ThreatExpert's Statistics for W32/Sdbot.worm [McAfee]:

W32/Sdbot.worm [McAfee] is also known as:

Threat Alias	Number of Incidents
Backdoor.Win32.SdBot.aqp [Kaspersky Lab]	4,690
Hacktool.Rootkit [Symantec]	4,556
Backdoor.Sdbot.AGP [PC Tools]	4,020
Troj/RKProc-F [Sophos]	3,015
VirTool:WinNT/Rootkitdrv.AA [Microsoft]	2,814
Backdoor.Win32.SdBot [Ikarus]	2,387
Win32/IRCBot.worm.variant [AhnLab]	2,301
Backdoor.Win32.IRCBot.aro [Kaspersky Lab]	1,213
Trojan Horse [Symantec]	1,166
BKDR_SDBOT.RV [Trend Micro]	871
Backdoor.IRCBot.UUX [PC Tools]	740
W32.Spybot.Worm [Symantec]	500
W32.IRCBot [Symantec]	402
Backdoor.IRC.Bot [Symantec]	252
Mal/Generic-A [Sophos]	233
Backdoor.Trojan [Symantec]	156
Backdoor.Sdbot [Symantec]	154
Backdoor.IRCBot!sd6 [PC Tools]	149
Worm.Rbot.ABCC [PC Tools]	116
WORM_SDBOT.GAV [Trend Micro]	111
Backdoor:Win32/Rbot [Microsoft]	101
Backdoor.Win32.IRCBot [Ikarus]	97
Backdoor.Win32.IRCBot.csk [Kaspersky Lab]	90
Backdoor.Win32.Rbot.gen [Kaspersky Lab]	74
Backdoor.Rbot [Ikarus]	65
Mal/Behav-285 [Sophos]	65
BKDR_IRCBOT.AGF [Trend Micro]	55
TROJ_AGENT.AXAT [Trend Micro]	54
Trojan:Win32/Ircbrute [Microsoft]	54
Mal/Behav-167 [Sophos]	49
Backdoor.IRCBot!sd5 [PC Tools]	46
Backdoor.Win32.Rbot.aus [Kaspersky Lab]	43
Backdoor.IRCBot [PC Tools]	37
Packed.Win32.Black.a [Kaspersky Lab]	34
Worm.Akbot.Gen [PC Tools]	33
WORM_BAGLE.JV [Trend Micro]	32
BKDR_IRCBOT.JC [Trend Micro]	30
Troj/Inject-DA [Sophos]	27
Trojan.Dropper [Symantec]	27
Backdoor.Rbot!sd5 [PC Tools]	25
Backdoor:Win32/Rbot.gen [Microsoft]	25
Backdoor.Sdbot!sd6 [PC Tools]	24
not-a-virus:Client-IRC.Win32.mIRC.60 [Kaspersky Lab]	24
Backdoor.SdBot!sd5 [PC Tools]	23
BKDR_IRCBOT.AXJ [Trend Micro]	23
Mal/Packer [Sophos]	23
Downloader [Symantec]	21
Worm.Rbot.OBO [PC Tools]	21
Backdoor.SdBot.DFYR [Ikarus]	19
Backdoor.Win32.Rbot.feh [Kaspersky Lab]	18
Mal/Generic-E [Sophos]	18
W32.IRCBot.Gen [Symantec]	18
Backdoor:Win32/Sdbot [Microsoft]	17
VirTool:Win32/CeeInject.gen!A [Microsoft]	17
WORM_RBOT.GEN-1 [Trend Micro]	17
Backdoor.Win32.SdBot.kef [Kaspersky Lab]	16
Backdoor:Win32/Rbot.JA [Microsoft]	16
not-a-virus.Keygen.Avast [Ikarus]	16
Trojan.DR.IRCBot.Gen.2 [PC Tools]	16
Virus.Win32.Trojan [Ikarus]	16
BKDR_RBOT.FX [Trend Micro]	15
VirTool.Win32.CeeInject [Ikarus]	15
W32.Netsky@mm [Symantec]	15
Worm:Win32/Pushbot.gen [Microsoft]	15
Backdoor.IRCBot [Ikarus]	14
Backdoor.Win32.ForBot.am [Kaspersky Lab]	14
Trojan.Mitglieder [Symantec]	14
VirTool.Win32.DelfInject [Ikarus]	14
VirTool:Win32/CeeInject.gen!J [Microsoft]	14
W32/Inject-DE [Sophos]	14
Backdoor.Win32.IRCBot.bad [Kaspersky Lab]	13
Backdoor.Win32.IRCBot.gen [Kaspersky Lab]	13
Backdoor.Win32.SdBot.awe [Kaspersky Lab]	13
Virus.Win32.IRCBot [Ikarus]	13
Win32/ExprPacked.suspicious [AhnLab]	13
WORM_BAGLE.KI [Trend Micro]	13
Backdoor:Win32/Rbot.JE [Microsoft]	12
Backdoor.SdBot.DFVV [Ikarus]	11
Packed.Win32.Black [Ikarus]	11
Trojan.Lodear [Symantec]	11
Virus.Win32.Virut.n [Kaspersky Lab]	11
W32.Randex.gen [Symantec]	11
Win-Trojan/Xema.variant [AhnLab]	11
Backdoor.IRC!sd6 [PC Tools]	10
Backdoor.SDBot.gjb [PC Tools]	10
Backdoor.Win32.SdBot.bkp [Kaspersky Lab]	10
Backdoor:Win32/Rbot.gen!G [Microsoft]	10
Trojan.KillAV [Symantec]	10
W32.Beagle.EB [Symantec]	10
Worm.Sdbot.ETU [PC Tools]	10
Worm.Win32.Pushbot [Ikarus]	10
Backdoor.IRCBot.WZO [PC Tools]	9
Backdoor.Win32.IRCBot.bib [Kaspersky Lab]	9
Backdoor.Win32.SdBot.hep [Kaspersky Lab]	9
Backdoor.Win32.SdBot.jdh [Kaspersky Lab]	9
Exploit.Win32.Lsass [Ikarus]	9
Mal/Basine-C [Sophos]	9
Trojan-PWS.LDPinch.1417 [Ikarus]	9
Trojan-PWS.Win32.Agent [Ikarus]	9
VirTool.Win32.CeeInject.J [Ikarus]	9

W32/Sdbot.worm [McAfee] has the following possible countries of origin:

Origin		Number of Incidents
	France	34
	Germany	32
	Israel	19
	China	17
	Portugal	15
	United Kingdom	14
	Russian Federation	12
	Canada	6
	Italy	6
	Sweden	6
	Brazil	5
	Spain	4
	South Africa	3
	Poland	2
	Switzerland	2
	Australia	1
	Japan	1
	Netherlands	1
	Serbia and Montenegro	1

W32/Sdbot.worm [McAfee] is known to be created as:

%FontsDir%\msnmsgn.exe

%FontsDir%\svchost.exe

%Profiles%\winserv.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\client.exe

%ProgramFiles%\common files\system\dbot.exe

%ProgramFiles%\common files\system\scvhost.exe

%ProgramFiles%\common files\system\spykiller.exe

%ProgramFiles%\common files\system\svcchost.exe

%ProgramFiles%\common files\system\win32update.exe

%ProgramFiles%\dsfsdfsd\nope.dll

%ProgramFiles%\ghanimx\nope.dll

%ProgramFiles%\pestsweeper\pestsweeper.exe

%Programs%\startup\netdaemon.exe

%Programs%\startup\userinit.exe

%System%\117078.exe

%System%\118984.exe

%System%\advteblc.exe

%System%\agl23.exe

%System%\aheqm.com

%System%\alala.exe

%System%\algr.exe

%System%\algs.exe

%System%\amship.exe

%System%\aolhosts.exe

%System%\app2.exe

%System%\asdfsa.exe

%System%\atixdrivx.exe

%System%\autcpmwq.exe

%System%\autoupdatewin32.exe

%System%\avp.exe

%System%\b7r63.exe

%System%\besim.exe

%System%\binset.exe

%System%\bn.exe

%System%\bnxrqsqc.exe

%System%\bootcli.exe

%System%\bootk.exe

%System%\bootserver.exe

%System%\bootservice.exe

%System%\bootsfv.exe

%System%\bootsv.exe

%System%\bootvfy.exe

%System%\bpnyjyub.exe

%System%\brietwwf.exe

%System%\c1ass.exe

%System%\ccpanele.com

%System%\chkdsker.exe

%System%\cilevb.com

%System%\cisrv.exe

%System%\cliconfig.exe

%System%\cmdasehh.exe

%System%\cmlszu.exe

%System%\comdyfvu.exe

%System%\comservice.exe

%System%\confsjvu.exe

%System%\cpanel.com

%System%\cpaner.com

%System%\cpu.exe

%System%\cqexckc.exe

%System%\crack.exe

%System%\crsss.exe

%System%\csrhost.exe

%System%\csrs.exe

%System%\cssmhc.dll

%System%\cssrss.exe

%System%\csts.exe

%System%\ctfm0unz.exe

%System%\cudlkd.exe

%System%\cvalcydg.exe

%System%\cwaoyulhguj.exe

%System%\cxdvnnx.exe

%System%\cyqwsb.exe

%System%\dasada.exe

%System%\dcomcnf.exe

%System%\ddesam.exe

%System%\dhcp.exe

%System%\direct3dx.dll

%System%\directfxd.exe

%System%\directxd.exe

%System%\dlfksdld.exe

%System%\dllcache\dirhost.com

%System%\dllcache\frehost.exe

%System%\dllcache\ivchost.exe

%System%\dllcache\msnmsgr.exe

%System%\dllcache\mswords.exe

%System%\dllcache\nlsvc32.exe

%System%\dllcache\qhotsew.exe

%System%\dllcache\qxchost.exe

%System%\dllcache\rtsecar.exe

%System%\dllcache\rtsecas.exe

%System%\dllcache\spoolms.exe

%System%\dllcache\sxch0st.exe

%System%\dllcache\sxchost.exe

%System%\dllcache\windmns.exe

%System%\dllcache\winmwta.exe

%System%\dllcache\wintcpack.exe

%System%\dllcache\winxptcp.exe

%System%\dllntlkk.exe

%System%\dllrun.exe

Notes:

%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).