ThreatExpert's Statistics for Trojan:Win32/Bumat!rts [Microsoft]:

Trojan:Win32/Bumat!rts [Microsoft] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	415
Mal/Generic-A [Sophos]	238
Generic.dx [McAfee]	225
Trojan.Generic [PC Tools]	165
Win-Trojan/Xema.variant [AhnLab]	112
Mal/Packer [Sophos]	94
Trojan.Peed [Ikarus]	85
Mal/EncPk-GF [Sophos]	84
Troj/Agent-IHE [Sophos]	67
Backdoor.Trojan [Symantec]	47
Trojan.Pakes!sd6 [PC Tools]	42
Trojan.Win32.Pakes [Ikarus]	41
Trojan-Dropper.Agent [Ikarus]	37
Backdoor.Win32.Hupigon [Ikarus]	28
Trojan.Win32.Pakes.lua [Kaspersky Lab]	27
Rootkit.Win32.Agent [Ikarus]	26
Generic.dx!pn [McAfee]	25
Trojan-Clicker.Win32.Agent.hhi [Kaspersky Lab]	25
Win-Trojan/Agent.233472.HA [AhnLab]	25
Hacktool.Rootkit [Symantec]	24
Rootkit.Win32.Agent.isz [Kaspersky Lab]	24
Trojan.Win32.FlyStudio.mi [Kaspersky Lab]	24
Win-Trojan/Agent.4352.G [AhnLab]	24
Generic Rootkit.dm [McAfee]	21
Infostealer [Symantec]	21
Trojan.Win32.Pakes.lue [Kaspersky Lab]	20
Trojan.Win32.Pakes.luf [Kaspersky Lab]	20
Win-Trojan/Agent.52038 [AhnLab]	20
Win-Trojan/Pakes.217088.D [AhnLab]	18
Generic.d!a [McAfee]	16
Generic.dx!cw [McAfee]	16
Generic.dx!dj [McAfee]	16
not-a-virus.Patch.IDM [Ikarus]	16
Trojan.Generic [Ikarus]	16
Backdoor.Trojan [PC Tools]	15
Generic BackDoor [McAfee]	14
not-a-virus:AdWare.Win32.SearchAssistant [Ikarus]	13
Win-Trojan/OnlineGameHack.39424.Z [AhnLab]	12
Win-Trojan/Pakes.323584.E [AhnLab]	12
Win-Trojan/Peed.40960.V [AhnLab]	12
Backdoor.VB.GEN [PC Tools]	11
Backdoor.Win32.Shark.dxa [Kaspersky Lab]	11
HackTool.Win32.Patcher.A [Ikarus]	11
Trojan.Win32.Agent [Ikarus]	10
Backdoor.Win32.VB [Ikarus]	9
Generic PWS.y [McAfee]	9
Hacktool.HideWindow [Symantec]	9
Suspicious.MH690 [Symantec]	9
Trojan.Win32.Genome [Ikarus]	9
Virus.Win32.Trojan [Ikarus]	9
Mal/EncPk-NB, Mal/EncPk-GF, Mal/EncPk-GF [Sophos]	8
Win-Trojan/Peed.40960.ES [AhnLab]	8
Win-Trojan/Peed.73728.AW [AhnLab]	8
New Malware.aj [McAfee]	7
Packed/Upack [AhnLab]	7
Trojan.Packed [Ikarus]	7
Gen.Trojan [Ikarus]	6
Troj/FakeAv-XL [Sophos]	6
Trojan.Fakeavalert [Symantec]	6
Trojan-Spy.Win32.FlyStudio.byd [Kaspersky Lab]	6
Win-Trojan/Peed.40960.FL [AhnLab]	6
Backdoor.Win32.Agent.afub [Kaspersky Lab]	5
BackDoor-DRV.gen.c [McAfee]	5
Generic FakeAlert.a [McAfee]	5
HideRun [McAfee]	5
not-a-virus:FraudTool.Win32.WinAntiVirus.iv [Kaspersky Lab]	5
Trojan.Fakealert [Ikarus]	5
Trojan.Win32.Pasta [Ikarus]	5
Trojan-Spy.Win32.Agent [Ikarus]	5
Win-Trojan/FakeAv.163840 [AhnLab]	5
Backdoor.Agent!sd6 [PC Tools]	4
Backdoor.Win32.Protux.in [Kaspersky Lab]	4
BackDoor-EFG [McAfee]	4
BehavesLike [Ikarus]	4
Generic StartPage [McAfee]	4
Generic.dx!cwy [McAfee]	4
Generic.dx!dp [McAfee]	4
Generic.dx!fc [McAfee]	4
Generic.dx!t [McAfee]	4
HackTool.HideWindows [PC Tools]	4
Mal/Emogen-H [Sophos]	4
not-a-virus.Keygen.DivX [Ikarus]	4
OScope.Dialer.GMHA [Ikarus]	4
Troj/Protux-Gen [Sophos]	4
Trojan.Win32.Agent.cbeq [Kaspersky Lab]	4
Trojan.Win32.Agent.ciox [Kaspersky Lab]	4
Trojan.Win32.Genome.lhh [Kaspersky Lab]	4
Trojan-Downloader.Agent [Ikarus]	4
Trojan-PSW.Generic [PC Tools]	4
Trojan-PWS.Magania [PC Tools]	4
Trojan-Spy.Win32.FlyStudio [Ikarus]	4
Virus.Win32.Horse.O [Ikarus]	4
Vundo.gen.cg [McAfee]	4
W32.SillyDC [Symantec]	4
W32/Generic.d [McAfee]	4
Win32.SuspectCrc [Ikarus]	4
Win-Trojan/Agent.11776.ER [AhnLab]	4
Win-Trojan/Agent.360448.AH [AhnLab]	4
Win-Trojan/Pasta.73728.C [AhnLab]	4
Win-Trojan/Peed.40960.CU [AhnLab]	4

Trojan:Win32/Bumat!rts [Microsoft] has the following possible countries of origin:

Origin		Number of Incidents
	China	23
	Germany	12
	Russian Federation	8
	Republic of Korea	7
	United Kingdom	7
	France	5
	Australia	3
	Brazil	3
	Finland	3
	Norway	3
	Saudi Arabia	2
	Spain	2
	Canada	1
	Costa Rica	1
	Czech Republic	1
	Iraq	1
	Israel	1
	Italy	1
	Morocco	1
	Poland	1
	Switzerland	1
	Taiwan	1
	Ukraine	1

Trojan:Win32/Bumat!rts [Microsoft] is known to be created as:

%AppData%\iecheck.exe

%CommonAppData%\431ae0b6.exe

%ProgramFiles%\008filecut\008filecut.exe

%ProgramFiles%\dfsdfsd\hd.exe

%ProgramFiles%\funpop\funpop.dll

%ProgramFiles%\h.f. tools\h.f. tools\files\autophishv2.exe

%ProgramFiles%\happycoin\ieservice.exe

%ProgramFiles%\happycoin\livestll.dll

%ProgramFiles%\happycoin\livestll.exe

%ProgramFiles%\rewardpot\rewardpot.exe

%ProgramFiles%\smart install maker\data\stub.exe

%ProgramFiles%\sniffpass\sniffpass.exe

%ProgramFiles%\tueagles\eagler.dll

%ProgramFiles%\voicemask\b-patch.exe

%ProgramFiles%\winwin\win10.exe

%System%\25360\stare.exe

%System%\360tray.exe

%System%\ads\protectedstorage.dll

%System%\ads\urldownload.dll

%System%\ajjlv5.5\winio.dll

%System%\charm.exe

%System%\cheak_hook.dll

%System%\deluxe.exe

%System%\disksata.exe

%System%\dllcache\kdrc.dll

%System%\drivers\kdrc.dll

%System%\drivers\pcidump.sys

%System%\filesafe.dll

%System%\imgpsup.dll

%System%\intenat.exe

%System%\jazzhackerpro.exe

%System%\loic.exe

%System%\msnwshoot.exe

%System%\mstooltaskbar.exe

%System%\programs\hiderun.exe

%System%\qmacro\winio.dll

%System%\qmqr.dll

%System%\resesmgr.exe

%System%\skinh_el.dll

%System%\sslmgr.exe

%System%\winphk.dll

%System%\wmisvc.dll

%System%\wssvc7.dll

%System%\wuausrv.dll

%System%\zlib.dll

%Temp%\{db98d9a0-6865-4107-8aec-2f01578566d2}\scripts\run.exe

%Temp%\1.exe

%Temp%\113265.exe

%Temp%\1433023130.dll

%Temp%\2.exe

%Temp%\3852724012.dll

%Temp%\4.exe

%Temp%\6.exe

%Temp%\6609440684.dll

%Temp%\7.exe

%Temp%\aimpixel\wannabepixelaimbotv2\wannabepixelaimbot.dll

%Temp%\air\keygen.exe

%Temp%\bbdd.exe

%Temp%\cr100.exe

%Temp%\demo\hostdll.dll

%Temp%\e_n4\zlib.dll

%Temp%\install.exe

%Temp%\ixp000.tmp\blue.iris.2.2.6.2-patch.exe

%Temp%\ixp000.tmp\keygen.exe

%Temp%\ixp000.tmp\patch.exe

%Temp%\ixp000.tmp\update.exe

%Temp%\jazzhackerpro.exe

%Temp%\keygen.exe

%Temp%\keygen\keygen.exe

%Temp%\mgasetup.exe

%Temp%\patch.exe

%Temp%\plugins\slysoft.dll

%Temp%\rarsfx0\1.exe

%Temp%\rarsfx0\resetactivation2010.exe

%Temp%\sose.exe

%Temp%\stealthtools2\stub\pack.exe

%Temp%\tmp2.exe

%Temp%\trial-reset.exe

%Temp%\uninst.exe

%Temp%\uninstall.exe

%Temp%\wps2007.30419.0.exe

%Temp%\ymsg13.dll

%Windir%\13221.exe

%Windir%\fffff.exe

%Windir%\file_2.exe

%Windir%\jazzhackerpro.exe

%Windir%\mui\jazzhackerpro.exe

%Windir%\registration\winupd.exe

%Windir%\run.exe

%Windir%\stare.exe

%Windir%\svchast.exe

%Windir%\system\jazzhackerpro.exe

%Windir%\system\programas\hiderun.exe

%Windir%\trial-reset.exe

%Windir%\windump.exe

c:\autorun.inf\rundll32.exe

c:\fauxvirus\trouver_quit.exe

c:\recycled\msn\hiderun.exe

c:\recycled\rundll32.exe

c:\temp2\bit\init.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.