ThreatExpert's Statistics for Backdoor.Win32.IRCBot [Ikarus]:

Backdoor.Win32.IRCBot [Ikarus] is also known as:

Threat Alias	Number of Incidents
Win32/IRCBot.worm.variant [AhnLab]	317
BackDoor-DVR [McAfee]	282
Backdoor.Win32.IRCBot.jvw [Kaspersky Lab]	247
Backdoor.Trojan [Symantec]	245
VirTool:Win32/CeeInject.gen!R [Microsoft]	245
Mal/Inject-M [Sophos]	226
Backdoor.IRCBot!sd6 [PC Tools]	221
Trojan Horse [Symantec]	104
W32/Sdbot.worm [McAfee]	97
Mal/Generic-A [Sophos]	66
Backdoor.Win32.IRCBot.aro [Kaspersky Lab]	59
W32.Spybot.Worm [Symantec]	58
Backdoor.IRC.Bot [Symantec]	56
Backdoor.Win32.IRCBot.gen [Kaspersky Lab]	55
Backdoor.IRCBot.UUX [PC Tools]	52
W32.IRCBot [Symantec]	50
W32.IRCBot.Gen [Symantec]	49
Suspicious.MH690 [Symantec]	48
Mal/EncPk-BU, Mal/Packer, Mal/EncPk-BA [Sophos]	44
Backdoor.Win32.IRCBot.irl [Kaspersky Lab]	42
Mal/Bckdr-C, Mal/Inject-M [Sophos]	38
Backdoor.Win32.IRCBot.csk [Kaspersky Lab]	30
Win32/IRCBot.worm.Gen [AhnLab]	30
Win-Trojan/Xema.variant [AhnLab]	29
Generic.dx [McAfee]	28
Mal/UnkPack-Fam [Sophos]	24
Mal/Emogen-E, Mal/Packer [Sophos]	23
W32/Sdbot.worm.gen.a [McAfee]	22
Worm:Win32/Pushbot.gen [Microsoft]	21
Backdoor:Win32/IRCbot.gen!K [Microsoft]	20
W32/Spybot.worm.gen [McAfee]	19
WORM_SDBOT.GAV [Trend Micro]	19
Mal/Packer [Sophos]	18
TROJ_AGENT.AXAT [Trend Micro]	18
Backdoor:Win32/Agent [Microsoft]	17
Mal/Behav-285 [Sophos]	17
Worm:Win32/Pushbot.gen!C [Microsoft]	17
Backdoor:Win32/IRCbot [Microsoft]	16
W32/Generic.b.worm [McAfee]	16
Backdoor:Win32/Gaertob.A [Microsoft]	15
W32.SillyFDC [Symantec]	15
Generic BackDoor [McAfee]	14
Generic QHosts.a.gen [McAfee]	14
New Malware.dw [McAfee]	14
VirTool:Win32/CeeInject.B [Microsoft]	14
BKDR_IRCBOT.AGF [Trend Micro]	13
New Malware.b [McAfee]	13
VirTool:Win32/CeeInject.gen!J [Microsoft]	13
Backdoor.Win32.IRCBot.htj [Kaspersky Lab]	11
Backdoor:Win32/Rbot [Microsoft]	11
Troj/Agent-IXG [Sophos]	11
W32/AutoInf-F [Sophos]	11
W32/Autorun.worm.u [McAfee]	11
Worm.Win32.AutoRun.aho [Kaspersky Lab]	11
Backdoor:Win32/Phostiko.gen!A [Microsoft]	10
Trojan.Win32.Qhost.cm [Kaspersky Lab]	10
Backdoor:Win32/Bifrose.ACI [Microsoft]	9
BackDoor-CEP.svr [McAfee]	9
Mal/Behav-167 [Sophos]	9
not-a-virus:FraudTool.Win32.PcPrivacyCleaner.t [Kaspersky Lab]	9
Troj/Inject-DA [Sophos]	9
Backdoor.Win32.IRCBot.lwb [Kaspersky Lab]	8
Backdoor:Win32/Momibot.gen!B [Microsoft]	8
Backdoor:Win32/Sdbot [Microsoft]	8
Downloader [Symantec]	8
Exploit-DcomRpc.gen [McAfee]	8
Trojan:Win32/Ircbrute [Microsoft]	8
Trojan:Win32/Meredrop [Microsoft]	8
VirTool:Win32/Vbinder.gen!G [Microsoft]	8
Mal/IRCBot-J [Sophos]	7
Mal/SillyFDC-A, Mal/Behav-150 [Sophos]	7
Backdoor.Sdbot [Symantec]	6
New Malware.jn [McAfee]	6
PE_VIRUT.A [Trend Micro]	6
Virus.Win32.Virut.n [Kaspersky Lab]	6
W32/IRCbot.gen.a [McAfee]	6
W32/Virut.a [McAfee]	6
W32/Virut-T [Sophos]	6
Win-Trojan/AutoRun.550912 [AhnLab]	6
Worm:Win32/Kulsibot.A [Microsoft]	6
Worm:Win32/Spybot.CE [Microsoft]	6
Backdoor.Win32.IRCBot.guq [Kaspersky Lab]	5
Backdoor.Win32.IRCBot.hti [Kaspersky Lab]	5
Backdoor:Win32/Rbot.gen [Microsoft]	5
Infostealer.Gampass [Symantec]	5
Suspicious.Skintrim [Symantec]	5
Troj/IRCBot-ADH [Sophos]	5
Trojan.Dropper [Symantec]	5
Trojan.IRCBot [PC Tools]	5
TrojanDropper:Win32/Hostil.B [Microsoft]	5
W32/IRCBot.worm.gen.ai [McAfee]	5
W32/Spybot.worm!e [McAfee]	5
Win32.Virut.Gen [PC Tools]	5
Worm.Win32.AutoRun.fbr [Kaspersky Lab]	5
WORM_RBOT.GEN-1 [Trend Micro]	5
Backdoor.IRC [PC Tools]	4
Backdoor.Win32.IRCBot.dry [Kaspersky Lab]	4
Backdoor.Win32.IRCBot.jsn [Kaspersky Lab]	4
Backdoor.Win32.IRCBot.juc [Kaspersky Lab]	4
Backdoor:Win32/Rbot.gen!G [Microsoft]	4

Backdoor.Win32.IRCBot [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	China	32
	Sweden	26
	Israel	13
	Russian Federation	13
	France	9
	Italy	7
	United Kingdom	7
	Slovakia	6
	Brazil	4
	Portugal	3
	Republic of Korea	3
	Spain	3
	Germany	2
	Japan	2
	Australia	1
	Ireland	1
	Poland	1
	Saudi Arabia	1
	Taiwan	1

Backdoor.Win32.IRCBot [Ikarus] is known to be created as:

%AppData%\bifrost\server.exe

%CommonPrograms%\startup\servi.exe

%FontsDir%\svchost.exe

%FontsDir%\unwise_.exe

%Profiles%\no_love_6.exe

%ProgramFiles%\ascii art generator\aag.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifrost\win.exe

%ProgramFiles%\bot\pad.exe

%ProgramFiles%\common files\system\googleupdate.exe

%ProgramFiles%\defa\defat.exe

%ProgramFiles%\dsfsdfsd\nope.dll

%ProgramFiles%\ghanimx\nope.dll

%ProgramFiles%\lssas\lssas.exe

%ProgramFiles%\media\c-media.exe

%ProgramFiles%\micosoft\micosoft.exe

%ProgramFiles%\microsoft\experience.exe

%ProgramFiles%\stub.exe

%ProgramFiles%\system\server.exe

%ProgramFiles%\windowsdll\windows.exe

%ProgramFiles%\xi\nettransport 2\nettransport.exe

%Programs%\startup\sexy.exe

%System%\090514-2-1.exe

%System%\090514-a-1.exe

%System%\1520gr6r1512.png.exe

%System%\3.exe

%System%\aig.exe

%System%\algs.exe

%System%\asdfsa.exe

%System%\besim.exe

%System%\bifrost\msnmssgr.exe

%System%\bifrost\server.exe

%System%\bifrost\sestem.exe

%System%\bifrost\svchost.exe

%System%\cftmon.exe

%System%\cool.exe

%System%\csrs.exe

%System%\dasada.exe

%System%\dllcache\mswords.exe

%System%\dllcache\sxch0st.exe

%System%\eiyi.exe

%System%\explora.exe

%System%\explorer.exe

%System%\fservice.exe

%System%\google\msn.exe

%System%\hpdrv.exe

%System%\iexplore.exe

%System%\iexplorer.exe

%System%\inicioms\svchost.exe

%System%\irbme.exe

%System%\isass.exe

%System%\klass.exe

%System%\lockx.exe

%System%\lssas.exe

%System%\msmsgs.exe

%System%\msn\msn.exe

%System%\msnrmgs.exe

%System%\mstc.exe

%System%\nservice.exe

%System%\nvrsol32.dll

%System%\plugin.exe

%System%\rpcsvc.exe

%System%\rsfouad\gess.exe

%System%\server.exe

%System%\servi.exe

%System%\shdocvw.exe

%System%\smsc.exe

%System%\spoolsvc.exe

%System%\supdate.exe

%System%\system\system.exe

%System%\system\wingrad.exe

%System%\system233\idm16.exe

%System%\trtr\rgfd.exe

%System%\vcrt80.exe

%System%\wgareg.exe

%System%\winamp.exe

%System%\wincom.exe

%System%\winetlib.exe

%System%\winmessengerlive.exe

%System%\winsony.exe

%System%\winspooler.exe

%System%\wplayer.exe

%System%\wuauclt.dll

%System%\wupdate.exe

%Temp%\- indetectables x crypter by logan - fud\stub.exe

%Temp%\090514-2-1.exe

%Temp%\090514-a-1.exe

%Temp%\090521-6-4.exe

%Temp%\090523-4-11.exe

%Temp%\0gmzofm.exe

%Temp%\1.exe

%Temp%\2.exe

%Temp%\24.exe

%Temp%\26.exe

%Temp%\30.exe

%Temp%\480045.exe

%Temp%\779737reptile.exe

%Temp%\7x5ss92f81.exe

%Temp%\a200958201a12.exe

%Temp%\a200958201a22.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).