ThreatExpert's Statistics for Backdoor.Win32.VB [Ikarus]:

Backdoor.Win32.VB [Ikarus] is also known as:

Threat Alias	Number of Incidents
Backdoor.Trojan [Symantec]	322
Generic BackDoor [McAfee]	270
Mal/Generic-A [Sophos]	193
Trojan Horse [Symantec]	128
Backdoor.VB!sd6 [PC Tools]	120
Backdoor.VB.GEN [PC Tools]	107
Backdoor.Win32.Shark.dxa [Kaspersky Lab]	99
Backdoor.Win32.VB.fdi [Kaspersky Lab]	72
Win-Trojan/Xema.variant [AhnLab]	66
Trojan.Dropper [Symantec]	54
W32/AutoRun-XU [Sophos]	48
Troj/Prorat-19 [Sophos]	44
BackDoor-AVW [McAfee]	43
Trojan-Downloader.MisleadApp!sd6 [PC Tools]	43
Backdoor.Prorat.AR1 [PC Tools]	40
Backdoor.Win32.Prorat.19.i [Kaspersky Lab]	40
Backdoor:Win32/Prorat.L [Microsoft]	40
not-a-virus:AdWare.Win32.BHO.ejh [Kaspersky Lab]	40
Trojan.Fakeavalert [Symantec]	40
Generic Downloader.x [McAfee]	38
Backdoor.Win32.VB.frn [Kaspersky Lab]	36
Backdoor.Win32.VB.gsx [Kaspersky Lab]	36
FakeAlert-AB [McAfee]	35
Downloader.MisleadApp [Symantec]	28
not-a-virus:AdWare.Win32.BHO.eag [Kaspersky Lab]	28
BKDR_PRORAT.F [Trend Micro]	27
Downloader [Symantec]	24
Infostealer [Symantec]	23
Mal/EncPk-C [Sophos]	23
Generic.dx [McAfee]	21
Mal/Behav-216, Mal/Emogen-F [Sophos]	20
StartPage-KN [McAfee]	20
TrojanDropper:Win32/Startpage.DE [Microsoft]	20
BKDR_AVW.A [Trend Micro]	18
Win-Trojan/Shark.28160 [AhnLab]	18
PWS-LegMir [McAfee]	16
Troj/FakeAle-KF [Sophos]	16
Backdoor:Win32/VB.ANS [Microsoft]	15
Trojan.Fakeavalert!sd6 [PC Tools]	15
Backdoor.Win32.VB.brg [Kaspersky Lab]	14
Trojan:Win32/Malagent [Microsoft]	14
Backdoor.VB!sd5 [PC Tools]	13
Backdoor.Win32.VB.hkf [Kaspersky Lab]	12
Backdoor.Win32.VB.hxa [Kaspersky Lab]	12
Win-Trojan/Agent.47717.B [AhnLab]	12
Backdoor:Win32/VB.AT [Microsoft]	11
Generic Downloader.s [McAfee]	11
Troj/Bckdr-QPB [Sophos]	11
Generic PUP.x [McAfee]	10
Trojan.Win32.VB.hvz [Kaspersky Lab]	10
Win-Trojan/Agent.65536.ML [AhnLab]	10
Backdoor.Win32.Shark [Ikarus]	9
Mal/Delf-Y [Sophos]	9
Mal/VB-AD [Sophos]	9
Trojan:Win32/Bumat!rts [Microsoft]	9
TrojanDropper:Win32/VB.AF [Microsoft]	9
W32.SillyFDC [Symantec]	9
Generic BackDoor.k [McAfee]	8
TrojanSpy:Win32/Bancos.OO [Microsoft]	8
W32/Autorun.worm.h [McAfee]	8
Win32.SuspectCrc [Ikarus]	8
Win-Trojan/Agent.182272.U [AhnLab]	8
Mal/Behav-109 [Sophos]	7
VirTool:Win32/VBInject.gen!AV [Microsoft]	7
Backdoor:Win32/VB [Microsoft]	6
Mal/VB-F [Sophos]	6
Trojan-PWS.OnlineGames.SYHE [PC Tools]	6
VB-BackDoor.a.gen [McAfee]	6
W32.IRCBot [Symantec]	6
W32.Spybot.Worm [Symantec]	6
Adware.BHO.DIN [PC Tools]	5
Adware.VB.GKZ [PC Tools]	5
Backdoor.Win32.VB.grp [Kaspersky Lab]	5
Backdoor.Win32.VB.gw [Kaspersky Lab]	5
Backdoor.Win32.VB.hku [Kaspersky Lab]	5
Backdoor.Win32.VB.hmj [Kaspersky Lab]	5
Backdoor.Win32.VB.lea [Kaspersky Lab]	5
Generic BackDoor.b [McAfee]	5
Mal/VB-F, Mal/Behav-232 [Sophos]	5
Troj/VB-GW [Sophos]	5
Trojan:Win32/Meredrop [Microsoft]	5
Trojan-Dropper.Agent [PC Tools]	5
TrojanDropper:Win32/Delfdru.A [Microsoft]	5
Worm:Win32/VB.AM [Microsoft]	5
Backdoor.Prorat [Symantec]	4
Backdoor.Trojan.Client [Symantec]	4
Backdoor.Win32.Inject.aav [Kaspersky Lab]	4
Backdoor.Win32.VB.aoi [Kaspersky Lab]	4
Backdoor.Win32.VB.ggs [Kaspersky Lab]	4
Backdoor.Win32.VB.ghl [Kaspersky Lab]	4
Backdoor.Win32.VB.gom [Kaspersky Lab]	4
Backdoor.Win32.VB.gqz [Kaspersky Lab]	4
Backdoor:Win32/VB.GE [Microsoft]	4
Generic Dropper [McAfee]	4
Hacktool [Symantec]	4
Mal/Behav-221 [Sophos]	4
Mal/Emogen-F [Sophos]	4
Mal/EncPk-GT, Mal/HckPk-A [Sophos]	4
Mal/VBDrop-B [Sophos]	4
not-a-virus:AdWare.Win32.BHO.div [Kaspersky Lab]	4

Backdoor.Win32.VB [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	China	79
	Brazil	18
	Spain	17
	France	10
	Germany	8
	Turkey	7
	Republic of Korea	6
	Russian Federation	6
	United Kingdom	5
	Israel	4
	Iran	2
	Sweden	2
	Indonesia	1
	Italy	1
	Portugal	1

Backdoor.Win32.VB [Ikarus] is known to be created as:

%AppData%\svchost.exe

%AppData%\svchost32.exe

%CommonPrograms%\startup\svckost.exe

%LocalSettings%\tmp21008.exe

%ProgramFiles%\bifrost\explorer.exe

%ProgramFiles%\cinvig\inwinwn.exe

%ProgramFiles%\common files\ketmh.exe

%ProgramFiles%\common files\zbnyh.exe

%ProgramFiles%\dwimn\mwstwn.exe

%ProgramFiles%\ieiaf.exe

%ProgramFiles%\iejbb.exe

%ProgramFiles%\iexsy.exe

%ProgramFiles%\internet explorer\iexplore.com

%ProgramFiles%\jsywg\jsy.dll

%ProgramFiles%\ttzwd.exe

%Programs%\startup\lsass.exe

%System%\_svchost32.exe

%System%\090514-a-11.exe

%System%\1230\smss.exe

%System%\airserver.exe

%System%\cmds.exe

%System%\ddlke7.exe

%System%\dxdiag.com

%System%\explore.exe

%System%\finder.com

%System%\fservice.exe

%System%\gcays.exe

%System%\getfn32.dll

%System%\getsn32.dll

%System%\getwn32.dll

%System%\hotelc.exe

%System%\hrbinp18.exe

%System%\hwvdla.exe

%System%\ieautoups.exe

%System%\ifgpxerns.exe

%System%\inv.exe

%System%\is.exe

%System%\jkvsi.exe

%System%\jsy\jsy.dll

%System%\jsypk7.80\data\jsy.dll

%System%\kxkwgdx.exe

%System%\lncom.exe

%System%\mga.exe

%System%\mldmm.exe

%System%\msconfig.com

%System%\mwdgo.exe

%System%\ndm7n.exe

%System%\netcmd.exe

%System%\ntsqua.exe

%System%\pdfservice.exe

%System%\pib0eg.exe

%System%\regedit.com

%System%\rpc.exe

%System%\rundll32.com

%System%\scif\explorer.exe

%System%\scif\svchost.exe

%System%\sdra64.exe

%System%\service.exe

%System%\smwin32.dll

%System%\svchest.exe

%System%\system.exe

%System%\system32.exe

%System%\type32.exe

%System%\ujwgd.exe

%System%\uzey.exe

%System%\wg\jsy.dll

%System%\windowxp\zlib.dll

%System%\winlegon.exe

%System%\winsec.exe

%System%\ymoui.exe

%System%\zih6ry6.exe

%System%\zlib.dll

%Temp%\090514-a-11.exe

%Temp%\090613-1-5.exe

%Temp%\090614-a-4.exe

%Temp%\17.exe

%Temp%\4u\4u.exe

%Temp%\4u\server.exe

%Temp%\5.exe

%Temp%\client.exe

%Temp%\facebook-famosos.exe

%Temp%\idman517_4.exe

%Temp%\ixp000.tmp\codec_v.1004.1.exe

%Temp%\ixp000.tmp\explore.exe

%Temp%\ixp000.tmp\java.exe

%Temp%\msnmsgr.exe.exe

%Temp%\test1.exe

%Temp%\untitled folder\injector.exe.exe

%Temp%\winrar.3.80.final.corporate.exe

%Temp%\wzse0.tmp\srsver.dll

%Temp%\wzse0.tmp\srvcsr.dll

%UserProfile%\data\pycq.dll

%UserProfile%\localdir\install.exe

%UserProfile%\localdir\svchost.exe

%UserProfile%\lsass.exe

%Windir%\1.com

%Windir%\4u.exe

%Windir%\asifucan.exe

%Windir%\bifrost\server.exe

%Windir%\big5.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.