ThreatExpert's Statistics for Backdoor:Win32/Bifrose.AE [Microsoft]:

Backdoor:Win32/Bifrose.AE [Microsoft] is also known as:

Threat Alias	Number of Incidents
BackDoor-CEP.gen.g [McAfee]	665
Backdoor.Bifrose [Symantec]	630
Win-Trojan/Midgare.32256 [AhnLab]	507
Backdoor.Win32.Bifrose [Ikarus]	476
Backdoor.Trojan [Symantec]	439
Backdoor.Win32.Bifrose.fpb [Kaspersky Lab]	395
Trojan.Midgare.hhn [PC Tools]	350
BKDR_AHZE.SMM [Trend Micro]	299
Virus.Trojan.Win32.Midgare [Ikarus]	279
BackDoor-CEP.gen.av [McAfee]	274
BKDR_AHZE.NY [Trend Micro]	258
Infostealer [Symantec]	227
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	190
Backdoor.Win32.Bifrose.fsi [Kaspersky Lab]	169
Troj/Bifrose-WC [Sophos]	152
Trojan-PSW.Generic [PC Tools]	150
Mal/EncPk-FL [Sophos]	147
Backdoor.Bifrose [PC Tools]	129
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH, Mal/Bifrose-Z [Sophos]	127
BackDoor-CEP [McAfee]	113
Mal/Generic-E, Mal/EncPk-FH [Sophos]	99
Mal/EncPk-FH [Sophos]	97
BKDR_BIFROSE.FG [Trend Micro]	92
Troj/Bifrose-XG [Sophos]	89
Mal/Bifrose-Z, Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	77
Backdoor.Bifrose!sd6 [PC Tools]	72
Trojan.Win32.Midgare.fcz [Kaspersky Lab]	70
Trojan.Midgare!sd6 [PC Tools]	68
Backdoor.Win32.Bifrose.brno [Kaspersky Lab]	64
Win-Trojan/Bifrose.29599.C [AhnLab]	64
Mal/Behav-352, Mal/Midgar-A, Mal/EncPk-FH [Sophos]	48
Mal/Generic-A [Sophos]	48
Trojan.Win32.Midgare.hhn [Kaspersky Lab]	47
Win-Trojan/Bifrose.59904.E [AhnLab]	44
BackDoor-CEP.gen.a [McAfee]	35
Troj/Bifrose-WT [Sophos]	32
Trojan Horse [Symantec]	26
Mal/Midgar-A, Mal/EncPk-FH [Sophos]	25
Mal/Bifrose-X, Mal/EncPk-FH [Sophos]	24
Win-Trojan/Bifrose.30208.S [AhnLab]	23
BackDoor-CEP!hv.a [McAfee]	19
Troj/Bifrose-WS [Sophos]	18
Backdoor.Win32.Bifrose.ahlf [Kaspersky Lab]	16
BackDoor-CEP.gen.aw [McAfee]	16
Packer.Pohernah.E [Ikarus]	14
Trojan.Generic [PC Tools]	14
Backdoor.Trojan [PC Tools]	13
Backdoor-CEP [McAfee]	13
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A, Mal/Bifrose-Z [Sophos]	13
Spyware.Screenspy [Symantec]	13
Trojan.Win32.Buzus.cqej [Kaspersky Lab]	13
Backdoor.Win32.Bifrose.akbc [Kaspersky Lab]	12
Backdoor.Win32.Bifrose.apav [Kaspersky Lab]	12
Mal/Bifrose-X, Mal/Behav-352, Mal/Midgar-A [Sophos]	12
Win-Trojan/Bifrose.55965 [AhnLab]	12
Win-Trojan/Midgare.55629 [AhnLab]	12
Packed.Win32.Krap.c [Kaspersky Lab]	11
Spyware.Screenspy [PC Tools]	11
Virus.Win32.Bifrose [Ikarus]	11
Mal/Bifrose-V [Sophos]	10
Trojan.Win32.Inject.aflm [Kaspersky Lab]	10
Backdoor.Win32.Bifrose.aivg [Kaspersky Lab]	9
Backdoor.Win32.Bifrose.amgm [Kaspersky Lab]	9
Backdoor.Win32.Bifrose.aodq [Kaspersky Lab]	9
BKDR_BIFROSE.GAT [Trend Micro]	9
Trojan.Win32.Refroso.wwn [Kaspersky Lab]	9
Trojan-Dropper.SAG [Ikarus]	9
Virus.Trojan.Win32.Midgare.hhn [Ikarus]	9
Win-Trojan/LdPinch.37151 [AhnLab]	9
Backdoor.Win32.Bifrose.amnw [Kaspersky Lab]	8
Trojan:Win32/Midgare.A [Microsoft]	7
Win-Trojan/Midgare.30208 [AhnLab]	7
Backdoor.Win32.Bifrose.akno [Kaspersky Lab]	6
Backdoor.Win32.Bifrose.alep [Kaspersky Lab]	6
Mal/Bifrose-Z [Sophos]	6
Mal/EncPk-IT, Mal/EncPk-FL [Sophos]	6
Packed.Win32.PePatch.lc [Kaspersky Lab]	6
Troj/Bazus-A [Sophos]	6
Win-Trojan/Bifrose.55629.AA [AhnLab]	6
Win-Trojan/Bifrose.55895 [AhnLab]	6
Backdoor.Win32.Bifrose.ampc [Kaspersky Lab]	5
Backdoor.Win32.Bifrose.tvk [Kaspersky Lab]	5
Generic PWS.a [McAfee]	5
Mal/Bifrose-X [Sophos]	5
Backdoor.Win32.Bifrose.akan [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.akqb [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.aloe [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.alqu [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.anfj [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.aqkn [Kaspersky Lab]	4
Backdoor.Win32.Bifrose.fqm [Kaspersky Lab]	4
Backdoor:Win32/Agent.CQ [Microsoft]	4
BackDoor-CEP!hv.l [McAfee]	4
Backdoor-CEP.gen.i [McAfee]	4
BackDoor-DVR [McAfee]	4
Mal/Generic-A, Mal/Bifrose-V [Sophos]	4
Packed.Win32.VBCrypt.m [Kaspersky Lab]	4
Suspicious.Bifrose [Symantec]	4
Trojan.Win32.Midgare.afut [Kaspersky Lab]	4
Trojan.Win32.Midgare.sdw [Kaspersky Lab]	4

Backdoor:Win32/Bifrose.AE [Microsoft] has the following possible countries of origin:

Origin		Number of Incidents
	Sweden	4
	Germany	2
	Israel	2
	Turkey	2

Backdoor:Win32/Bifrose.AE [Microsoft] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\messenger\messenger.exe

%AppData%\microsoft\svchost.exe

%AppData%\regedit\fragmen.exe

%AppData%\system\svchost32.exe

%AppData%\system\sys.exe

%AppData%\system\win.exe

%AppData%\system32\system32.exe

%AppData%\temp\eixplorer.exe

%AppData%\winrar\winrar.exe

%CommonAppData%\server.exe

%CommonPrograms%\startup\net.exe

%CommonPrograms%\startup\server.exe

%CommonPrograms%\startup\sexih_hot.scr

%InternetCache%\57289261.exe

%LocalSettings%\tempservices.exe

%Profiles%\hack\my documents\maroc.exe

%Profiles%\servr.exe

%ProgramFiles%\333.exe

%ProgramFiles%\99\88.exe

%ProgramFiles%\aaaaaaaaaa\aaaaaaa.exe

%ProgramFiles%\adobe\updates\adobes.exe

%ProgramFiles%\anti-trust\anti-trust.exe

%ProgramFiles%\b\w.exe

%ProgramFiles%\biforst\server.exe

%ProgramFiles%\bifroft\server.exe

%ProgramFiles%\bifrojt\serd.exe

%ProgramFiles%\bifrort\serve.exe

%ProgramFiles%\bifrost\_.exe

%ProgramFiles%\bifrost\12.exe

%ProgramFiles%\bifrost\abdou.exe

%ProgramFiles%\bifrost\fake.exe

%ProgramFiles%\bifrost\gdgfk.exe

%ProgramFiles%\bifrost\iexplorer.exe

%ProgramFiles%\bifrost\king.exe

%ProgramFiles%\bifrost\nono.exe

%ProgramFiles%\bifrost\ooo.exe

%ProgramFiles%\bifrost\realplay.exe

%ProgramFiles%\bifrost\ser.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifrost\server-bof.exe

%ProgramFiles%\bifrost\servr.exe

%ProgramFiles%\bifrost\sors.exe

%ProgramFiles%\bifrost\svchost.exe

%ProgramFiles%\bifrost\ver.exe

%ProgramFiles%\bifrost\xvhost.exe

%ProgramFiles%\bifroxx\server.exe

%ProgramFiles%\cmdl32\cmdl32.exe

%ProgramFiles%\config\setup.exe

%ProgramFiles%\config32\system36.exe

%ProgramFiles%\ctf32\ctf32.exe

%ProgramFiles%\dev-point\mhster.exe

%ProgramFiles%\dir\server.exe

%ProgramFiles%\google pinyin 3\googlepin.exe

%ProgramFiles%\googlechromes\google.exe

%ProgramFiles%\hhh\server.exe

%ProgramFiles%\installshild\k-o.exe

%ProgramFiles%\internet\explorer.exe

%ProgramFiles%\java\java.exe

%ProgramFiles%\jetaudio\server.exe

%ProgramFiles%\jnooony\coffin.exe

%ProgramFiles%\key\key.exe

%ProgramFiles%\love\love.exe

%ProgramFiles%\m.maher\maheer.exe

%ProgramFiles%\masseneer live\server.exe

%ProgramFiles%\massenger live\server.exe

%ProgramFiles%\mesenger\windows.exe

%ProgramFiles%\messenger\messenger.exe

%ProgramFiles%\micro\hosts.exe

%ProgramFiles%\microsoft odbc\odbc.exe

%ProgramFiles%\microsoft\svchost.exe

%ProgramFiles%\microsoft\yahoo.exe

%ProgramFiles%\msjavx86\msjavx86.exe

%ProgramFiles%\msn messenger\sexglasses.exe

%ProgramFiles%\msn\msn.exe

%ProgramFiles%\msn\msnmgr.exe

%ProgramFiles%\msn\net.exe

%ProgramFiles%\msn\server.exe

%ProgramFiles%\msn\smss.exe

%ProgramFiles%\msn\spoolsv.exe

%ProgramFiles%\msngame\msngamer.exe

%ProgramFiles%\msns\msns.exe

%ProgramFiles%\nero express 10\neros.exe

%ProgramFiles%\netmeeting\config.exe

%ProgramFiles%\netmeeting0\cb32.exe

%ProgramFiles%\netservice\netinfo.exe

%ProgramFiles%\programsis\m5z.exe

%ProgramFiles%\rabot\rabot.exe

%ProgramFiles%\restort\waindows.exe

%ProgramFiles%\server.exe

%ProgramFiles%\skaypey\server.exe

%ProgramFiles%\sock\socker.exe

%ProgramFiles%\ss\laass.exe

%ProgramFiles%\svchost\svchost.exe

%ProgramFiles%\sys\win.exe

%ProgramFiles%\system\system.exe

%ProgramFiles%\system\win32.exe

%ProgramFiles%\system32\lasse.exe

%ProgramFiles%\system32\msnmsgr.exe

%ProgramFiles%\system32\svchost1.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%InternetCache% is a variable that refers to the file system directory that serves as a common repository for temporary Internet files. A typical path is C:\Documents and Settings\[UserName]\Local Settings\Temporary Internet Files.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.