Threat Search: 

ThreatExpert's Statistics for Backdoor:Win32/Phdet.gen!A [Microsoft]:

Backdoor:Win32/Phdet.gen!A [Microsoft] is also known as:
Threat AliasNumber of Incidents
Hacktool.Flooder [Symantec]400
Mal/FakeVirPk-A, Mal/TibsPk-A, Mal/TibsPk-D, Mal/Basine-C [Sophos]400
Trojan.Win32.Pakes [Ikarus]400
Trojan.Win32.Pakes.mzt [Kaspersky Lab]400
Backdoor.Win32.Phdet [Ikarus]92
Mal/TibsPk-A, Mal/TibsPk-D, Mal/Basine-C [Sophos]82
Downloader [Symantec]35
FDoS-BEnergy [McAfee]33
Trojan Horse [Symantec]27
Backdoor.Win32.Kbot.s [Kaspersky Lab]23
Win-Trojan/Downloader.22016.CO [AhnLab]23
Generic BackDoor [McAfee]22
Backdoor.Win32.Small.hoj [Kaspersky Lab]19
BKDR_KBOT.CT [Trend Micro]19
Troj/Bckdr-QYM [Sophos]15
Mal/Basine-C [Sophos]12
Backdoor.Win32.Kbot [Ikarus]11
Downloader.Generic [PC Tools]10
Mal/Emogen-Y, Mal/Basine-C, Mal/Behav-179 [Sophos]10
Mal/Behav-179, Mal/Emogen-Y, Mal/Basine-C [Sophos]7
Trojan-Downloader.Win32.Small [Ikarus]6
Mal/Generic-A [Sophos]5
Trojan.Generic [PC Tools]5
Downloader-BVA [McAfee]4
Mal/EncPk-JU [Sophos]4
Trojan-Downloader.Win32.Pher.pt [Kaspersky Lab]4
Win-Trojan/Xema.variant [AhnLab]4
Backdoor.Win32.IRCBot.cgc [Kaspersky Lab]3
Mal/EncPk-MX [Sophos]3
Trojan-Downloader.Win32.Small.fyn [Kaspersky Lab]3
Win-Trojan/Agent.29184.AV [AhnLab]3
Backdoor.Trojan [Symantec]2
Backdoor.Win32.Kbot.afp [Kaspersky Lab]2
Hoax.Win32.Renos [Ikarus]2
Mal/Basine-C, Mal/Krap-D [Sophos]2
Mal/EncPk-IB, Mal/Basine-C [Sophos]2
Trojan.Buzus [PC Tools]2
Trojan.Win32.Agent [Ikarus]2
Trojan-Dropper.Agent [Ikarus]2
Win-Trojan/Downloader.23040.FC [AhnLab]2
Win-Trojan/Downloader.28672.SY [AhnLab]2
Backdoor.Lancafdo [Symantec]1
Backdoor.Win32.Kbot.ado [Kaspersky Lab]1
Backdoor.Win32.Kbot.agj [Kaspersky Lab]1
Backdoor.Win32.Kbot.fg [Ikarus]1
Backdoor.Win32.Kbot.fg [Kaspersky Lab]1
Backdoor.Win32.Kbot.zh [Kaspersky Lab]1
BackDoor-EED [McAfee]1
Downloader.gen.a [McAfee]1
Generic BackDoor!bwj [McAfee]1
Generic BackDoor!ef [McAfee]1
Generic BackDoor!fn [McAfee]1
Generic Downloader.x [McAfee]1
Generic Dropper.bw [McAfee]1
Generic.dx [McAfee]1
Hoax.Win32.Renos.vceq [Kaspersky Lab]1
Hoax.Win32.Renos.vcgn [Kaspersky Lab]1
Hoax.Win32.Renos.vcgv [Kaspersky Lab]1
Mal/Basine-C, Mal/Emogen-Y, Mal/Behav-179 [Sophos]1
Mal/Basine-C, Mal/FakeAV-BT [Sophos]1
Mal/Behav-179, Mal/Basine-C [Sophos]1
Mal/EncPk-AD, Mal/Basine-A, Mal/Basine-C [Sophos]1
Mal/EncPk-CR [Sophos]1
Mal/EncPk-CZ [Sophos]1
Mal/EncPk-EI [Sophos]1
Mal/EncPk-FR [Sophos]1
Mal/EncPk-GT [Sophos]1
Mal/EncPk-KP, Mal/Basine-C [Sophos]1
New Malware.cn [McAfee]1
New Win32.g4 [McAfee]1
not-a-virus:FraudTool.Win32.SpywareProtect2009 [Ikarus]1
Packed.Win32.Krap [Ikarus]1
Packed.Win32.Krap.c [Kaspersky Lab]1
Suspicious.MH690 [Symantec]1
Troj/Inject-JD [Sophos]1
Trojan.Agent.EGZX [PC Tools]1
Trojan.Win32.Agent.alxm [Kaspersky Lab]1
Trojan.Win32.Agent.hys [Kaspersky Lab]1
Trojan.Win32.Buzus.fit [Kaspersky Lab]1
Trojan.Win32.Crypt.va [Kaspersky Lab]1
Trojan-Downloader.Win32.CodecPack.arm [Kaspersky Lab]1
Trojan-Downloader.Win32.Pher.xx [Kaspersky Lab]1
Trojan-Dropper.Delf [Ikarus]1
Trojan-Dropper.Win32.Microjoin [Ikarus]1
TSPY_ZBOT.OJ [Trend Micro]1
Virus.Win32.Agent.QPF [Ikarus]1
W32.SillyP2P [Symantec]1
W32/Gobi [McAfee]1
Win32/Kolab.worm.Gen [AhnLab]1
Win-Trojan/Malware.16555.C [AhnLab]1
Worm.Win32.Pinit [Ikarus]1
Worm.Win32.Pinit.gen [Kaspersky Lab]1

Backdoor:Win32/Phdet.gen!A [Microsoft] has the following possible country of origin:
OriginNumber of Incidents
Russian Federation6

Backdoor:Win32/Phdet.gen!A [Microsoft] is known to be created as:
%System%\_bot.exe
%System%\mssrv32.exe
%Temp%\_bot.exe
%Temp%\g546gh.exe
%Temp%\svchost.exe
%Temp%\t.exe
%Temp%\tmp.exe
%Windir%\regsv32.exe
%Windir%\svchost.exe
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.