ThreatExpert's Statistics for IRC Trojan [Symantec]:

IRC Trojan [Symantec] is also known as:

Threat Alias	Number of Incidents
Backdoor.Zapchast.EI [PC Tools]	3,954
Troj/Zapchas-EH [Sophos]	2,881
Backdoor.Cloner.BI [Ikarus]	2,680
Backdoor.IRC.Zapchast [Kaspersky Lab]	749
Backdoor.IRC.Zapchast [Ikarus]	701
Backdoor.IRC.Zapchast.zwrc [Kaspersky Lab]	519
VBS/Zapchast [AhnLab]	499
IRC.Zapchast.AQ [PC Tools]	472
IRC/Flood.ev [McAfee]	457
REG_ZAPCHAST.BV [Trend Micro]	441
Mal/Generic-A [Sophos]	249
Backdoor.IRC.Zapchast.zwrc [PC Tools]	242
Backdoor.Win32.Turkojan.gr [Kaspersky Lab]	225
BackDoor-ARL [McAfee]	225
PWS:Win32/Agent.HM [Microsoft]	225
IRC.Flood.CI [PC Tools]	191
IRC.Flood.CJ [PC Tools]	175
IRC/Flood [McAfee]	171
Backdoor.Turkojan [PC Tools]	165
Win-Trojan/Turkojan.290304 [AhnLab]	135
Backdoor.mIRC [PC Tools]	134
IRC/Flood.c [McAfee]	130
Generic.dx [McAfee]	92
Backdoor.IRC.Agent.b [Kaspersky Lab]	91
Trojan.Zapchas.F [Ikarus]	88
BAT.Flood.AH [PC Tools]	81
Bat/knlk [McAfee]	81
Backdoor.Win32.Turkojan [Ikarus]	75
W32/Zapchas-DW [Sophos]	72
IRC_Generic.CON [Trend Micro]	70
Backdoor:IRC/Flood.BZ [Microsoft]	63
Backdoor:Win32/WinBot [Microsoft]	63
IRC/Flood.gen.c [McAfee]	63
IRC_ZAPCHAST.HQ [Trend Micro]	56
mIRC/Zapchast [AhnLab]	54
Trojan.Agent [Ikarus]	52
W32/Sdbot.worm.gen.cc [McAfee]	51
VBS/Xema [AhnLab]	49
Backdoor.IRC.ABN [PC Tools]	48
Trojan.IRC [Ikarus]	47
Troj/IRCFlood-O [Sophos]	44
not-a-virus:Client-IRC.Win32.mIRC.591 [Kaspersky Lab]	39
IRC_Generic [Trend Micro]	37
Generic.dl [McAfee]	36
IRC/Flood.mirc [McAfee]	36
TROJ_AGENT.DAW [Trend Micro]	36
Trojan.Flood.BM [PC Tools]	36
TROJ_Generic [Trend Micro]	34
Backdoor.Ircflood [Ikarus]	33
Trojan.IRCBot [PC Tools]	33
VirTool:Win32/DelfInject.gen!X [Microsoft]	33
Backdoor.IRCBot!sd6 [PC Tools]	31
not-a-virus:Client-IRC.Win32.mIRC.603 [Kaspersky Lab]	31
Backdoor.Turkojan.AD [PC Tools]	30
not-a-virus:PSWTool.Win32.MPR.015 [Ikarus]	30
Troj/Zapchas-DY [Sophos]	28
IRC/Generic Flooder [McAfee]	27
Worm:Win32/Hamweq.E [Microsoft]	26
Generic.du [McAfee]	25
IRC/Flood.i [McAfee]	25
not-a-virus:Client-IRC.Win32.mIRC.507 [Kaspersky Lab]	25
TROJ_FLOOD.C [Trend Micro]	25
Trojan.Win32.Delf.acq [Kaspersky Lab]	25
Trojan.Zapchast!ct [PC Tools]	24
W32/SillyFDC-CK [Sophos]	24
Mal/Zapchas-A [Sophos]	23
Trojan:IRC/Flood.BF [Microsoft]	21
Backdoor.IRC.Cloner.ae [Kaspersky Lab]	20
not-a-virus:Client-IRC.Win32.mIRC.616 [Kaspersky Lab]	20
Generic.Sdbot [Ikarus]	19
PE_Generic [Trend Micro]	18
Backdoor.IRC.Flood.a [Kaspersky Lab]	17
Generic PUP.x [McAfee]	17
not-a-virus:Client-IRC.Win32.mIRC [Ikarus]	17
Backdoor.IRC.Flood.a [PC Tools]	16
Downloader.gen.a [McAfee]	16
IRC/Flood.dh [McAfee]	16
TROJ_DELF.ITU [Trend Micro]	16
TROJ_Generic.ZA [Trend Micro]	16
Trojan-DDoS.Win32.Agent.bs [Kaspersky Lab]	16
BKDR_TURKOJAN.K [Trend Micro]	15
IRC.Flood.BU [PC Tools]	15
TROJ_IRCFLOOD.AW [Trend Micro]	15
Troj/Zapchas-CZ [Sophos]	14
Generic Delphi [McAfee]	13
Net-Worm.Win32.Randon.A [Ikarus]	13
IRC/Flood.fc [McAfee]	12
IRC_Generic.ADV [Trend Micro]	12
Backdoor.IRCBot [PC Tools]	11
Backdoor.Win32.IRCBot.dhr [Kaspersky Lab]	11
mIRC/Agent [AhnLab]	11
not-a-virus:RiskTool.Win32.HideWindows [Kaspersky Lab]	11
Troj/IRCBot-ABP [Sophos]	11
Trojan.Win32.Agent.dlo [Kaspersky Lab]	11
Trojan-DDoS.Win32.Agent.cc [Kaspersky Lab]	11
BackDoor-CEP.svr [McAfee]	10
Net-Worm.Win32.Randon [Ikarus]	10
Trojan.IRC.Flood.ISC [Ikarus]	10
Generic BackDoor [McAfee]	9
Generic Dropper [McAfee]	9

IRC Trojan [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	73
	United Kingdom	21
	China	9
	Canada	7
	Israel	6
	France	3
	Algeria	2
	Germany	2
	Turkey	2
	Brazil	1
	Finland	1
	Spain	1
	Yemen	1

IRC Trojan [Symantec] is known to be created as:

%AllUsersProfile%\clean2.exe

%AppData%\shieldmanager.exe

%CommonPrograms%\strtup\love-_ud.exe

%ProgramFiles%\accessories\backup\system\vsf\expl32.exe

%ProgramFiles%\bifrost\savsae.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\dfsdfsd\lovely.sys

%ProgramFiles%\fptpt.exe

%ProgramFiles%\killsh\lovely.sys

%ProgramFiles%\kjhkjhjk\murder.sys

%ProgramFiles%\microsoft office\office11\services.exe

%ProgramFiles%\microsoft office\office11\smss.exe

%ProgramFiles%\pattyscript\system\data\smarticq\dat\blowfish.dll

%ProgramFiles%\turkojan\twmsico.dll

%System%\1.exe

%System%\agls.exe

%System%\alxres070619.exe

%System%\bifrost\svchost.exe

%System%\cftnom.exe

%System%\cl.dll

%System%\dk\lmz.exe

%System%\dk\reg.dll

%System%\drive\lmz.exe

%System%\drive\reg.dll

%System%\driver\win32.exe

%System%\drivers\etc\cache03\winclock.exe

%System%\drivers\etc\reg.dll

%System%\drivers\etc\tmp7\winclock.exe

%System%\drivers\etc\win.exe

%System%\drivers\etc\wtf22\winclock.exe

%System%\drivers\system\rundll.exe

%System%\emm.exe

%System%\explorer.exe

%System%\firewall.exe

%System%\ielogs\iexp.exe

%System%\iexplorer.exe

%System%\inf\scrsys070619.scr

%System%\instalation-software\id.exe

%System%\instalation-software\reg.dll

%System%\jewkqljlsd.sys

%System%\krln32.exe

%System%\limvire.exe

%System%\load.exe

%System%\lssas.exe

%System%\mnut\csrss.dll

%System%\mnut\msconfger.dll

%System%\mnut\syscmd.dll

%System%\ms.exe

%System%\msnnmaneger.exe

%System%\msq23.exe

%System%\mswsgs.exe

%System%\mui\0406\reg.dll

%System%\mur.sys

%System%\murder.sys

%System%\nbvvbv.exe

%System%\neiom.dll

%System%\nod64.exe

%System%\ntdefend32.dll

%System%\ntkrnl32.dll

%System%\ntswrl32.dll

%System%\oobe\reg.dll

%System%\programs\nt.dll

%System%\programs\svchost.exe

%System%\rlm\windows.exe

%System%\rundll\dll\close.dll

%System%\rundll\dll\protcom.dll

%System%\sadjklwqewjkls.sys

%System%\scif\explorer.exe

%System%\scif\svchost.exe

%System%\server.exe

%System%\services32.exe

%System%\spool.exe

%System%\stemp_01.exe

%System%\stemp_02.exe

%System%\svchost.com

%System%\system advisory\winini.exe

%System%\system dr\cl.dll

%System%\system dr\neiom.dll

%System%\system dr\xxx-spam.dll

%System%\system dr\xxxx-inviter.dll

%System%\system dr\ybn3e.dll

%System%\system dr\ybn4e.dll

%System%\system.exe

%System%\system322.sys

%System%\systemi.exe

%System%\taskmon.exe

%System%\tskmngr.exe

%System%\ttt\l4m3rz.exe

%System%\ttt\reg.dll

%System%\txp\java.dll

%System%\txp\lsass.exe

%System%\txp\regedit.dll

%System%\txp\screen.dll

%System%\txp\sysboot.dll

%System%\txp\syste32.dll

%System%\txp\telnet.dll

%System%\txp\wind.dll

%System%\web\ms32.sys

%System%\web\sacenkg.dll

%System%\wifibooter.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).