ThreatExpert's Statistics for IRC.Backdoor.Trojan [Symantec]:

IRC.Backdoor.Trojan [Symantec] is also known as:

Threat Alias	Number of Incidents
REG_ZAPCHAST.ED [Trend Micro]	18,582
Reg/IRCSpoolsv [McAfee]	18,126
Backdoor.IRC.Zapchast.zwrc [Kaspersky Lab]	14,936
Backdoor.IRC.Zapchast [Ikarus]	13,570
Trojan.RunKeys [PC Tools]	13,224
REG/Zapchast [AhnLab]	3,648
Backdoor.Zapchast [Ikarus]	2,166
Trojan.DL.VB.AAVI [PC Tools]	1,135
BKDR_CIADOOR.EA [Trend Micro]	814
Backdoor.IRC.Bot [Symantec]	810
Trojan-Downloader.Win32.VB.bsa [Kaspersky Lab]	661
Downloader.gen.a [McAfee]	654
not-a-virus:Client-IRC.Win32.mIRC.603 [Kaspersky Lab]	572
Renamed mIRC Client [McAfee]	382
not-a-virus:Client-IRC.Win32.mIRC.59 [Kaspersky Lab]	346
Trojan mIRC Client [McAfee]	265
Backdoor.mIRC [PC Tools]	256
IRC/Flood.mirc [McAfee]	247
IRC-Worm.Win32.Tedeto.a [Ikarus]	233
BrowserModifier:Win32/IGetNet [Microsoft]	224
Troj/IRCFlood-T [Sophos]	224
TROJ_INFECTED.AY [Trend Micro]	210
Generic.dx [McAfee]	199
Win-Trojan/MircPack.1790464 [AhnLab]	150
TROJ_DLOADER.FXN [Trend Micro]	139
Backdoor.IRCBot [PC Tools]	127
IRC.Flood.CI [PC Tools]	91
Downloader-BJM [McAfee]	85
Troj/Agent-GGQ [Sophos]	85
TrojanDownloader:Win32/VB [Microsoft]	81
Backdoor.IRC.Zapchast [PC Tools]	79
IRC/Client [McAfee]	72
TROJ_Generic [Trend Micro]	64
Backdoor.IRC.Zapchast [Kaspersky Lab]	60
TROJ_DLOADER.KYU [Trend Micro]	57
Win-Trojan/Xema.variant [AhnLab]	53
not-a-virus:Client-IRC.Win32.mIRC.602 [Kaspersky Lab]	52
not-a-virus:Client-IRC.Win32.mIRC [Ikarus]	47
not-a-virus:Client-IRC.Win32.mIRC.601 [Kaspersky Lab]	46
Troj/Mirchack-L [Sophos]	45
Virus.Win32.VB.FXE [Ikarus]	43
Backdoor.Trojan [Symantec]	42
Trojan.IRC-Backdoor [PC Tools]	39
Backdoor:Win32/Kirsun.A [Microsoft]	33
Troj/Kirsun-A [Sophos]	33
BKDR_IRCBOT.BMF [Trend Micro]	32
TROJ_IRCFLOOD.O [Trend Micro]	32
BKDR_MIRC.AA [Trend Micro]	30
Mal/Generic-A [Sophos]	29
mIRC/Zapchast [AhnLab]	27
Troj/Zapchas-DN [Sophos]	27
Generic PUP.x [McAfee]	25
Troj/Zapchas-EJ [Sophos]	24
Win-Trojan/Kirsun.652800 [AhnLab]	24
not-a-virus:Client-IRC.Win32.mIRC.616 [Kaspersky Lab]	20
Backdoor.Generic [Ikarus]	18
Backdoor.IRC!ct [PC Tools]	18
Backdoor.IRCBot.XGK [PC Tools]	18
BKDR_KIRSUN.A [Trend Micro]	18
Generic IRC.b [McAfee]	15
VirTool:Win32/VBInject.C [Microsoft]	14
Backdoor:Win32/IRCbot [Microsoft]	13
W32/Vbbot [McAfee]	13
BKDR_CIADOOR.BU [Trend Micro]	12
BKDR_IRC.AJ [Trend Micro]	12
Backdoor:Win32/mIRCbased [Microsoft]	11
not-a-virus:Client-IRC.Win32.mIRC.60 [Kaspersky Lab]	11
TROJ_DLOADER.YGM [Trend Micro]	11
Backdoor:Win32/Lamin.A [Microsoft]	10
IRC-Worm.Generic [Ikarus]	10
Mal/Behav-211 [Sophos]	10
Troj/Zapchas-U [Sophos]	10
Virus.Win32.Zapchast.CR [Ikarus]	10
Backdoor.Hupigon.GEN [PC Tools]	9
Backdoor.IRC.Besik.A [Ikarus]	9
Generic PUP.i [McAfee]	9
not-a-virus:Client-IRC.Win32.mIRC.561 [Kaspersky Lab]	9
Trojan-Dropper.Win32.VB.ams [Kaspersky Lab]	9
VirTool:Win32/Vtub.BY [Microsoft]	9
Generic Downloader.x [McAfee]	8
Mal/EncPk-FL [Sophos]	8
Trojan-Downloader.VB!sd6 [PC Tools]	8
Packed.Win32.Klone [Ikarus]	7
TROJ_DROPPER.ACO [Trend Micro]	7
Virus.Win32.SdBot.4142 [Ikarus]	7
Backdoor.IRC.ABN [PC Tools]	6
BKDR_IRCFLOOD.AC [Trend Micro]	6
Trojan-Spy.Win32.Logger.e [Kaspersky Lab]	6
Win32/IRCBot.worm.variant [AhnLab]	6
Backdoor.Win32.VanBot.ll [Kaspersky Lab]	5
Gen.Trojan [Ikarus]	5
Virus.Win32.TratBHO [Ikarus]	5
W32/Nirbot.worm [McAfee]	5
Win-Trojan/Poisonivy.159247 [AhnLab]	5
Backdoor:Win32/IRCbot.S [Microsoft]	4
BKDR_IRCFLOOD.AG [Trend Micro]	4
Generic PUP.z [McAfee]	4
Generic PWS.y [McAfee]	4
not-a-virus:Client-IRC.Win32.mIRC.591 [Kaspersky Lab]	4
Troj/Banker-APQ [Sophos]	4

IRC.Backdoor.Trojan [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	United Kingdom	14
	Russian Federation	10
	Germany	2
	Australia	1
	China	1
	France	1
	Netherlands	1
	Portugal	1
	Spain	1

IRC.Backdoor.Trojan [Symantec] is known to be created as:

%FontsDir%\svchost.exe

%FontsDir%\system.exe

%FontsDir%\taksmgr.exe

%FontsDir%\wacult.exe

%ProgramFiles%\%systemdir%\system32.exe

%ProgramFiles%\%systemdir%\winasc.exe

%ProgramFiles%\dfdsfs\kiss.exe

%ProgramFiles%\fsdfs\kiss.exe

%ProgramFiles%\kari\zlip.exe

%ProgramFiles%\killsh\kiss.exe

%ProgramFiles%\kjhkjhjk\kiss.exe

%ProgramFiles%\microsoft office\office11\smss.exe

%ProgramFiles%\mirc\mirc.exe

%ProgramFiles%\sdfsdfs\kiss.exe

%System%\bigslaps.exe

%System%\blablabla.exe

%System%\bulmirc2\bulmirc2.exe

%System%\cache\spoolsvr.exe

%System%\caves.exe

%System%\coded.exe

%System%\cssrss.exe

%System%\czvhost.exe

%System%\dll\nvidia.exe

%System%\dllcache\svhost.exe

%System%\drivers\etc\svchost.exe

%System%\drivers\nvidia\dll\rundll.exe

%System%\drivers\nvidia\dll\svchost.exe

%System%\dxdll\svchost.exe

%System%\explorer.exe

%System%\include\svchost.exe

%System%\karakirli.exe

%System%\kiss.exe

%System%\kits.exe

%System%\litse.exe

%System%\manager.exe

%System%\mas.com

%System%\microsoft\crypto\rsa\machinekeys\system\desktop.exe

%System%\mirc.exe

%System%\mirc\mirc.exe

%System%\mnut\wacult.exe

%System%\mouse\svchost.exe

%System%\oobe\svchost.exe

%System%\pirc_script2_1solar\pirc.exe

%System%\postcards.gif\svchost.exe

%System%\psycho.exe

%System%\pusyy.exe

%System%\remote.exe

%System%\restore\font\systems\system.exe

%System%\root-serv2\setups.exe

%System%\rundll\dll\nvidia.exe

%System%\schost.exe

%System%\security\ssms.exe

%System%\servces.exe

%System%\setups\setups.exe

%System%\shellext\czvhost.exe

%System%\shellext\svchost.exe

%System%\spoolsvs.exe

%System%\ss.exe

%System%\stemp_02.exe

%System%\taksmgr.exe

%System%\taraflive\czvhost.exe

%System%\tasmgr.exe

%System%\userm.exe

%System%\wacult.exe

%System%\wbcmgr.exe

%System%\web\windows.exe

%System%\werasd.exe

%System%\windows.exe

%System%\windows95.exe

%System%\windowsupdt.exe

%System%\wings.exe

%System%\winservicess.exe

%System%\winsys36.com

%System%\wintmp.exe

%System%\winxp.exe

%System%\ybn2e.dll

%Temp%\22.exe

%Temp%\28.exe

%Temp%\gsf2\antispyrus.exe

%Temp%\gsf2\servces.exe

%Temp%\gsf2\servicess.exe

%Temp%\ixp000.tmp\server.exe

%Temp%\rarsfx0\kiss.exe

%Temp%\server.exe

%Temp%\setup.exe

%Temp%\ttemp_01.exe

%Temp%\ttemp_02.exe

%UserProfile%\lsass.exe

%Windir%\ccalc.exe

%Windir%\config32\svchost.exe

%Windir%\font\font\sytem\system.exe

%Windir%\font\system.exe

%Windir%\inf\inf.dll\lsass.exe

%Windir%\inf\svchost.exe

%Windir%\irfnga.exe

%Windir%\msagent\inf\svchost.exe

%Windir%\msdotfix.exe

%Windir%\ok\taksmgr.exe

%Windir%\pantek\svchost.exe

%Windir%\psycho.exe

Notes:

%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.