ThreatExpert's Statistics for Generic BackDoor [McAfee]:

Generic BackDoor [McAfee] is also known as:

Threat Alias	Number of Incidents
Backdoor.Frauder!sd6 [PC Tools]	3,084
Mal/EncPk-EU, Mal/Dorf-E [Sophos]	2,657
Trojan.Fakeavalert [Symantec]	1,849
New Malware.ag [McAfee]	1,600
Trojan:Win32/Tibs.ID [Microsoft]	1,600
Mal/Dorf-E [Sophos]	1,354
Backdoor.Trojan [Symantec]	1,352
Mal/Generic-A [Sophos]	1,206
BKDR_AGENT.ABJM [Trend Micro]	1,092
Trojan.Zapchast [PC Tools]	936
Backdoor.Win32.Frauder.jt [Kaspersky Lab]	863
Trojan Horse [Symantec]	808
Packed.Generic.186 [Symantec]	800
Backdoor.Win32.Frauder.fb [Kaspersky Lab]	793
Troj/Bdoor-AOK [Sophos]	786
Trojan:Win32/Tibs.IH [Microsoft]	683
Trojan.Zlob [Symantec]	621
Backdoor.Win32.Ciadoor [Ikarus]	553
Backdoor.Win32.Frauder.fb [Ikarus]	541
Backdoor.Win32.Frauder.eq [Kaspersky Lab]	520
Backdoor.Win32.Frauder.er [Kaspersky Lab]	520
Backdoor.Win32.Frauder.fc [Kaspersky Lab]	520
Backdoor.Win32.Frauder.fg [Kaspersky Lab]	520
BKDR_DELF.CME [Trend Micro]	462
Backdoor.Delf.DIP [PC Tools]	408
BKDR_FRAUDER.OY [Trend Micro]	400
BKDR_FRAUDER.OZ [Trend Micro]	400
BKDR_FRAUDER.PA [Trend Micro]	400
Trojan:Win32/Tibs.IF [Microsoft]	397
Win-Trojan/Inject.476103 [AhnLab]	390
Backdoor.Win32.Frauder.eq [Ikarus]	380
Backdoor.Win32.Frauder.er [Ikarus]	380
Backdoor.Win32.Frauder.fc [Ikarus]	380
Backdoor.Win32.Frauder.fg [Ikarus]	380
Mal/EncPk-CZ [Sophos]	356
Backdoor.Win32.Frauder.kf [Kaspersky Lab]	336
Backdoor.Win32.Frauder.kx [Ikarus]	322
Backdoor.Win32.Delf.cci [Kaspersky Lab]	286
Backdoor.Win32.VB [Ikarus]	270
Backdoor.DMSpammer [Symantec]	266
Trojan-Dropper.Agent [Ikarus]	260
TrojanDownloader:Win32/Renos.AU [Microsoft]	243
Virus.Win32.Tipa [Ikarus]	213
Backdoor.Win32.Frauder.jt [Ikarus]	199
Infostealer.Gampass [Symantec]	197
W32/Impair-A [Sophos]	170
Backdoor.Win32.Agent.tig [Kaspersky Lab]	169
TrojanDownloader:Win32/Renos.DU [Microsoft]	160
Mal/EncPk-EU [Sophos]	154
BKDR_DELF.CMV [Trend Micro]	150
TrojanDropper:Win32/Nuwar [Microsoft]	136
Downloader [Symantec]	135
Backdoor.Agent!sd5 [PC Tools]	133
PWS:Win32/Lolyda.K [Microsoft]	132
TSPY_SYSTEMHI.CL [Trend Micro]	132
Backdoor.VB!sd6 [PC Tools]	125
Backdoor.Formador [Symantec]	117
Win-Trojan/Xema.variant [AhnLab]	117
Trojan.Fakeav.BE [Ikarus]	114
Backdoor.Win32.Agent.rnq [Kaspersky Lab]	112
Backdoor.Win32.Frauder.kg [Kaspersky Lab]	112
Backdoor.Win32.Frauder.kh [Kaspersky Lab]	112
Backdoor.Win32.Frauder.ki [Kaspersky Lab]	112
Backdoor.Win32.Frauder.kj [Kaspersky Lab]	112
Trojan.Dropper [Symantec]	103
Backdoor.Win32.Agent.dpx [Kaspersky Lab]	99
Backdoor.Win32.Frauder.gp [Kaspersky Lab]	88
Backdoor.Win32.Agent.aou [Kaspersky Lab]	86
Trojan:Win32/Tibs.IG [Microsoft]	84
Backdoor:Win32/Small.D [Microsoft]	80
Trojan.Agent.EQEK [PC Tools]	79
Trojan-Spy.Gampass!sd6 [PC Tools]	76
Backdoor.Win32.VB.fdi [Kaspersky Lab]	72
BKDR_AGENT.RAQ [Trend Micro]	72
Hacktool.Rootkit [Symantec]	69
Backdoor.Formador!sd6 [PC Tools]	68
W32.Spybot.Worm [Symantec]	67
Backdoor.Win32.Hupigon [Ikarus]	66
Backdoor:WinNT/Rustock.E [Microsoft]	66
Trojan-Downloader.Exchanger.Gen.2 [Ikarus]	64
Win32.SuspectCrc [Ikarus]	64
Backdoor.VB.GEN [PC Tools]	63
Backdoor.Win32.mIRC-based.k [Kaspersky Lab]	63
Trojan-Dropper.Delf [Ikarus]	63
Trojan.Fakeavalert!sd6 [PC Tools]	62
Backdoor.Win32.Delf.dfs [Kaspersky Lab]	60
Backdoor.Win32.PcClient [Ikarus]	60
Trojan-Downloader.Win32.Small [Ikarus]	60
Troj/Bckdr-QPX [Sophos]	58
Backdoor.Win32.Shark.dxa [Kaspersky Lab]	55
BKDR_AGENT.DQN [Trend Micro]	55
Backdoor.Win32.Delf.dcz [Kaspersky Lab]	52
Backdoor:Win32/IRCbot.AF [Microsoft]	52
Trojan.Win32.Inject.beo [Ikarus]	52
Mal/Packer [Sophos]	51
Backdoor.Win32.Frauder.io [Kaspersky Lab]	48
Backdoor.Win32.Frauder.kf [Ikarus]	48
Backdoor.Win32.Frauder.kh [Ikarus]	48
W32.SillyFDC [Symantec]	48
Infostealer [Symantec]	47

Generic BackDoor [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	China	433
	Russian Federation	150
	Germany	45
	Brazil	22
	Sweden	22
	Israel	19
	Spain	19
	Turkey	13
	United Kingdom	13
	Poland	12
	France	9
	Iran	9
	Republic of Korea	7
	Ukraine	7
	Italy	6
	Portugal	4
	Canada	3
	Saudi Arabia	3
	Switzerland	3
	Taiwan	3
	Australia	2
	Belgium	2
	Thailand	2
	Ecuador	1
	Egypt	1
	Greece	1
	Netherlands	1
	Norway	1
	Oman	1
	Romania	1
	Slovakia	1
	Slovenia	1

Generic BackDoor [McAfee] is known to be created as:

%AppData%\adobe\player.exe

%AppData%\cftmon.exe

%AppData%\flashsdk.exe

%AppData%\gpass\gfltdrv.sys

%AppData%\irm.dll

%AppData%\key folder\rsupd.exe

%AppData%\key folder\sql2005.dll

%AppData%\tskmgr.exe

%AppData%\windows.exe

%AppData%\wualts.exe

%AppData%\wuauct.exe

%CommonAppData%\webext\cssys.dll

%CommonFavorites%\netservice.exe

%CommonFavorites%\plugin\001.dll

%CommonPrograms%\startup\svckost.exe

%CommonPrograms%\startup\winstart.exe

%FontsDir%\4e17c240.exe

%FontsDir%\53b37a00.dll

%FontsDir%\svchost.exe

%LocalSettings%\realsched.exe

%LocalSettings%\tmp2584.exe

%Profiles%\photo\photo1.exe

%ProgramFiles%\5.exe

%ProgramFiles%\ashavast_.exe

%ProgramFiles%\b\w.exe

%ProgramFiles%\bifrost\explorer.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\biology.exe

%ProgramFiles%\coeur.exe

%ProgramFiles%\common files\imgvew.com

%ProgramFiles%\common files\system\leak32x.exe

%ProgramFiles%\common files\system\msnmgaer.exe

%ProgramFiles%\common files\system\service.exe

%ProgramFiles%\common files\system\services.exe

%ProgramFiles%\common files\system\svchost.exe

%ProgramFiles%\common files\system\svchosts.exe

%ProgramFiles%\common files\system\windb32.exe

%ProgramFiles%\common files\systemdata\svchost.exe

%ProgramFiles%\crack downloader \crackdown.exe

%ProgramFiles%\dsfsdfsd\nope.dll

%ProgramFiles%\dwimn\mwstwn.exe

%ProgramFiles%\eset\1explore.exe

%ProgramFiles%\f_server.exe

%ProgramFiles%\god\god.exe

%ProgramFiles%\grabsun\netsense\npf.sys

%ProgramFiles%\hide folders xp 2\hdr.dll

%ProgramFiles%\install shild\install.exe

%ProgramFiles%\internet explorer\exprer.exe

%ProgramFiles%\internet explorer\iehp.dll

%ProgramFiles%\internet explorer\svchosi.exe

%ProgramFiles%\java:jv.exe

%ProgramFiles%\javasdk.exe

%ProgramFiles%\lock my pc 4\lmpchdr.dll

%ProgramFiles%\lpvideoplugin\5378.exe

%ProgramFiles%\media2\media2.exe

%ProgramFiles%\microsoft office\winword.exe

%ProgramFiles%\mirc\irc bot\services.exe

%ProgramFiles%\mxie\mxieinfo.dll

%ProgramFiles%\outlook express\install.dll

%ProgramFiles%\outlook express\socket32.dll

%ProgramFiles%\pchealthcenter\0.exe

%ProgramFiles%\pchealthcenter\1.exe

%ProgramFiles%\pchealthcenter\2.exe

%ProgramFiles%\pchealthcenter\3.exe

%ProgramFiles%\pchealthcenter\4.exe

%ProgramFiles%\pchealthcenter\5.exe

%ProgramFiles%\pchealthcenter\7.exe

%ProgramFiles%\re\rap.exe

%ProgramFiles%\richvideocodec\5378.exe

%ProgramFiles%\services.exe

%ProgramFiles%\sk soft\replayparser\ra.exe

%ProgramFiles%\system\smss.exe

%ProgramFiles%\vopt8\vopt.exe

%ProgramFiles%\windows media player\wmsetsdk.com

%ProgramFiles%\wuaulct.exe

%Programs%\startup\hpclse.exe

%Programs%\startup\userinit.exe

%Programs%\startup\winstart.exe

%System%\_tdiserv_\reckey.dll

%System%\_tdiserv_\setup.exe

%System%\_tdiserv_\svchost.exe

%System%\_tdiserv_\tdiupdate.sys

%System%\0309c26e.exe

%System%\1024\svchost.exe

%System%\111.exe

%System%\123.exe

%System%\213a0440.dll

%System%\306a39\00c3ac.exe

%System%\320d2b80.exe

%System%\360rtyy.exe

%System%\360sefa.exe

%System%\360tay.exe

%System%\37a8e340.exe

%System%\3875fd80.dll

%System%\3a181.dll

%System%\40790400.exe

%System%\5.dll

%System%\6553bb80.dll

%System%\6to4.dll

%System%\a2.com

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).