
%AppData%\bifrost\server.exe
%AppData%\googledownload.exe
%AppData%\java\jre6\bin\jucheck.exe
%AppData%\micro\mic.exe
%AppData%\microsoft\svchost.exe
%AppData%\softmsn\msnm.exe
%AppData%\windowstn\updater.exe
%CommonAppData%\adobe\sp.dll
%CommonAppData%\fearghus\lsass.exe
%CommonAppData%\microsoft\usb2.0\usb-hi.exe
%CommonDocuments%\o0jjjkkkkfffffflll.exe
%CommonPrograms%\startup\kbdrv16.com
%Profiles%\local user\hook.dll
%Profiles%\local user\userdata.dll
%Profiles%\local user\wmpns.dll
%ProgramFiles%\bifrost\123456.exe
%ProgramFiles%\bifrost\dll.exe
%ProgramFiles%\bifrost\intern.exe
%ProgramFiles%\bifrost\picture.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\bifrost\zah.exe
%ProgramFiles%\bifroxx\server.exe
%ProgramFiles%\dbs.exe
%ProgramFiles%\explorer\explorer.exe
%ProgramFiles%\google\google.exe
%ProgramFiles%\google\server.exe
%ProgramFiles%\internet explorer\anfkx.dll
%ProgramFiles%\internet explorer\rasadhlp.dll
%ProgramFiles%\java\jre6\bin\jucheck.exe
%ProgramFiles%\kilers\kiler.exe
%ProgramFiles%\microsoft office\svchost.exe
%ProgramFiles%\microsoft\svchost.exe
%ProgramFiles%\msnmolly\happy.exe
%ProgramFiles%\net\net.exe
%ProgramFiles%\netmeeting\netservice363.dll
%ProgramFiles%\netmeeting\netservice765.dll
%ProgramFiles%\netmeeting\winconfig_812.dll
%ProgramFiles%\pandora\pandora180306full\pandora.exe
%ProgramFiles%\pandora\pandora180306full\pandoragui.exe
%ProgramFiles%\poiuytrewq.exe
%ProgramFiles%\server.exe
%ProgramFiles%\skype\svcho.exe
%ProgramFiles%\softmsn\msnm.exe
%ProgramFiles%\svchost.exe
%ProgramFiles%\taj\taj.scr
%ProgramFiles%\temp\firefox.exe
%ProgramFiles%\tonec inc\internet download manager\idmgrhlp.exe
%ProgramFiles%\win32gi\win24.exe
%ProgramFiles%\windows dri\windows.exe
%ProgramFiles%\windows.nnt\cam.exe
%ProgramFiles%\windowstn\updater.exe
%ProgramFiles%\wsx\k.exe
%Programs%\startup\googledownload.exe
%System%\1031\sys91.exe
%System%\1055\update.exe
%System%\12520850o.exe
%System%\1b996.dll
%System%\4578\exploir.exe
%System%\6to4ex.dll
%System%\6to4v32.dll
%System%\acleditz.exe
%System%\ads\keylogger3.dll
%System%\aehivemf.exe
%System%\ali.exe
%System%\atmacapp.dll
%System%\awserv\svchost.exe
%System%\bifrost\ddddd.exe
%System%\bifrost\server.exe
%System%\bitynike.dll
%System%\bot.exe
%System%\brclientname.exe
%System%\c_iscii32.dll
%System%\c60ax.exe
%System%\cdinfo\cfz.exe
%System%\cireamin.dll
%System%\clen.exe
%System%\cmd32.exe
%System%\concp32.exe
%System%\crt4.dll
%System%\crypted.exe
%System%\csrs.exe
%System%\dd\gg.exe
%System%\dd33d3\00c3ac.exe
%System%\dllcache\wintcps.exe
%System%\drivers\asyncmacq.sys
%System%\drivers\dqb9861.sys
%System%\drivers\jcp34d9.sys
%System%\drivers\kgootkit.sys
%System%\drivers\ktnijm.sys
%System%\drivers\mfsb911.sys
%System%\drivers\nrc04db.sys
%System%\drivers\pqa7ecd.sys
%System%\dsa\dsa.exe
%System%\exploit.exe
%System%\explorer.exe
%System%\export.exe
%System%\forxuan.dll
%System%\fywd.dll
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).