ThreatExpert's Statistics for Backdoor.IRCBot!sd6 [PC Tools]:

Backdoor.IRCBot!sd6 [PC Tools] is also known as:

Threat Alias	Number of Incidents
Backdoor.Trojan [Symantec]	266
Win32/IRCBot.worm.variant [AhnLab]	231
Backdoor.Win32.IRCBot [Ikarus]	221
BackDoor-DVR [McAfee]	189
W32.Spybot.Worm [Symantec]	176
Backdoor.Win32.IRCBot.jvw [Kaspersky Lab]	161
VirTool:Win32/CeeInject.gen!R [Microsoft]	159
W32/Sdbot.worm [McAfee]	149
Mal/Inject-M [Sophos]	147
W32.IRCBot [Symantec]	100
Mal/Generic-A [Sophos]	98
Backdoor.Win32.IRCBot.csk [Kaspersky Lab]	90
TROJ_AGENT.AXAT [Trend Micro]	54
Generic.dx [McAfee]	48
VirTool.Win32.CeeInject [Ikarus]	35
IRC Trojan [Symantec]	31
VirTool:Win32/CeeInject.gen!J [Microsoft]	28
Backdoor.Win32.IRCBot.irl [Kaspersky Lab]	27
Troj/Inject-DA [Sophos]	27
Mal/Bckdr-C, Mal/Inject-M [Sophos]	26
Backdoor.Rbot [Ikarus]	21
IRC/Flood.mirc [McAfee]	18
not-a-virus:Client-IRC.Win32.mIRC.591 [Kaspersky Lab]	18
Backdoor:Win32/Rbot.gen [Microsoft]	17
W32.IRCBot.Gen [Symantec]	16
W32/Spybot.worm.gen [McAfee]	16
Generic BackDoor [McAfee]	15
Mal/UnkPack-Fam [Sophos]	15
WORM_RBOT.GEN-1 [Trend Micro]	15
Backdoor.Win32.Rbot.gen [Kaspersky Lab]	14
W32/Sdbot.worm.gen.g [McAfee]	14
not-a-virus.Keygen.Avast [Ikarus]	13
VirTool:Win32/CeeInject.B [Microsoft]	13
Backdoor.Win32.SdBot.kef [Kaspersky Lab]	12
W32/Sdbot.worm.gen.a [McAfee]	12
not-a-virus:Keygen.Adobe [Ikarus]	11
W32.Randex.gen [Symantec]	11
Worm:Win32/Pushbot.gen [Microsoft]	11
Generic PWS.y [McAfee]	10
Virus.Win32.IRCBot.BSX [Ikarus]	10
Win-Trojan/Xema.variant [AhnLab]	10
Virus.Win32.Trojan [Ikarus]	9
Win32/ExprPacked.suspicious [AhnLab]	9
Backdoor.Win32.IRCBot.grs [Kaspersky Lab]	8
Troj/DwnLdr-HLF [Sophos]	8
Trojan:Win32/Meredrop [Microsoft]	8
Worm:Win32/Neeris.gen!C [Microsoft]	8
Backdoor.Win32.IRCBot.hrx [Kaspersky Lab]	7
Backdoor:Win32/Poebot.gen [Microsoft]	7
Downloader [Symantec]	7
W32/Inject-DE [Sophos]	7
Backdoor.IRC.Bot [Symantec]	6
Backdoor.Win32.SdBot [Ikarus]	6
Backdoor.Win32.SdBot.eba [Kaspersky Lab]	6
Downloader.gen.a [McAfee]	6
Net-Worm.Win32.Kolab [Ikarus]	6
not-a-Virus.Keygen.Adobe [Ikarus]	6
Packer.Expressor [Ikarus]	6
Trojan.Win32.Crypt.gw [Kaspersky Lab]	6
Trojan:Win32/Ircbrute [Microsoft]	6
Trojan-Downloader.Win32.VB.erq [Kaspersky Lab]	6
TrojanDownloader:Win32/Small.gen!H [Microsoft]	6
Trojan-PWS.Win32.Agent [Ikarus]	6
TrojanSpy:Win32/Logsnif.FH [Microsoft]	6
VirTool.Win32.DelfInject [Ikarus]	6
W32/IRCbot.gen.a [McAfee]	6
W32/Rbot-Fam, W32/Rbot-Gen, Mal/Behav-134, Mal/Behav-024, Mal/AVKill-B, Mal/IRCBot-B [Sophos]	6
Win32/IRCBot.worm.Gen [AhnLab]	6
Backdoor.Win32.IRCBot.gnc [Kaspersky Lab]	5
Backdoor.Win32.Rbot.bzf [Kaspersky Lab]	5
Generic Downloader.x [McAfee]	5
Generic PUP.x [McAfee]	5
Mal/Behav-285 [Sophos]	5
Mal/EncPk-EX [Sophos]	5
Mal/Packer [Sophos]	5
Net-Worm.Win32.Kolab.bdk [Kaspersky Lab]	5
Net-Worm.Win32.Kolabc [Ikarus]	5
Troj/IRCBot-ADQ [Sophos]	5
Trojan Horse [Symantec]	5
Trojan-Downloader.Win32.Small [Ikarus]	5
Trojan-Dropper.Agent [Ikarus]	5
VirTool:Win32/Injector.gen!B [Microsoft]	5
W32/Rbot-Fam, Mal/Behav-024, Mal/IRCBot-B [Sophos]	5
Win32.SuspectCrc [Ikarus]	5
Backdoor.Win32.Nepoe.em [Kaspersky Lab]	4
Backdoor:Win32/Gaertob.A [Microsoft]	4
BKDR_IRCBOT.BAW [Trend Micro]	4
Generic Downloader.x!bf [McAfee]	4
Generic Dropper [McAfee]	4
IRC-Ibot [McAfee]	4
Mal/Behav-024, Mal/IRCBot-B [Sophos]	4
Mal/Behav-243 [Sophos]	4
MemScanRootkit.3315 [Ikarus]	4
Net-Worm.Win32.Kolab.bhq [Kaspersky Lab]	4
Troj/Agent-GDE [Sophos]	4
TROJ_DLOAD.DV [Trend Micro]	4
Trojan.Inject [Ikarus]	4
Trojan.Win32.Agent.ahqw [Kaspersky Lab]	4
Trojan.Win32.Agent2.dnp [Kaspersky Lab]	4
Trojan.Win32.Ircbrute [Ikarus]	4

Backdoor.IRCBot!sd6 [PC Tools] has the following possible countries of origin:

Origin		Number of Incidents
	Israel	16
	France	15
	China	8
	Germany	5
	Sweden	5
	United Kingdom	5
	Denmark	2
	Saudi Arabia	2
	Switzerland	2
	Uzbekistan	2
	Brazil	1
	Canada	1
	Egypt	1
	Finland	1
	Italy	1
	Russian Federation	1
	Serbia and Montenegro	1
	Spain	1
	Taiwan	1
	Thailand	1

Backdoor.IRCBot!sd6 [PC Tools] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\pidle\pidle.exe

%FontsDir%\unwise_.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\internet explorer\keygen.exe

%ProgramFiles%\microsoft office\office11\services.exe

%ProgramFiles%\microsoft office\office11\smss.exe

%ProgramFiles%\outlook express\keygen.exe

%Programs%\startup\userinit.exe

%System%\algs.exe

%System%\bootk.exe

%System%\cilevb.com

%System%\cpaner.com

%System%\csrs.exe

%System%\cssmhc.dll

%System%\dllcache\ctfmon.exe

%System%\drivers\drsch.exe

%System%\drivers\services.exe

%System%\dumpprep.exe

%System%\exec1.exe

%System%\explorer.exe

%System%\fcmyow.exe

%System%\firewall.exe

%System%\fsmgmt.dll

%System%\imbot.exe

%System%\img_spa500135a.jpg.exe

%System%\kupkudm.exe

%System%\lcsass.exe

%System%\logon.exe

%System%\lssas.exe

%System%\mldmm.exe

%System%\mrtmoons.exe

%System%\msnmanegers.exe

%System%\msupdate.exe

%System%\ninkey.exe

%System%\nvsvc86.exe

%System%\phqghu.exe

%System%\premiumpk.exe

%System%\programs\svchost.exe

%System%\schost32.exe

%System%\scif\explorer.exe

%System%\scif\svchost.exe

%System%\service.exe

%System%\souwoutounor.exe

%System%\spoolsvc.exe

%System%\spoolvs.exe

%System%\sssvcs.exe

%System%\sv.exe

%System%\svrhost.exe

%System%\svshost.exe

%System%\system.exe

%System%\taksman.exe

%System%\ted.exe

%System%\tesit.exe

%System%\tilesys.com

%System%\tskmngr.exe

%System%\vmciel.exe

%System%\win.exe

%System%\win15763.exe

%System%\winamp.exe

%System%\windl32.exe

%System%\winload.dll

%System%\winmessengerlive.exe

%System%\winspooler.exe

%System%\winupdatr.exe

%System%\wplayer.exe

%System%\xfire32.exe

%Temp%\0gmzofm.exe

%Temp%\1.exe

%Temp%\120.exe

%Temp%\2.exe

%Temp%\25.exe

%Temp%\decrypted.exe

%Temp%\ixp000.tmp\banaz.exe

%Temp%\ixp000.tmp\burimi.exe

%Temp%\ixp000.tmp\ctrgsmso.exe

%Temp%\ixp000.tmp\hidden.exe

%Temp%\ixp000.tmp\hidden2.exe

%Temp%\ixp000.tmp\install.exe

%Temp%\ixp000.tmp\keygen.exe

%Temp%\ixp000.tmp\kickin.exe

%Temp%\ixp000.tmp\lsass.exe

%Temp%\ixp000.tmp\pa.exe

%Temp%\ixp000.tmp\pack.exe

%Temp%\ixp000.tmp\patch.exe

%Temp%\ixp000.tmp\service.exe

%Temp%\ixp000.tmp\test.exe

%Temp%\ixp000.tmp\windvd.9.plus.keygen.only.exe

%Temp%\keygen.exe

%Temp%\keygen1.exe

%Temp%\kglcjtsrh.exe

%Temp%\nzm.exe

%Temp%\out.exe

%Temp%\patch.exe

%Temp%\server.exe

%Temp%\traffic-bot.exe

%Temp%\win32.exe

%Temp%\windvd.9.plus.keygen.only\keygen.exe

%UserProfile%\lsass.exe

%UserProfile%\svchost.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).