TrojanLibrary.com - Keep your PC safe by understanding what can get into it. Free Downloads.

Search by name:

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other
You can also search TrojanLibrary.com /.net on your left with Site Search.

Category: B

179 listings in this category.

Updated 05/27/08

B Xone

Aliases: Backdoor.Win32.Delf.aty, Trojan.Win32.Agent.adw, Trojan-Downloader.Win32.Delf.bkf, Trojan-Dropper.Win32.Joiner.bd, Trojan-PSW.Win32.LdPinch.fsr, Backdoor.Win32.Delf.dld
Variants: 1.6, 1.7, 1.8, 1.9, 2.0
Port: 2006
Size: 412kb
Author: Opium
Created: AUG 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\
Infection: svchost.exe, consrerva.dat

B-List

Aliases: Constructor.Win32.VB.ab, Trojan-Downloader.Win32.VB.gu
Variants: 1.0
Size: 3kb
Author: Zed
Created: DEC 2004
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: lsass.exe

B-S Yahoo! Spy

Aliases: Trojan.PSW.BStroj.18, Trojan.PSW.BStroj.19, Trojan.PSW.BStroj.191
Variants: 1.8.0, 1.90, 1.91
Size: 44kb
Author: bj_ajdary
Created: MAY 2002
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: yah-server.exe, net-server.exe, msmsngs.exe, ypager.exe, yupdater.exe, ya-server.exe, msn-server.exe

B.F. Evolution

Aliases: "Blood Fest Evolution" - B.F.Evolution 5.3.12, Backdoor.HVL-Rat.5312, Backdoor.HVL-Rat.5312.b
Variants: 5.3.12
Port: 1099
Size: 382kb
Author: Lost DaTa
Created: JUN 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
Infection: .exe (a apace before '.exe'), bf evolution.exe, patcher.exe

B-|R.A.T|-T

Aliases: "BRATT", Backdoor.Win32.VB.adl
Port: 4123, 4124, 4125, 4126, 4127
Author: BrosTeam
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: 0003.exe, dsfiles.dll, sdssdgjeg012.exe, temp12345678.exe

B2H

Aliases: Backdoor.Win32.Bifrose.afe, Trojan.Win32.Agent.bcn
Variants: 1.0
Port: 81, 1080
Size: 29kb
Author: B2H Team
Created: NOV 2007
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}\
Infection: server.exe

Babyface

Aliases: Backdoor.Win32.Agent.lw
Port: 80
Size: 9kb
Author: ben1116
Created: MAY 2005
OS: Windows
Location: TBD

Back Attack

Aliases: Backdoor.Win32.Backattack.14, Backdoor.Win32.BackAttack.18, Backdoor.Win32.Backattack.19, Backdoor.Win32.BackAttack.20, Backdoor.Win32.Delf.fh
Variants: 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 2.0
Port: 80, 100, 101, 102, 103, 104, 143, 1001, 1533, 2299, 6213, 10359, 11031, 11131, 12471, 12504, 21163, 22076, 22365, 23812, 31163, 32076, 32365, 33812, 41431, 43576
Size: 299kb
Author: CurrenTChaoSGroup
Created: FEB 2003
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: check.exe, matrix.scr, clean.exe, license.txt, mat.scr, winrgtd.drr, tam.scr

Back Construction

Aliases: Backdoor.BackConstructor.15, Backdoor.Nightmare.25
Variants: 1.2, 1.5, 2.1, 2.5
Port: 21, 666, 5401, 5402
Size: 185kb
Author: P23h
Created: JUN 1999
OS: Windows 95, 98, NT, ME, 2000
Location: HKLM\SOFTWARE\Microsoft\General\Settings\
HKU\.Default\Software\Microsoft\Windows\CurrentVersion\Run\ Infection: cmctl32.exe, a89bda06.exe, client.exe, kpk-1.5.tar.gz, server.exe

Back End

Created: NOV 1998
OS: Windows
Location: TBD

Back Orifice

Aliases: Backdoor.BO.a, Backdoor.BO.a2
Variants: 1.2, 1.3, 1.41
Port: 3133
Size: 124kb
Author: Sir Dystic of Cult of the Dead Cow
Created: JUL 1995
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
Infection: boserve.exe

Back Orifice 2000

Aliases: Backdoor.BO2K.10, Backdoor.BO2K.111, Backdoor.BO2K.plugin.Aes.a, Backdoor.BO2K.plugin.Control, Backdoor.BO2K.plugin.EncNull, Backdoor.BO2K.plugin.GetFile, Backdoor.BO2K.plugin.InetCmd, Backdoor.BO2K.plugin.Interface, Backdoor.BO2K.plugin.IoTcp, Backdoor.BO2K.plugin.IoUdp, Backdoor.BO2K.plugin.Legacy, Backdoor.BO2K.plugin.RegFile, Backdoor.BO2K.plugin.ScanPw, Backdoor.BO2K.plugin.SendKeys, Backdoor.BO2K.plugin.Simpleauth, Backdoor.BO2K.plugin.System, Backdoor.BO2K, Backdoor.BO2K!plugin.Aes, Backdoor.BO2K.Plugin, Orifice2K, Univ.AP.h, W32.Bo2K.114618, Win32.BackOrifice2000.11, Win32.BO2K.111, Win32.BO2K.c, Win32.BO2K.Plugin.Aes, Win32.BO2K.Plugin.Control, Win32.BO2K.Plugin.EncNull, Win32.BO2K.Plugin.GetFile, Win32.BO2K.Plugin.InetCmd, Win32.BO2K.Plugin.Interface, Win32.BO2K.Plugin.IoTcp, Win32.BO2K.Plugin.IoUdp, Win32.BO2K.Plugin.Legacy, Win32.BO2K.Plugin.RegFile, Win32.BO2K.Plugin.SendKeys, Win32.BO2K.Plugin.Simpleauth, Win32.BO2K.Plugin.System
Variants: 2000
Port: 54320, 54321
Size: 136kb
Author: Cult of the Dead Cow
Created: JUL 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
Infection: umg32.exe, auth.h, auth_null.dll, back orifice 2000 - ke -de.exe, benchmark.cpp, bo_debug.h, bo_peep.h, bo2000.exe, bo2k.exe, bo2k_dox.doc, bo2kcfg.exe, bo2kgui.exe, bocomreg.h, bored.h, changes.txt, client.h, cmd_tcpip.h, comm_native.h, commandloop.h, commnet.h, config.h, enc_aes.dll, enc_null.dll, encryption.h, functions.h, hiclient.h, hijack.h, httpd.cpp, httpd.h, io_tcp.dll, io_udp.dll, iohandler.h, kether`s german bo2k server-konfig.exe, linkage.h, lzh.h, main.cpp, main.h, mainfrm.h, mix.h, nt_pviewer.h, osversion.h, perfdata.h, plugins.h, process_hop.h, pviewdat.h, pviewer.h, readme.txt, resource.h, srv_control.dll, srv_getfile.dll, srv_inetcmd.dll, srv_interface.dll, srv_legacy.dll, srv_regfile.dll, srv_scanpw.dll, srv_sendkeys.dll, srv_system.dll, strhandle.h, vidstream.h, w.exe, windowss.exe

Back Streets

Aliases: TrojanDropper.Win32.Joiner.k
Variants: 1.5
Port: 8100, 11660, 13028, 16523
Author: Luke
Created: JUL 2002
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

Back Webserver

Aliases: Backdoor.Win32.DeepThroat.20
Port: 2140, 3150, 6670
Size: 312kb
Created: FEB 1999
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: systray.exe, pddt.dat, acdt.dat, acde.dat, systemio.exe

Backage

Aliases: Backdoor.Backage.30, Backdoor.Backage.301, Backdoor.Backage.31, Backdoor.Backage.31.b, Backdoor.Backage.31.c, Backdoor.Backage.32
Variants: 3.0, 3.01, 3.1, 3.1.1, 3.2 SE
Port: 5333
Size: 97kb
Author: Ne-O-Sk8
Created: JUL 2000
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunService\
HKU\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
HKU\.Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\
HKU\.Default\Software\Win\Run\
Infection: systemkernel32, winstop32.exe, backage 3.2 se.exe, backage3.ini, backage32se.backage, backageclient.exe, backageserver.exe, backdoor.backage.31.b.exe, desintall.exe, edit server.exe, help.txt, makeskinz.exe, readme(skin).txt, readme.txt, readme_english.txt, skin.ini, mskernel16.exe

BackCGI

Aliases: Backdoor.Win32.BackCGI
Size: 41kb
Author: L-Hunter aka XyHTeP
Created: TBD
OS: Windows
Location: TBD

BackDoor

Aliases: Backdoor.Inuk, Backdoor.Notpa, Backdoor.Zemac.a, Backdoor.Zemac.b, Backdoor.Zemac.c, Backdoor.Zemac.d, Suriv_2.1488.c, MultiDropper-E, Nomenklatura, Nomenklatura.1024.a, Nomenklatura.a, Quit.555.a, Quit.555.b, Suriv.1488, Trojan.AOL.PS.ej, TrojanDropper.Win32.EliteWrap.103
Variants: 1.0, 2.0, 2.01, 2.02, 2.03, 2.1
Port: 1003, 1999, 5698
Size: 78kb
Author: ZeMac
Created: APR 1997
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: notpa.exe, icqnuke.exe, readme.exe, 011e3ecab24891617792f6cc556c541f.exe, 02a572cd0e1d2ff8393075b839efcb64.exe, 04986c5cdcecf53f6bf739c1599a03ce.exe, 061da56505834b273a475f3827544e17.exe, 07596ec68058a0eba10bf02b7a88d048.exe, 07ff265743f71b15cc23bb814557f8e5.exe, 0ad266c58b49ee7d239b032b4c69e628.exe, 0c0002d8878bf0f373d352332ae7124f.exe, 0c573e14354d5b00e91161d3deef0df7.exe, 0ef88726226d112172058358b80f9b03.exe, -1134054079.exe, 1427142166.exe, 146f8b1cc9be67e99e0ccc5ad10acfd2.exe, 1476552388.exe, 147bb8297e9cac245b35fc56c826f629.exe, 1670a7b26eac340d7e177bbb47ddfee0.exe, 1842849d10ce64dba5a853776610e006.exe, 1b63703a58b3b17098c080c84a35bd85.exe, 442804435.exe, 959296333.exe, b_login.exe, backdoor.af.exe, backdoor.c, backdoor.exe, backdoor.haw.exe, backdoor.mdm.exe, backdoor.nb.exe, backdoor.pld.exe, backdoor.raw.exe, backdoor.rdr.exe, backdoor.tms.exe, backdoor.txt, backdoor.vb.ga.exe, backdoor.xel.exe, backdoor.zkt.exe, ftpip.exe, manual.nfo, ppupdater.exe, runtime.txt, server.txt, showall.exe, xxx.exe, zemac.a.exe

Backdoor

Aliases: Backdoor.Win32.Sealer.b
Port: 1764
Size: 169kb
Author: Heel
Created: FEB 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: svchost.exe

BackDoor Injector

Aliases: HackTool.Win32.Injecter.h, RemoteAdmin.Win32.NetCat
Variants: 1.1, 2.0
Author: EvilCoder of GFS-TEAM
Created: FEB 2007
OS: Windows
Location: TBD

Backfire

Port: 4685
Size: 51kb
Author: -Mixer- of [H.Z.3]
Created: SEP 2001
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\

Backlash

Aliases: Backdoor.Antilam.20.a, Backdoor.Minilash.10.a, Backdoor.Minilash.10.b
Variants: 1.0a
Port: 2130, 3150
Size: 255kb
Author: Savage3
Created: JAN 2003
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: systray.exe, backlash.exe, editserver.exe, readme.txt, server.exe

BackLogger

Aliases: Backdoor.Win32.Delf.ajl, Trojan-Dropper.Win32.FC.f, Trojan-Spy.Win32.Delf.nr, Trojan-Spy.Win32.KeyLogger.qg, Trojan-Downloader.Win32.Delf.cet, Trojan-Spy.Win32.Delf.qt
Variants: 2.0 Pro, 2.2 Pro Public, 2.3 Pro, 2.5 Pro Public, 2.5 Pro Fix
Size: 97kb
Author: ErCaN of BackSoftware Team
Created: JAN 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: winserv.exe, smss.exe, winclie.exe

BackPort

Aliases: Backdoor.Win32.BackPort.c, Trojan-Dropper.Win32.FC.f
Variants: 1.0 Demo Fix, 1.1 Full
Port: 21220, 21264
Size: 45kb
Author: Prens-Simar & ErCaN of BackSoftware Team
Created: NOV 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: crss.exe, usrmgrs.bat

BackSocket

Aliases: Backdoor.Backsocket.5, Backdoor.Win32.BackSocket.5
Variants: 5.0, 5.6
Size: 57kb
Author: DDF
Created: JUN 2000
OS: Windows
Location: TBD

BackSpy

Aliases: Trojan-Downloader.Win32.Banload.abg, PSWTool.Win32.Messen.106, PSWTool.Win32.PassView.162, Trojan-Dropper.Win32.FC.f
Variants: Pro P.E.
Size: 32kb
Author: Prens-Simar & ErCaN of BackSoftware Team
Created: MAR 2006
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: crss.exe, lusrmgrs.bat, lusrmgrs.exe, sregedit.bat, sregedit.exe

Backstabb

Aliases: Backdoor.Win32.Backstabb
Variants: LITE
Size: 33kb
Author: Wightman
Created: JAN 2003
OS: Windows
Location: TBD

BackWindows

Aliases: Backdoor.Win32.VB.zk
Variants: 1.0
Author: DeMonS Group
Created: JUN 1999
OS: Windows
Location: TBD

BAD R.A.T.

Aliases: Backdoor.Win32.VB.pq, Constructor.Win32.VB, Constructor.Win32.VB.h, Backdoor.Win32.Badrat.a, Backdoor.Win32.Badrat.b, Trojan-Spy.Win32.VB.ii, Backdoor.Win32.VB.ahx, Backdoor.Win32.Badrat.d, Backdoor.Win32.Badrat.a, Backdoor.Win32.Badrat.e, Trojan.Win32.Zapchast.ae, HackTool.PHP.Notify.a
Variants: 1.0, 1.1, 1.1 v2, 1.4, 1.5, 1.6 X-Mas, 1.7, Admin Tool
Port: 2323, 2324, 2325
Size: 74kb
Author: Mr. Hawk
Created: FEB 2004
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ HKCU\Software\Policies\Microsoft\Windows\System\
Infection: virlab.exe, keylog.dat, newserver.exe

Badbot

Aliases: Backdoor.Win32.Badbot
Author: XpyXt
Created: JAN 2003
OS: Windows
Location: TBD

BadLuck Reloaded

Aliases: Trojan.Win32.Belnow.d
Size: 58kb
Author: Prince Ali
Created: JUN 2003
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: regclean.exe

BadrSocket

Aliases: Backdoor.Win32.Agent.agt, Trojan-PSW.Win32.VB.mu
Variants: 1.0 Minor, 1.7, 3.0, 3.5, 3.7
Port: 3500
Size: 30kb
Author: B@dr007
Created: AUG 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: kvshost.exe, alenvers.exe, boutton.exe, inverser.exe, souris.exe, efo.exe, er.exe, vock.exe, cd_close.vbs, cd_open.vbs, face.exe, ic.exe, jeu.exe, shoost.exe, tourn.exe, system.exe, loost.exe, vook.exe, rundll32.exe

BADtch R.A.T.

Aliases: Trojan.BAT.Agent.bb, Backdoor.BAT.Zahl.a, Trojan.BAT.Agent.bb, HackTool.PHP.Notify.a
Variants: 0.2, 0.3
Port: 23
Author: Mr. Hawk
Created: SEP 2007
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

BajGir

Aliases: Trojan.Win32.VB.bpj
Size: 24kb
Author: Ali Moazemi
Created: DEC 2007
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

Balistix Fake Login

Aliases: Backdoor.Win32.VB.vu, Backdoor.Win32.VB.vb
Port: 1183
Size: 93kb
Author: thairux
Created: MAY 2002
OS: Windows
Location: TBD

Bamboozle

Aliases: HackTool.Win32.Agent.aj, Trojan-PSW.Win32.Prostor.a
Variants: CP Return. CP Revenge
Size: 12kb
Author: Gaurav_Raj420
Created: JAN 2006
OS: Windows
Location: TBD
Infection: YMagic.dll

Bandook

Aliases: Backdoor.Win32.Bandok.a, Backdoor.Win32.Bandok.b, Backdoor.Win32.Bandok.d, Backdoor.Win32.Bandok.h, Backdoor.Win32.Bandok.j, Backdoor.Win32.Bandok.v, Backdoor.Win32.Nuclear.ag, Backdoor.Win32.Nuclear.cj, BadJoke.Win32.Delf.ak, PSWTool.Win32.Messen.106, PSWTool.Win32.PassView.162, Trojan-Downloader.Win32.Exemas.10, Trojan-PSW.Win32.Delf.vg, pws.bndk, pws2.bndk
Variants: 1.0, 1.1, 1.2, 1.3, 1.34 v2, 1.35
Port: 1167
Size: 2kb
Author: Prince Ali
Created: MAR 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: trojan.exe, ali.exe, bhookpl.dll, screp.exe

Banger

Aliases: Backdoor.Win32.Banger.a, Backdoor.Win32.Webdor.m
Size: 7kb
Created: TBD
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
HKLM\SOFTWARE\Microsoft
Infection: iepngde.dll

Barbare

Aliases: Backdoor.Win32.Barbare
Size: 41kb
Created: NOV 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: dbgmgr.exe

Barbarian

Port: 584
Created: OCT 2006
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: Harry.exe, Magic.exe, msmdm.exe, porter.exe

Barbie

Aliases: Backdoor.Win32.Barbie
Port: 30000
Size: 74kb
Author: s0niCBo0M
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: Show_IP.exe, DDRAW16.EXE

Barisot

Aliases: Backdoor.Win32.Barisot
Port: 1038
Size: 71kb
Created: TBD
OS: Windows
Location: TBD
Infection: netcfga.exe, fotka.jpg, body.lg

Barok

Aliases: Trojan.PSW.Barok.10, Trojan.PSW.Barok.20, Trojan.PSW.Barok.c
Variants: 1.0, 2.0, 2.1
Port: 25
Size: 44kb
Author: Spyder
Created: JAN 2000
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: wcheckup.exe, barok.exe, client.exe

Baron Night

Aliases: Backdoor.Win32.BaronNight.10, Backdoor.Win32.BaronNight.20
Variants: 1.0, 2.0
Port: 31337
Author: L Denny, Jagad & J.Ferguson
Created: MAR 2000
OS: Windows
Location: TBD

Barrio

Created: APR 2000
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

Barvin

Aliases: Backdoor.Win32.Barvin.10
Variants: 1.0
Port: 19340
Size: 53kb
Created: TBD
OS: Windows
Location: TBD

Basic Backdoor

Aliases: Backdoor.Win32.Small.dv
Port: 31337
Size: 4kb
Author: White Scorpion
Created: FEB 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

Basic Hell

Aliases: Backdoor.Win32.BasicHell.10, Trojan-Dropper.Win32.Multibinder.141
Variants: 1.0
Port: 60666
Size: 129kb
Author: JBMAX
Created: APR 2002
OS: Windows
Location: TBD
Infection: BHS.exe, tle13735314.exe

Basic Webdownloader

Aliases: Trojan-Downloader.Win32.VB.qt
Author: TheLord�
Created: JUN 2005
OS: Windows
Location: TBD

Basic Webdownloader

Size: 23kb
Author: iNs
Created: FEB 2008
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: server.exe

Bastards Tool

Aliases: Trojan-Dropper.Win32.Agent.bgt
Variants: 1.1
Author: V0ideSER
Created: JUL 2006
OS: Windows
Location: TBD

Bazooka

Aliases: Backdoor.Win32.Prorat.s, Email-Worm.Win32.VB.cz, Trojan-Dropper.Win32.Small.rc, Trojan-PSW.HTML.Bazoo.a
Variants: 1.0, 3.0
Size: 61kb
Author: Thaer Al-Madhoun & Samir Sada
Created: JUN 2007
OS: Windows
Location: TBD

BDDT

Aliases: Backdoor.Win32.BDDT
Port: 1025, 1026, 10887, 10889, 31887, 32000
Author: godmch
Created: SEP 2000
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
Infection: jojo.exe, msrun.exe

BDirect Stealth Proxy

Aliases: Backdoor.Win32.BDirect
Port: 6677
Size: 3kb
Author: kcom
Created: FEB 2003
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: myfile.exe

BdURL

Aliases: Backdoor.Bdurl
Size: 131kb
Created: TBD
OS: Windows
Location: TBD

Bear

Aliases: Backdoor.Win32.Delf.akt
Variants: 1.0
Size: 37kb
Created: SEP 2006
OS: Windows
Location: HKLM\SYSTEM\ControlSet001\Services\Network\Security\
HKLM\SYSTEM\ControlSet002\C\
HKLM\SYSTEM\CurrentControlSet\Services\Network\Security\
Infection: explore.exe, kernl32.dll

Bear & Tiger

Port: 6969
Size: 373kb
Author: Pepe
Created: TBD
OS: Windows
Location: TBD

Beast

Aliases: "The Beast" - Backdoor.Beastdoor.18, Backdoor.Beastdoor.18.b, Backdoor.Beastdoor.18.c, Backdoor.Beastdoor.18.d, Backdoor.Beastdoor.19, Backdoor.Beastdoor.191, Backdoor.Beastdoor.192.a, Backdoor.Beastdoor.192.d, Backdoor.Beastdoor.192.e, Backdoor.Beastdoor.200.a, Backdoor.Beastdoor.200.b, Backdoor.Beastdoor.200.c, Backdoor.Beastdoor.200.d, Backdoor.Beastdoor.200.e, Backdoor.Beastdoor.201.a, Backdoor.Beastdoor.201.b, Backdoor.Beastdoor.202, Backdoor.Beastdoor.205, Backdoor.Delf.eu, Vienna.BNB.429, Vienna.BNB.429.b, Vienna.BNB.a
Variants: 1.7, 1.8, 1.8b, 1.8d, 1.9, 1.91, 1.92, 2.0, 2.01, 2.02, 2.06
Port: 6666
Size: 593kb
Author: Tataye of Fearless Crew
Created: APR 2001
OS: Windows
Location: HKCR\exefile\shell\open\command\
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{42AC0312-EE51-A3CC-EA32-40AA12E6115C}\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{AS096941-B967-10D8-9CBD-0000F87A369E}\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{AS096941-B967-10D8-9CBD-1671028A369E}\

Beast Reloaded

Aliases: Backdoor.Win32.DarkMoon.aw, Trojan-Spy.Win32.Beaster.a
Variants: 1.00 Beta, 1.10
Port: 6666, 7777, 9999
Size: 38kb
Author: darkmoon
Created: JUN 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: explorer.exe, spoolsv.exe, win32log.dat

Behzad Ps

Aliases: Trojan-PSW.Win32.VB.ey, Trojan-PSW.Win32.VB.fu
Variants: 1.7, 1.8
Size: 12kb
Author: Behzad
Created: JAN 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6M8A6G00-3I18-5-24-1360}\
Infection: init32.exe, svchost.exe

Beigllbe

Size: 230kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: dgainaai.exe

Belang

Aliases: Backdoor.Win32.Belang.12
Variants: 1.2
Port: 666
Size: 37kb
Author: Baja Belang
Created: MAY 2002
OS: Windows
Location: TBD

Belio

Aliases: Backdoor.Win32.Belio.09, Backdoor.Win32.Belio.11
Variants: 0.9, 1.1
Port: 1977
Size: 135kb
Author: Grupo BeLio
Created: APR 2001
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: OOnsusqC.exe, Backdoor.Win32.Belio.11.exe

Benju

Aliases: Backdoor.Win32.Benju.a
Port: 200, 15000
Size: 421kb
Author: .:Deloko-Benju:.
Created: MAY 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: Benju.exe

Bersek

Aliases: Backdoor.Win32.Haxdoor.dy, Backdoor.Win32.Haxdoor.mj, Trojan-Dropper.Win32.Agent.asc
Variants: 1.0, 1.1
Port: 440
Size: 51kb
Author: XpyXt
Created: JUN 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: berseksvr.exe, berzk.dll

Bestpics

Aliases: Backdoor.Win32.Bestpics
Size: 152kb
Created: JUL 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: bestweek1.jpg, bestmonth1.jpg, bestday1.jpg

BFGhost

Aliases: Backdoor.Win32.DKangel.10
Variants: 1.0
Size: 67kb
Author: yyt_hac
Created: OCT 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: conime.exe, regsys.vxd, service.dll

Bfpass298

Aliases: Backdoor.Win32.VB.bl, TrojanDropper.Win32.VB.a
Variants: 2.998
Size: 84kb
Created: AUG 2002
OS: Windows
Location: HKCR\chm.file\shell\open\command\
HKCR\exefile\shell\open\command\
HKCR\scrfile\shell\open\command\
HKCR\txtfile\shell\open\command\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: benf298.exe, abcset.exe, abcbin.exe, msbflet2.exe, mscvt2.exe, msbfrun2.exe, msbfset2.exe, win.ini

BG-Hacker

Aliases: Constructor.Win32.VB.ax, Trojan-Dropper.Win32.VB.lk
Variants: 2.00
Port: 1984
Size: 102kb
Created: AUG 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\
Infection: system.exe, nisnjqvmm.exe

Bifrost

Aliases: Backdoor.Win32.Bifrose.1101, Backdoor.Win32.Bifrose.a, Backdoor.Win32.Bifrose.aa, Backdoor.Win32.Bifrose.adr, Backdoor.Win32.Bifrose.agq, Backdoor.Win32.Bifrose.aci, Backdoor.Win32.Bifrose.az, Backdoor.Win32.Bifrose.b, Backdoor.Win32.Bifrose.d, Backdoor.Win32.Bifrose.ewk, Backdoor.Win32.Bifrose.f, Backdoor.Win32.Bifrose.g, Backdoor.Win32.Bifrose.gx, Backdoor.Win32.Bifrose.hm, Backdoor.Win32.Bifrose.uw, Trojan-Downloader.Win32.Agent.elh, Trojan-Dropper.Win32.Delf.jf, Trojan.Win32.Agent.bcn, Trojan.Win32.Agent.cuf
Variants: 1.0a, 1.0b, 1.1, 1.1 Chinese Edition, 1.1 Chinese Edition v2, 1.1.01, 1.1.01 v2, 1.1.02, 1.1.03, Reloaded 0.0.01, 1.2, 1.2b Private, 1.2.1, 1.2.1 Very Secret
Port: 81, 2000
Size: 15kb
Author: ksv
Created: APR 2004
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: server.exe, plugin1.dat, xmchai.exe

BiG BeN

Aliases: Backdoor.Win32.Buben.22, Backdoor.Win32.Buben.30, Backdoor.Win32.Delf.aaf, Backdoor.Win32.Delf.apw, Backdoor.Win32.Gaduka.23, Backdoor.Win32.Gaduka.b, Backdoor.Win32.Reload.h, Backdoor.Win32.Reload.k, Trojan.Win32.Delf.qn
Variants: 1.0.0 Beta, 2.0 Beta, 2.5 Full, 3.0, GG 1.0, GG 2.0, GG 2.1b, GG 2.2, GG 2.3
Port: 21, 9999
Size: 250kb
Author: BoBi & Slayd
Created: FEB 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: sysxp.exe, services.exe, navapsvcxp.exe, GGPassCrack.exe, smss32.exe, svchost32.exe, lsassxp.exe

Big Brother

Variants: 1.0, 3.5.1
Size: 290kb
Author: Klever of AngoraSoftware
Created: JAN 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: capture.exe

Big Gluck

Aliases: "Tiny Telnet Server", Backdoor.Win32.GF
Port: 34324
Size: 124kb
Created: MAR 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
Infection: windll.exe

Big Monster

Aliases: Backdoor.Win32.VB.aig
Variants: 1.0
Size: 40kb
Author: Ismael Almaraz and Carlos Trigos
Created: AUG 2005
OS: Windows
Location: TBD
Infection: csrrs.exe, iexplorer.exe, MSNMSGR.exe, navppa.exe, spoolhsv.dll, spoolshv.exe, svchosts.exe, Symantec.exe, taskmgs.exe, winlogom.exe

Big WebDL

Aliases: Trojan-Downloader.Win32.WebDL.h
Variants: 1.0, 2.0
Size: 48kb
Author: Pato
Created: MAR 2004
OS: Windows
Location: TBD
Infection: webdl.exe

BiG-Lamer

Port: 999
Size: 94kb
Author: BlanKet
Created: JUN 2007
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: system32.exe

BigEye

Aliases: AdWare.ToolBar.Hmt, AdWare.Win32.Boran.m, AdWare.Win32.Hmt.b, AdWare.WSearch.c, Backdoor.Win32.Delf.aci, Backdoor.Win32.Delf.yh
Variants: 1.80, 1.85, 1.88
Port: 7603
Size: 378kb
Created: JUN 2005
OS: Windows
Location: TBD
Infection: 66.exe, sdpig.dll

Bigorna

Aliases: Backdoor.Win32.Bigorna.10
Variants: 1.0
Size: 403kb
Author: Serial Killer
Created: APR 2001
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
Infection: winbios.exe

Bigshot

Aliases: Backdoor.Win32.Botao
Variants: 1.0
Port: 65535
Size: 143kb
Author: Bigshot3754
Created: TBD
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
HKCU\Software\Mirabilis\ICQ\Agent\Apps\Evhklhi\

Bill FTP

Aliases: Backdoor.FTP.Bill
Port: 666
Size: 471kb
Author: Bill
Created: TBD
OS: Windows
Location: TBD
Infection: rundlls.exe, CLOSEW.BAT, CLOSEW.PIF, RUNDLLS.EXE, SERV-U.INI, win.ori

Bills Death

Aliases: Backdoor.Win32.BillsDeath
Port: 15951
Size: 173kb
Created: TBD
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
Infection: wincfg.exe

Binary Weaver Advanced

Aliases: Trojan.PSW.Yahoo.Piros, VirTool.Win32.Biweaver.34
Variants: 3.4
Size: 33kb
Author: Be-Gone
Created: FEB 2004
OS: Windows
Location: TBD

Biohazard RAT

Variants: 0.0.1.1 Alpha
Author: slayer616 & warwalker69
Created: OCT 2007
OS: Windows
Location: TBD

BioNet

Aliases: Backdoor.Bionet.xxx (x's meaning a number such as 112 or 309)
Variants: 0.84, 0.871, 0.92, 2.2.1a, 2.6.1a, 2.8.1a ME (Millennium Edition), 2.9.1b ME, 2.10.1b ME, 3.02 ME, 3.04 ME, 3.05 ME, 3.06 ME, 3.07 ME, 3.08 ME, 3.09 ME, 3.10 ME, 3.11 ME, 3.12 ME, 3.13 ME
Port: 12349
Size: 290kb
Author: Rezmond
Created: NOV 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: cdeztks.exe, linupdate.exe, libupdate.exe

BioNet Lite

Variants: 1.0, 1.4
Port: 5000
Size: 7kb
Author: Rezmond
Created: MAR 2001
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: procmon.exe, bnlite.txt, bnlite.exe, server.exe

Biorante

Aliases: Backdoor.Win32.Delf.ara, Backdoor.Win32.VB.any
Variants: 1.0, 1.2
Port: 1987
Size: 273kb
Author: SantasDad
Created: MAY 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: server.exe, settings.ini

BirdSpy

Aliases: Backdoor.Win32.BirdSpy.30, Backdoor.Win32.BirdSpy.a, Backdoor.Win32.BirdSpy.b
Variants: (a), (b), 2.0E, 3.0
Port: 39398, 47878, 50829
Size: 22kb
Author: Chiu a.k.a Birdman
Created: DEC 2000
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: Ndapi32c.dll, winstart.bat, �.bat, Winbime.scr, WinApp32.exe, Wldap32.dll, Ndapi32K.dll, WinSock.exe, Winbife.scr

BirdWatcher

Aliases: Backdoor.Win32.BirdWatcher
Size: 147kb
Author: Vlad
Created: JUL 2001
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

Bitar

Aliases: Backdoor.Win32.Bitar.a
Size: 183kb
Created: TBD
OS: Windows
Location: TBD

BitchController

Aliases: Backdoor.Win32.Bitcon.205
Variants: 2.05
Port: 13010
Size: 92kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: the bitch controller.exe

BitHood

Aliases: Backdoor.Win32.Delf.abv
Variants: 1.0, 2.0
Size: 264kb
Author: s@S@n
Created: JAN 2002
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: divxx.exe, scxv32dll.exe

BITS Downloader

Aliases: Trojan-Downloader.Win32.Delf.bkr
Size: 14kb
Author: ErazerZ
Created: MAY 2007
OS: Windows
Location: TBD

BLA

Created: MAR 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

Black Angel

Aliases: Backdoor.Win32.BlackAngel.13
Variants: 1.3
Port: 1850
Size: 93kb
Author: WaRriOr AnGeLS
Created: AUG 2001
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: Iex32dll.exe

Black Box

Aliases: Constructor.Win32.Bboxet, Trojan-Downloader.Win32.BBoxet
Size: 20kb
Author: Biff
Created: MAR 2004
OS: Windows
Location: TBD

Black Curse

Aliases: Backdoor.Win32.Delf.adl, Backdoor.Win32.DarkMoon.a
Variants: 4.0
Port: 800, 25555
Size: 35kb
Author: Lin
Created: MAR 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: EXPL0RER.EXE, SP00LSV.EXE

Black Diver

Aliases: Backdoor.BlackDiver.098
Variants: 0.98
Port: 1985, 2702
Size: 220kb
Author: Atomic
Created: JAN 2001
OS: Windows
Location: TBD

Black Dream

Aliases: Backdoor.Win32.VB.ja, Backdoor.Win32.Amitis.10
Variants: 1.0, CN
Port: 4432, 4433
Size: 160kb
Author: Pre-Instinct Software
Created: MAY 2003
OS: Windows
Location: TBD

Black Eagle

Aliases: Backdoor.Win32.VB.xj
Port: 6006
Size: 106kb
Author: The Saint BassReFlex
Created: JUN 2004
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

Black Gibbons

Aliases: Backdoor.Win32.Gibbon.124
Variants: 1.24
Port: 113
Size: 161kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: scanregw.exe

Black Is Defeated

Aliases: Backdoor.Win32.Delf.po, Backdoor.Win32.Delf.adb
Variants: 3.2, 3.3.0.1
Size: 230kb
Created: APR 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: dllhost.exe, explorer.exe

Black Matrix

Aliases: Backdoor.Win32.VB.gen
Variants: 1.0
Port: 13654, 13655
Author: The_Chacal
Created: MAY 2003
OS: Windows
Location: TBD

Black QQ Robber

Aliases: IM-Worm.Win32.Lewor.ab, IM-Worm.Win32.Lewor.af, IM-Worm.Win32.Lewor.ag, IM-Worm.Win32.Lewor.ah, IM-Worm.Win32.Lewor.ai, Trojan-Downloader.Win32.Delf.aaa, Trojan-Downloader.Win32.Delf.ab, Trojan-Downloader.Win32.Delf.abj, Trojan-Downloader.Win32.Delf.abv, Trojan-Downloader.Win32.Delf.acv, Trojan-Downloader.Win32.Delf.aes, Trojan-Downloader.Win32.Delf.aex, Trojan-Downloader.Win32.Delf.alv, Trojan-Downloader.Win32.Delf.aog, Trojan-Downloader.Win32.Delf.axe, Trojan-Downloader.Win32.Delf.eoh, Trojan-Downloader.Win32.Delf.yj, Trojan-Downloader.Win32.Small.ddn, Trojan-Dropper.Win32.Agent.adu, Trojan-PSW.Win32.Delf.jj, Trojan-PSW.Win32.Delf.kl, Trojan-PSW.Win32.Delf.ln, Trojan-PSW.Win32.Delf.nx, Trojan-PSW.Win32.QQPass.gz, Trojan-PSW.Win32.QQPass.hu, Trojan-PSW.Win32.QQPass.ic, Trojan-PSW.Win32.QQPass.il, Trojan-PSW.Win32.QQPass.iv, Trojan-PSW.Win32.QQPass.jb, Trojan-PSW.Win32.QQPass.jh, Trojan-PSW.Win32.QQPass.jo, Trojan-PSW.Win32.QQPass.ju, Trojan-PSW.Win32.QQPass.jv, Trojan-PSW.Win32.QQPass.pa, Trojan-PSW.Win32.QQPass.qn, Trojan-PSW.Win32.QQPass.qs, Trojan-PSW.Win32.QQPass.rq, Trojan-PSW.Win32.QQPass.se, Trojan-PSW.Win32.QQPass.tb, Trojan-PSW.Win32.QQPass.uj, Trojan-PSW.Win32.QQPass.uv, Trojan-PSW.Win32.QQRob.16.ab, Trojan-PSW.Win32.QQRob.dm, Trojan-PSW.Win32.QQRob.fx, Trojan-PSW.Win32.QQRob.gl, Trojan-PSW.Win32.QQRob.hb, Trojan-PSW.Win32.QQRob.hj, Trojan-PSW.Win32.QQRob.jh, Trojan-PSW.Win32.QQRob.jn, Trojan-Spy.Win32.Delf.lw, Trojan-Spy.Win32.Delf.op,Trojan-PSW.Win32.QQRob.dc, Trojan.PSW.Win32.Delf.nx, Trojan.Win32.Agent.vz, Trojan.Win32.Qhost.kv
Variants: 1.0 Build1123, 1.0 Build0913, 1.0 Build0925, 1.0 Build1015, 1.1 Build1206, 1.1 Build1207, 1.1 Build1224, 1.2 Build0611, 1.2 Build1210, 1.2 Build1218, 1.2 Build1224, 1.2 Build1228, 1.3 Build0113, 1.3 Build0123, 1.3 Build0217, 1.3 Build0309, 1.3 Build0311, 1.3 Build0408, 1.3 Build0422, 1.3 Build0504, 1.3 Build0513, 1.3 Build0526, 1.3 Build0603, 1.4 Build0130, 1.4 Build0626, 1.4 Build0708, 1.4 Build0718, 1.4 Build0729, 1.4 Build0802, 1.4 Build0805, 1.4 Build0812, 1.4 Build0819, 1.4 Build0826, 1.4 Build1015, 1.5 Build0209, 1.5 Build0222, 1.5 Build0305, 1.5 Build0311, 1.6 Build0415, 1.6 Build0429, 1.6 Build0510, 1.6 Build0513, 1.7 Build0526, 1.7 Build0603, 1.7 Build0613, 1.7 Build0624, 1.7 Build0625, 1.8 Build0702, 1.8 Build0708, 1.8 Build0712, 1.8 Build0720, 1.8 Build0722, 1.8 Build0729, 1.8 Build0802, 1.8 Build0805, 1.8 Build0807, 1.8 Build0812, 1.8 Build0819, 1.8 Build0826, 1.8 Build0912, 1.8 Build0925, 1.9 Build1001, 1.9 Build1008, 1.9 Build1015, 1.9 Build1021, 2.0 Build0710, 2.0 Build1026, 2.0 Build1030, 2.0 Build1108, 2.0 Build1115, 2.0 Build1120, 2.0 Build1130, 2.0 Build1205, 2.0 Build1210, 2.0 Build1224, 3.0 Build0122, 3.0 Build0203
Size: 19kb
Author: tmhacker
Created: NOV 2005
OS: Windows
Location: HKCR\txtfile\shell\open\command\
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
HKLM\SYSTEM\ControlSet001\Services
Infection: aaykol.dll, aaykol.exe, adam.exe, ahwxvj.com, avp.com, avp.exe, conime.exe, dddrkn.dll, dddrkn.exe, dlbpdq.exe, elnnye.dll, elnnye.exe, fsplcv.exe, hx1.bat, IceSword.exe, impai.exe, iparmo.exe, iwaqio.exe, jxfcre.dll, jxfcre.exe, jycqmo.dll, jycqmo.exe, kabaload.exe, KRegEx.exe, KvDetect.exe, KVMonXP.kxp, KvXP.kxp, machineguid.txt, MagicSet.exe, mmsk.exe, msconfig.com, msconfig.exe, mshx.dll, mswosck.dll, nawrov.exe, ncyms.exe, ncyvms.dll, ngsbyt.exe, niw.exe, noruns.reg, nxlkno.dll, nxlkno.exe, PFW.exe, PFWLiveUpdate.exe, pncyqx.dll, pncyqx.exe, QQDoctor.exe, qqhx.dat, Ras.exe, Rav.exe, RavMon.exe, regedit.com, regedit.exe, runiep.exe, severe.exe, sfeojg.dll, sfeojg.exe, SREng.EXE, stillcap.exe, svohost.exe, tmbk.bak, tmbk.dll, tmdown.exe, tmdown1.exe, TrojDie.kxp, vjsnap.dll, vjsnap.exe, winscok.dll, wnilogon.exe, WoptiClean.exe, wuaclt.exe

Black VIP

Aliases: Constructor.Win32.Downldr.ax, Trojan-Dropper.Win32.Small.asg
Created: DEC 2006
OS: Windows
Location: TBD

Black Widow

Aliases: Backdoor.Win32.Delf.ale
Variants: 1.0
Port: 15887, 15888
Size: 829kb
Author: PqD7
Created: JUL 2005
OS: Windows
Location: TBD

Blackcobra Downloader

Aliases: Trojan-Downloader.Win32.VB.m
Size: 16kb
Author: Blackcobra
Created: AUG 2003
OS: Windows
Location: TBD

Blackcobra LAN Downloader

Aliases: Trojan-Downloader.Win32.VB.n
Size: 21kb
Author: Blackcobra
Created: AUG 2003
OS: Windows
Location: TBD

BlackCore

Aliases: Backdoor.Win32.VB.pb, Backdoor.Win32.VB.gen, Backdoor.Win32.VB.pd, Backdoor.Win32.VB.pi, Backdoor.Win32.VB.pz, Backdoor.Win32.Feardoor.15.g
Variants: 1.0 Beta, 1.1, 1.2, 1.2.1, 2.0, 2.1
Port: 55126, 55127, 55128
Size: 92kb
Author: Otacon
Created: APR 2004
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: server.exe, systemserver.exe, windll32.exe

Blackdoor

Aliases: Backdoor.Win32.Blador
Created: TBD
OS: Windows
Location: TBD

Blacker

Aliases: Trojan-PSW.Win32.LdPinch.nx, Trojan.Win32.Small.al
Variants: 1.1
Port: 23
Size: 13kb
Author: Black
Created: MAR 2005
OS: Windows
Location: HKCR\CLSID\{F741FAF7-07F9-49F2-9348-33A4C3A507B8}\
HKCU\Identities\{D4086F36-0b111C-4F8B-883F-F6A433830ADF}\Software\Microsoft\Internet Account Manager\
HKCU\Software\Far\
HKCU\Software\Ghisler\
HKCU\Software\Microsoft\Internet Account Manager\
HKCU\Software\Mirabilis\
HKCU\Software\RIT\
HKLM\SOFTWARE\Ghisler\
HKLM\SOFTWARE\Mirabilis\
HKLM\SOFTWARE\Miranda\
HKLM\SYSTEM\ControlSet002\.\
Infection: csrss.exe, dll.dll

Blackhole

Aliases: Backdoor.Singu.d, Backdoor.Singu.e, Backdoor.Singu.f, Backdoor.Singu.g, Backdoor.Singu.h, Backdoor.Singu.m, Backdoor.Singu.n, Backdoor.Singu.o, Backdoor.Singu.r, Backdoor.Singu.v, Backdoor.Win32.BlackHole.2005.k, Backdoor.Win32.BlackHole.2005.p, Backdoor.Win32.Mnets, Backdoor.Win32.Singu.a, Backdoor.Win32.Singu.m, Backdoor.Win32.Singu.n, Trojan-Spy.Win32.Spybox, TrojanDropper.Win32.Daoh
Variants: 2000, 2000 [OMEGE TEST], 2001, 2002, 2002 g & h, 2004 Build 20040712, 2004 Build 20040815, 2004 Build 20040915, 2004 Build 20041105, 2005 Enterprise Build 20050328, Titan
Port: 1050, 1122, 1144, 1415, 2000, 2001, 2002, 2004, 7788
Size: 208kb
Author: chengjingtao and lovejingtao
Created: SEP 2000
OS: Windows
Location: HKCC\Software\Microsoft\windows\CurrentVersion\Internet Settings\
HKCR\txtfile\shell\open\command\
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_BLACK_HOLE2005_ENTERPRISE\0000\Control\
HKLM\SYSTEM\ControlSet001\Services\Black Hole2005 Enterprise\
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BLACK_HOLE2005_ENTERPRISE\
HKLM\SYSTEM\CurrentControlSet\Services\Black Hole2005 Enterpris\
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\
Infection: runwinvxd.exe, system.ini, services.exe, winservices.dll, findriv.dll, server.exe, xxxxx.exe, netbox.exe, abc.cfg, abc.exe

BlackIce

Aliases: Backdoor.Win32.BlackIce
Port: 65421
Size: 225kb
Created: MAY 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
Infection: jade.exe

BlackIce

Aliases: Backdoor.Win32.Zany.10
Variants: 1.0
Port: 6789
Size: 337kb
Created: FEB 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\

BlackKiller

Aliases: VirTool.Win32.VB.s, Trojan.Win32.VB.qh
Variants: 1.1
Size: 45kb
Author: TiGeR756
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: service32.exe

BlackRaven

Aliases: Backdoor.Win32.Delf.arg
Size: 676kb
Author: BlackHat
Created: JUN 2006
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: system32.exe

BlackSea

Aliases: Backdoor.Win32.Andover.a, Trojan-Downloader.JS.gen
Author: Andyower
Created: JUN 2005
OS: Windows
Location: TBD

BlackShell

Aliases: Backdoor.Win32.Agent.yl
Port: 700
Size:33kb
Created: APR 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: quickstart.ini, quickstart.exe, quickstart.dll

BlackSpy

Aliases: Backdoor.Win32.VB.rs
Author: GEDZAC
Created: TBD
OS: Windows
Location: TBD

Blade Runner

Aliases: Backdoor.BladeRunner, Trojan Horse.LC, TrojanDropper.Win32.FC.h, TrojanDropper.Win32.Joiner.y, Win32.Joiner.y, Win32.TrojanDropper.Joiner.y
Variants: .80 Alpha
Port: 21, 5400, 5401, 5402
Size: 316kb
Author: Blade
Created: MAR 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

Blaire

Aliases: Backdoor.Win32.Blaire
Port: 314
Size: 633kb
Created: JAN 2002
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: bdn.com, mssecu.exe, winsystem.exe

Blakharaz

Aliases: "BlackHaraz" - Backdoor.BlackHaraz, BackDoor-KS, Win32.BlackHaraz
Port: 33333
Size: 95kb
Author: The Incredible Shadow
Created: MAR 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
HKU\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: blackharaz.exe, blakharazclient.exe

BlasterX

Variants: 1.5, 1.5 Flash the World
Port: 21
Author: BlasterX
Created: APR 2007
OS: Windows
Location: TBD
Infection: directory.exe, systemtray.exe, tghyu.exe, dataol.txt

Blastit

Aliases: Backdoor.Win32.Blastit.a, Backdoor.Win32.Blastit.b
Variants: "Blaster Worm Remover", (a), (b)
Port: 113
Size: 19kb
Created: SEP 2003
OS: Windows
Location: HKCU\Software\VB
HKCU\Software\VBA Program Settings\BlastIT16\Settings\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
Infection: addon.exe, wininit.exe, blastit.exe, tftp32.exe

Blaxill Downloader

Aliases: Trojan-Downloader.Win32.Small.d, Constructor.Win32.Edown, Trojan-Downloader.Win32.Delf.bp
Variants: 1.0, 2.0
Size: 4kb
Author: Blaxill
Created: FEB 2004
OS: Windows
Location: TBD
Infection: EditDownloader.exe

Blazer5

Created: NOV 1998
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

Bleem Fake

Aliases: Trojan.Win32.BleemFake.a
Variants: Final
Created: TBD
OS: Windows
Location: TBD

Bless

Aliases: Backdoor.Win32.Kneel
Variants: 0.01
Size: 28kb
Author: ENIAC
Created: AUG 2000
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\RunService\
Infection: microsoft.exe

Blhouse

Aliases: Backdoor.Win32.Blhouse.a, Backdoor.Win32.Blhouse.b
Variants: (a), (b)
Port: 2527, 3527, 4527, 5527
Size: 303kb
Created: JAN 2003
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: regeditexec.exe, regeditexec.dat, winlogin.dat, winlogin.dll

Blind Downloader

Aliases: TrojanDownloader.Win32.VB.ev
Variants: 1.1
Size: 18kb
Author: FeraliX
Created: AUG 2004
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: mswinsock.exe

Blind-D00r

Port: 2996
Size: 166kb
Created: AUG 2004
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: blind-d00r.exe, dwrapi.exe

Bling.Bling

Aliases: Backdoor.Win32.VB.by
Variants: 1.0
Author: ytcracker
Created: MAR 2000
OS: Windows
Location: TBD

BLOGFA-PS

Variants: 1.1
Size: 37kb
Author: Hosein Jam
Created: SEP 2007
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: mswin.exe

Blue Butterfly

Aliases: Backdoor.Win32.Prosti.ap, Backdoor.Win32.Prosti.dp, Backdoor.Win32.Prosti.ga
Variants: 2.0
Port: 8520
Created: DEC 2006
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
Infection: xiaozi.exe, xiaozig.dll

Blue Death

Aliases: Trojan.Win32.VB.ld, Trojan-Dropper.Win32.VB.cc, Trojan.Win32.VB.cq
Created: AUG 2003
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: abutton.dll, desktop.ini, msconfig.exe

Blue Eye

Aliases: Backdoor.Win32.Agent.ds, Backdoor.BlueEye.10b
Variants: 1.0b, 2.0
Port: 31337, 31338
Author: b1ackh0le
Created: JUL 2004
OS: Windows
Location: HKLM\Software\Microsoft\Active Setup\Installed Components\{B9L1OUI03-BB-B70H6-9E2121BLUJIL}\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{L9IW2QB23-CD-EDF-2-22d2-9CBD-00WSFS8AR6-9QER21QAJPM}\
Infection: msdic.com, msdic.dll, msdic.exe. mscidaemon.com, mscidaemon.dll, mscidaemon.exe

BlueAngel

Aliases: Backdoor.Win32.Blueang.a, Backdoor.Win32.Blueang.b, Backdoor.Win32.Blueang.c, Backdoor.Win32.BlueanWeb
Variants: 0.1, WebServer
Port: 1983
Size: 24kb
Author: Leonshoh
Created: MAR 2003
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
Infection: jveiw.exe, krnl.exe, msntc.exe, netcfg.dll, netlogin.dll, ntbackup.ocx, ntfrsprf.exe, ntkrnl.exe, script.dll

BlueFire

Aliases: Backdoor.Win32.BlueFire.01, Backdoor.Win32.BlueFire.035, Backdoor.Win32.BlueFire.036, Backdoor.Win32.BlueFire.041, Backdoor.Win32.BlueFire.043, Backdoor.Win32.BlueFire.050
Variants: 0.1, 0.35, 0.36, 0.41, 0.43, 0.50
Port: 19191
Size: 11kb
Author: vinsa
Created: OCT 2001
OS: Windows
Location: HKCR\txtfile\shell\open\command\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: tasksvc/exe, sysexpl.exe, bfhook.dll

BlueIce 2000C

Aliases: Backdoor.Win32.BlueIce
Variants: Beta
Port: 12345
Created: SEP 2001
OS: Windows
Location: TBD

BlueWater

Aliases: Trojan-Spy.Srdl.14, Trojan-Spy.Win32.Srdl.14, Trojan-Spy.Win32.Srdl.16, Trojan-PSW.Huopass
Variants: 1.4, 1.6
Author: Bai
Created: DEC 2002
OS: Windows
Location: TBD

Bluntman

Aliases: Backdoor.Win32.Bluntman.420
Variants: 4.20
Port: 113
Size: 42kb
Author: Bluntman
Created: TBD
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: qtasks.exe

Bmail

Aliases: Backdoor.Win32.FTP.Bmail.a, Backdoor.Win32.FTP.Bmail.b, Backdoor.Win32.FTP.Bmail.c
Variants: (a), (b), (c)
Port: 5135, 5153
Size: 15kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: createsw.exe, hom1.txt, attavget.txt

BN Downloader

Aliases: Trojan-Downloader.Win32.VB.agy
Size: 14kb
Author: BadNet
Created: JUN 2006
OS: Windows
Location: TBD

BO Whack

Created: AUG 1998
OS: Windows
Location: TBD

Bobo

Aliases: "Bo-Bo" - Backdoor.Napalm.a
Variants: 1.0, 1.0b
Port: 4321
Size: 321kb
Author: Napalm
Created: JUN 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
HKU\.Default\Software\Mirabilis\ICQ\Agent\Apps\ICQ Accel\
Infection: dllclient.exe, bobo.exe

BodomBot

Aliases: Backdoor.Win32.BodomBot.b
Variants: (b)
Port: 113
Size: 19kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: msmpr32.exe

Boiling

Aliases: Backdoor.Win32.Boiling
Port: 4359, 4368, 4369
Size: 463kb
Author: Hitech
Created: JUN 2001
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: intranet.exe

BoneHunter

Aliases: Backdoor.Win32.VB.ail
Variants: 1.0
Port: 65222
Size: 13kb
Author: Karsten
Created: AUG 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\

Bootlegger

Aliases: Backdoor.Win32.Lootbeg.a
Size: 515kb
Created: TBD
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\
Infection: svchost.exe

Bordo Logger

Size: 107kb
Author: Bordo Software
Created: NOV 2007
OS: Windows
Location: TBD

Boss

Aliases: Backdoor.Win32.VB.adp
Variants: 1.00, 1.14
Port: 4853
Size: 13kb
Author: Red Move
Created: MAY 2005
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: boss.exe

Bossat

Aliases: Backdoor.Win32.Bossat
Port: 113
Size: 14kb
Author: b0ss
Created: TBD
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: winsys.exe

Boss Eye

Variants: 1.0
Port: 3667
Size: 531kb
Author: Optiva
Created: FEB 2002
OS: Windows
Location: TBD

Boss Watcher

Port: 3182
Size: 221kb
Author: Portnoy
Created: MAY 2003
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

BotGod

Aliases: "Bot of the Gods of Destruction", Backdoor.Win32.Fakemanga.c
Port: 6667
Author: manga_man
Created: MAY 2002
OS: Windows
Location: TBD

BouffeTroyen

Aliases: Backdoor.Bouffe
Variants: 1.0
Author: AiKi
Created: SEP 1998
OS: Windows
Location: TBD

Bowl

Aliases: Backdoor.Bowl, Backdoor.Bowl.b, BackDoor-AJ, Trj.W32.ShockRave, W32.Bowl, Win32.Bowl.10
Variants: 1.0
Port: 1981
Size: 38kb
Author: Brainwat
Created: APR 1998
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunService\
Infection: netpopup.exe, bowleng.txt, bowlfaq.txt, config.exe

Brain Wiper

Aliases: Backdoor.Win32.BrainWiper.03
Variants: 0.3 BETA
Port: 3100
Size: 44kb
Author: manga_man
Created: MAY 2002
OS: Windows
Location: TBD

BrainBot

Aliases: Backdoor.Win32.VB.uf, Backdoor.Win32.VB.ug, Backdoor.Win32.VB.uc, Backdoor.Win32.Brabot.a, Backdoor.Win32.Brabot.b
Variants: 0.9, 1.4, 1.5.1, 1.5.3
Port: 1066, 6667
Size: 300kb
Author: Brainbuster
Created: JUL 2004
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: bootload.exe, lexplore.exe, pws.exe, mswinsck.ocx, builder.exe, infect.bat

BrainSpy

Aliases: Backdoor.BrainSpy
Variants: BETA
Port: 10101
Size: 48kb
Author: Brain Storm of Electronic Souls
Created: SEP 1999
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: gbubuzhnw, brainspy.exe, dualji, fexhqcux, 43b.exe, brains~1.exe, brainspy.exe, read me!.txt

Brasil Espiao

Aliases: Backdoor.Win32.Delf.cho, Backdoor.Win32.Delf.cug
Variants: 1.0, 1.5, 2.0
Port: 123, 4321
Size: 383kb
Author: FIREHACKER
Created: NOV 2007
OS: Windows
Location: N/A

Breach

Created: JAN 2000
OS: Windows
Location: TBD

Bregol

Aliases: Backdoor.Win32.Bregol
Variants:
Port:
Size: 240kb
Author:
Created:
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: greeting_summer200_1_flash5.exe, sqldbedt.exe, .exe, keyinfo.txt, keylog.txt

Broomop

Aliases: Backdoor.Win32.Bromp, Trojan.Win32.MSN.Broomops.62, Trojan.Win32.MSN.Broomops.63
Variants: 2.0, 6.2, 6.3
Size: 155kb
Author: Broomop
Created: NOV 2002
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\

Broser

Aliases: Backdoor.Win32.Broser
Port: 1080
Size: 37kb
Created: TBD
OS: Windows
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\

Size: 106kb
Created: AUG 2003
OS: Windows
Location: TBD
Infection: server.exe

BSDi

Aliases: Backdoor.Win32.BSDI
Author: Acrylic
Created: DEC 1999
OS: Windows
Location: TBD

BSE

Created: FEB 2001
OS: Windows
Location: TBD

BSJ

Aliases: Trojan-Dropper.Win32.Delf.bx
Size: 11kb
Created: NOV 2003
OS: Windows
Location: TBD

BSJLDown

Aliases: Trojan-Downloader.Win32.Delf.ts
Size: 4kb
Created: JUL 2005
OS: Windows
Location: TBD

Bubbel

Aliases: Backdoor.Bubbel, BackdoorBubbel, Bubbel.svr, Win32.Bubbel
Port: 5000
Size: 1.69mb
Author: Jonathan James
Created: JAN 2001
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
Infection: bubbel.exe

Bugs

Aliases: Backdoor.Win32.Feap
Port: 2115
Size: 76kb
Author: Wedson
Created: TBD
OS: Windows
Location: HKU\.Default\Software\Microsoft\Windows\CurrentVersion\Run\
Infection: systemtr.exe

BugsPrey

Aliases: Backdoor.Win32.Delf.ahy, Backdoor.Win32.Delf.ang, Trojan.Win32.Delf.rl, Backdoor.Win32.Delf.apd
Variants: 0.10, 0.11, 0.1.2.1, 0.13, 0.14, 0.15
Port: 8000
Size: 101kb
Author: StarDust
Created: OCT 2005
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: winhost32.exe, svdhost.exe

Bump Rat

Aliases: HackTool.Win32.VB.nc
Variants: 1.0, 1.2
Author: Blastwar, Scraniak
Created: JUL 2007
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
Infection: AVG-RUN.exe, MSWINSCK.OCX, RICHTX32.OCX, zlib.dll, twumk_32.dll, twunk_12.exe

Bunitex

Aliases: Trojan-Downloader.Win32.Agent.bxe
Variants: 0.1, 0.2
Size: 29kb
Author: _Q_
Created: MAY 2007
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
Infection: update32.exe, windrv.exe, svchost.exe

Burbulatorheads

Aliases: Backdoor.Win32.Burbul.a, Backdoor.Win32.Burbul.b
Variants: (a), (b)
Port: 2121
Size: 194kb
Author: Burbulatorheads
Created: NOV 2002
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
HKLM\Software\WRQ\IAM\FirewallState\

Bus Conquerer

Aliases: Backdoor.Win32.BusConquerer.12
Variants: 1.2
Port: 12345
Author: LEEBROS
Created: TBD
OS: Windows
Location: TBD

Buschrommel

Aliases: Backdoor.Win32.Bushtrommel.a, Backdoor.Win32.Bushtrommel.b, Backdoor.Win32.Bushtrommel.12, Backdoor.Win32.Bushtrommel.122
Variants: 1.0, 1.21, 1.22, TNG
Port: 6667, 31745
Size: 156kb
Author: Natok
Created: APR 2002
OS: Windows
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\RunService\
Infection: server.exe, system.exe

ButtMan

Aliases: Backdoor.Buttman.09, Backdoor.Buttman.09.Server, BackDoor-BR, Win32.Buttman.09
Variants: 0.9n, 0.9p
Port: 12624
Size: 403kb
Author: ButtMan
Created: SEP 1999
OS: Windows
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Infection: duncntrl.exe, bmclient.exe

Buxtehude

Aliases: Backdoor.Win32.Buxtehude
Size: 62kb
Created: TBD
OS: Windows
Location: TBD

Byshell

Aliases: Backdoor.Win32.ByShell.a, Backdoor.Win32.ByShell.b, Backdoor.Win32.ByShell.c, Backdoor.Win32.Agent.atq, Backdoor.Win32.Agent.atr, Backdoor.Win32.Visel.af, Backdoor.Win32.Visel.ax, Backdoor.Win32.Visel.ay, Backdoor.Win32.Visel.bk
Variants: 0.67, 1.09, 1.09 Build 20071020, 1.09 Build 20071209, 1.09 Build 20071216, 1.09 Build 20071220
Size: 330kb
Created: JUN 2005
OS: Windows
Location: HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_STEELKERNEL\0000\Control\
HKLM\SYSTEM\ControlSet001\Services\SteelKernel\Enum\
HKLM\SYSTEM\ControlSet001\Services\SteelKernel\Security\
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_STEELKERNEL\0000\Control\
HKLM\SYSTEM\CurrentControlSet\Services\SteelKernel\Enum\
HKLM\SYSTEM\CurrentControlSet\Services\SteelKernel\Security\
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NTBOOT32\0000\Control\
HKLM\SYSTEM\ControlSet001\Services\NTboot\Security\
HKLM\SYSTEM\ControlSet001\Services\te\
HKLM\SYSTEM\ControlSet002\C\
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NTBOOT32\0000\Control\
HKLM\SYSTEM\CurrentControlSet\Services\NTboot\Security\
HKLM\SYSTEM\CurrentControlSet\Services\te\
Infection: ntuser.dat, ntuser.dat.log, nt5.cat, nt5iis.cat, nt5inf.cat, ntprint.cat, steelkernel32.dll, steelkernel32.exe