ThreatExpert's Statistics for Backdoor.Rbot [Ikarus]:

Backdoor.Rbot [Ikarus] is also known as:

Threat Alias	Number of Incidents
W32.Spybot.Worm [Symantec]	164
Backdoor:Win32/Rbot.gen [Microsoft]	128
WORM_RBOT.GEN-1 [Trend Micro]	112
W32/Sdbot.worm.gen.g [McAfee]	108
Backdoor.Win32.Rbot.gen [Kaspersky Lab]	99
Win32/IRCBot.worm.Gen [AhnLab]	87
Mal/Generic-A [Sophos]	69
W32/Sdbot.worm [McAfee]	65
W32.IRCBot [Symantec]	59
W32/Rbot-Fam, W32/Rbot-Gen [Sophos]	58
W32.Randex.gen [Symantec]	48
Win32/IRCBot.worm.variant [AhnLab]	47
Trojan.Packed.16 [Symantec]	44
WORM_SPYBOT.GEN [Trend Micro]	43
Worm.Akbot.Gen [PC Tools]	41
Generic.dx [McAfee]	39
Mal/EncPk-BO [Sophos]	35
Backdoor.Win32.Rbot.aea [Kaspersky Lab]	30
Exploit-DcomRpc.gen [McAfee]	26
Trojan Horse [Symantec]	26
W32/Rbot-Fam [Sophos]	25
Backdoor.Win32.Rbot.aeu [Kaspersky Lab]	24
Virus.Win32.Virut.ce [Kaspersky Lab]	22
Virus:Win32/Virut.BM [Microsoft]	22
W32.Virut.CF [Symantec]	22
Win32/Virut.E [AhnLab]	22
Backdoor.IRCBot!sd6 [PC Tools]	21
W32/Rbot-Fam, W32/Scribble-B [Sophos]	21
Worm.RBot.Gen.10 [PC Tools]	19
W32/Rbot-Fam, W32/Rbot-Fam, Mal/TinyDL-T, Mal/Packer, Mal/Behav-024, Mal/AVKill-B [Sophos]	16
W32/Sdbot.worm.gen.t [McAfee]	16
Backdoor:Win32/Rbot [Microsoft]	15
Mal/Packer [Sophos]	14
W32/Rbot-Fam, W32/Rbot-Gen, Mal/Behav-134, Mal/Behav-024, Mal/AVKill-B, Mal/IRCBot-B [Sophos]	14
W32/Rbot-Fam, W32/Rbot-Gen, Mal/Behav-134, Mal/AVKill-B, Mal/Behav-024, Mal/IRCBot-B [Sophos]	13
VirTool:Win32/CeeInject.gen!J [Microsoft]	12
Mal_Strat-4 [Trend Micro]	11
Suspicious.MH690 [Symantec]	11
Trojan:Win32/Ircbrute [Microsoft]	11
Worm.RBot.Gen.14 [PC Tools]	11
Mal/Packer, Mal/EncPk-BW [Sophos]	10
New Malware.n [McAfee]	10
VirTool:Win32/VBInject.AQ [Microsoft]	10
Win32/MalPackedB.suspicious [AhnLab]	10
Win-Trojan/Xema.variant [AhnLab]	10
Backdoor.Win32.Rbot.aus [Kaspersky Lab]	9
Email-Worm.Win32.Warezov.sz [Kaspersky Lab]	9
Mal/EncPk-BO, Mal/Behav-160 [Sophos]	9
Trojan:Win32/AgentBypass.gen!U [Microsoft]	9
VirTool:Win32/DelfInject.gen!L [Microsoft]	9
WORM_SPYBOT.JI [Trend Micro]	9
Backdoor.Sdbot [Symantec]	8
Infostealer.Gampass [Symantec]	8
Mal/Behav-243 [Sophos]	8
Mal/Behav-285 [Sophos]	8
WORM_SDBOT.GAV [Trend Micro]	8
Backdoor.Rbot!sd6 [PC Tools]	7
Backdoor.Trojan [Symantec]	7
Backdoor.Win32.IRCBot.gen [Kaspersky Lab]	7
Trojan:Win32/Meredrop [Microsoft]	7
VirTool:Win32/CeeInject.gen!A [Microsoft]	7
W32/Rbot-Fam, W32/Rbot-Gen, Mal/Behav-024, Mal/IRCBot-B [Sophos]	7
Backdoor.Rbot!ct [PC Tools]	6
Backdoor.Win32.Rbot.zfm [Kaspersky Lab]	6
Backdoor:Win32/Mobibez [Microsoft]	6
BackDoor-AWQ.b [McAfee]	6
Cryp_PESpin [Trend Micro]	6
Mal/VB-AD [Sophos]	6
Trojan:Win32/Agent.gen!C [Microsoft]	6
W32.SillyFDC [Symantec]	6
W32/Rbot-Fam, Mal/IRCBot-B [Sophos]	6
WORM_RBOT.GEN [Trend Micro]	6
Backdoor.Graybird [Symantec]	5
Backdoor.Win32.Hupigon.fgvq [Kaspersky Lab]	5
Backdoor.Win32.Rbot.qwv [Kaspersky Lab]	5
Backdoor:Win32/Ursap!rts [Microsoft]	5
Exploit:Win32/MS06040.gen [Microsoft]	5
Mal/ProcInj-Fam [Sophos]	5
Mal/VB-AB, Mal/VB-W, Mal/Behav-211 [Sophos]	5
New Malware.aj [McAfee]	5
New Malware.b [McAfee]	5
Packed.Win32.Klone.bh [Kaspersky Lab]	5
PWS-Banker [McAfee]	5
Trojan.Win32.Agent2.dfj [Kaspersky Lab]	5
Trojan.Win32.Buzus.aoko [Kaspersky Lab]	5
Trojan-Dropper.Win32.VB.aelb [Kaspersky Lab]	5
W32.SillyDC [Symantec]	5
W32/Rbot-Fam, Mal/Behav-024, Mal/IRCBot-B [Sophos]	5
W32/Virut.gen.a [McAfee]	5
Backdoor.Bifrose [Symantec]	4
Backdoor.Bifrose.ABA [PC Tools]	4
Backdoor.IRC.Bot [Symantec]	4
Backdoor.Rbot [PC Tools]	4
Backdoor.Rbot.AEU [PC Tools]	4
Backdoor.SpyBoter [PC Tools]	4
Backdoor.Win32.Bifrose.agn [Kaspersky Lab]	4
Backdoor.Win32.Rbot.aayt [Kaspersky Lab]	4
Backdoor.Win32.Rbot.bzf [Kaspersky Lab]	4
Backdoor.Win32.Rbot.ulg [Kaspersky Lab]	4
Backdoor.Win32.Rbot.xde [Kaspersky Lab]	4

Backdoor.Rbot [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	China	46
	Israel	14
	Russian Federation	14
	Brazil	13
	Germany	8
	France	6
	United Kingdom	6
	Sweden	5
	Portugal	4
	Republic of Korea	4
	Spain	4
	Australia	3
	Poland	3
	Netherlands	2
	New Zealand	2
	Canada	1
	Croatia	1
	Egypt	1
	Iran	1
	Italy	1
	Japan	1
	Turkey	1

Backdoor.Rbot [Ikarus] is known to be created as:

%AppData%\microsoft xml\svchost.exe

%AppData%\octopus.exe

%CommonPrograms%\startup\windows32.exe

%ProgramFiles%\_virtualnat.exe

%ProgramFiles%\copypod\copypod.exe

%ProgramFiles%\dfse.exe

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\skypemate\skypemate.exe

%System%\\smss.exe

%System%\_wins.exe

%System%\adnzpe.exe

%System%\afubgy.exe

%System%\algr.exe

%System%\alxres061230.exe

%System%\aniwlz.exe

%System%\antvr32.exe

%System%\besiuex.exe

%System%\bjwrrc.exe

%System%\bkupmsn.exe

%System%\bxsnlx.exe

%System%\byjjebmo.exe

%System%\cbhhjsaow.exe

%System%\ccpanele.com

%System%\cgylcce.exe

%System%\chvmrf.exe

%System%\cidaemon32.exe

%System%\cilevb.com

%System%\cjptvh.exe

%System%\cmssoo.exe

%System%\cpaner.com

%System%\crkxfyl.exe

%System%\cssmhc.dll

%System%\cuiham.exe

%System%\cwaoyulhguj.exe

%System%\dcngzxg.exe

%System%\dfrhost.exe

%System%\diskchk.exe

%System%\dllcache\spoolsv.exe

%System%\dnsresolver.exe

%System%\dpdhost.exe

%System%\drectxx32.exe

%System%\dschost.exe

%System%\dudoyah.exe

%System%\eouvib.exe

%System%\error.exe

%System%\ewinupdate32.exe

%System%\exp1orer.exe

%System%\explorer.exe

%System%\ezicae.exe

%System%\feasoo.exe

%System%\ffservice.exe

%System%\firefox.exe

%System%\fkxfkt.exe

%System%\fnhdxcy.exe

%System%\ftylsv.exe

%System%\fvjyas.exe

%System%\fyqlgt.exe

%System%\gdrhost.exe

%System%\gfrhost.exe

%System%\gghzszg.exe

%System%\giihufy.exe

%System%\gnlwvhnjkmeof.exe

%System%\hanogw.exe

%System%\hhtjcv.exe

%System%\hnqoxe.exe

%System%\hvgrrr.exe

%System%\hvgrrrrvzfxiw.exe

%System%\i386.exe

%System%\ictjylwvdw.exe

%System%\iexplorer.exe

%System%\injectedspybot.exe

%System%\inkenwev.exe

%System%\internet.exe

%System%\iynptm.exe

%System%\izsojy.exe

%System%\java.exe

%System%\jfwdqqxwosmyd.exe

%System%\jnbrxa.exe

%System%\jrjw.exe

%System%\kbpeymeemokok.exe

%System%\kdvhost.exe

%System%\kii.exe

%System%\klxyszuy.exe

%System%\krafrax.exe

%System%\krdtexonqrfzi.exe

%System%\lidbyg.exe

%System%\lmns.exe

%System%\load.exe

%System%\lservice.exe

%System%\mccagg.exe

%System%\mcfgco.exe

%System%\mdphost.exe

%System%\me.exe

%System%\mesenger.exe

%System%\mizbdl.exe

%System%\msconfig.exe

%System%\mslogon.exe

%System%\msngr32.com

%System%\msnmsgr.exe

%System%\msnnmaneger.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).