ThreatExpert's Statistics for Trojan.Win32.Buzus [Ikarus]:

Trojan.Win32.Buzus [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	180
Mal/Generic-A [Sophos]	137
Generic.dx [McAfee]	94
Troj/Agent-IHO [Sophos]	42
Trojan.Buzus [PC Tools]	34
Trojan.Generic [PC Tools]	31
W32.Spybot.Worm [Symantec]	30
Backdoor:Win32/Buzus.C [Microsoft]	29
Win-Trojan/Buzus.38912.U [AhnLab]	29
Trojan.Buzus!sd6 [PC Tools]	28
Generic PUP.x [McAfee]	27
Mal/Behav-179, Mal/Dropper-G [Sophos]	25
Mal/VB-Z [Sophos]	25
Trojan.Midgare.EYZ [PC Tools]	23
Trojan.Win32.Buzus.hts [Kaspersky Lab]	21
Backdoor.Trojan [Symantec]	19
Downloader [Symantec]	19
W32.IRCBot [Symantec]	19
Win-Trojan/Xema.variant [AhnLab]	19
Trojan.Buzus.acfn [PC Tools]	17
Worm:Win32/Prolaco.gen!C [Microsoft]	14
Packed.Generic.266 [Symantec]	12
Suspicious.MH690 [Symantec]	12
Trojan.Buzus.hts [PC Tools]	12
VirTool:Win32/DelfInject.gen!X [Microsoft]	12
W32.Ackantta.B@mm [Symantec]	12
HeurEngine.MaliciousPacker [PC Tools]	11
Mal/Behav-103 [Sophos]	11
Mal/Binder-B [Sophos]	11
PWS-LegMir.dll [McAfee]	11
Trojan.Win32.Buzus.aaih [Kaspersky Lab]	11
VirTool:Win32/CeeInject.gen!A [Microsoft]	11
Mal/CryptBox-A [Sophos]	10
Mal/EncPK-LL [Sophos]	10
VirTool:Win32/DelfInject.gen!AC [Microsoft]	10
Email-Worm.Ackantta [PC Tools]	9
PWS:Win32/Yokoyou.A [Microsoft]	9
Trojan.Virantix.C [Symantec]	9
Trojan.Win32.Agent.cdaq [Kaspersky Lab]	9
Trojan.Win32.Buzus.aeip [Kaspersky Lab]	9
Trojan.Win32.Swisyn.ltd [Kaspersky Lab]	9
Trojan.Win32.VB.ekb [Kaspersky Lab]	9
Trojan:Win32/Dursg.B [Microsoft]	9
Trojan:Win32/Meredrop [Microsoft]	9
TrojanDownloader:Win32/Rudeflate.gen!A [Microsoft]	9
VirTool:Win32/VBInject.gen!C [Microsoft]	9
VirTool:Win32/VBInject.gen!CH [Microsoft]	9
Win-Trojan/Agent.30824 [AhnLab]	9
Win-Trojan/Inject.26141 [AhnLab]	9
BackDoor-DOQ [McAfee]	8
Net-Worm.Win32.Kolab.asj [Kaspersky Lab]	8
Trojan.Win32.Buzus.acxp [Kaspersky Lab]	8
Trojan.Win32.Buzus.iij [Kaspersky Lab]	8
VirTool:Win32/CeeInject.gen!J [Microsoft]	8
VirTool:Win32/DelfInject.gen!S [Microsoft]	8
VirTool:Win32/VBInject.gen!BA [Microsoft]	8
VirTool:Win32/VBInject.gen!CN [Microsoft]	8
W32/Pushbot.a [McAfee]	8
Backdoor.Bifrose [Symantec]	7
Generic Dropper [McAfee]	7
Mal/Inject-Gen [Sophos]	7
Troj/Merein-Gen [Sophos]	7
Trojan.Donbot [Symantec]	7
Trojan.Win32.Buzus.adbl [Kaspersky Lab]	7
Trojan:Win32/Vake.B [Microsoft]	7
VirTool:Win32/DelfInject.gen!AF [Microsoft]	7
Backdoor.Trojan [PC Tools]	6
Backdoor.Win32.Rbot.wor [Kaspersky Lab]	6
Dropper/Sramler.47460 [AhnLab]	6
Email-Worm.Prolaco.GEN [PC Tools]	6
Generic Dropper!hv.f [McAfee]	6
Net-Worm.Kolab!sd6 [PC Tools]	6
Troj/Agent-MAU [Sophos]	6
Trojan.Win32.Agent.alld [Kaspersky Lab]	6
Trojan.Win32.Agentb.t [Kaspersky Lab]	6
Trojan.Win32.Buzus.acee [Kaspersky Lab]	6
Trojan.Win32.Buzus.bjim [Kaspersky Lab]	6
Trojan.Win32.Buzus.bkxc [Kaspersky Lab]	6
Trojan-Dropper.Win32.Mudrop.bmg [Kaspersky Lab]	6
TrojanDropper:Win32/VBInject.B [Microsoft]	6
VirTool:Win32/DelfInject.gen!U [Microsoft]	6
VirTool:Win32/VBInject.gen!CE [Microsoft]	6
W32.SillyFDC [Symantec]	6
W32/Xirtem@MM [McAfee]	6
Win-Trojan/Buzus.239616.G [AhnLab]	6
Backdoor.IRC.Bot [Symantec]	5
Backdoor.IRCBot!sd5 [PC Tools]	5
Backdoor.Win32.Bifrose.qjy [Kaspersky Lab]	5
Backdoor:Win32/Poisonivy.E [Microsoft]	5
BackDoor-CEP [McAfee]	5
Generic.dx!neb [McAfee]	5
Infostealer.Gampass [Symantec]	5
Mal/Behav-328, Mal/Sramler-A, Mal/Dropper-G [Sophos]	5
Mal/Emogen-I [Sophos]	5
Mal/VBPck-A [Sophos]	5
Troj/Buzinj-A [Sophos]	5
Trojan.Dropper [Symantec]	5
Trojan.IRCBot [PC Tools]	5
Trojan.Win32.Buzus.aapd [Kaspersky Lab]	5
Trojan.Win32.Buzus.aebw [Kaspersky Lab]	5

Trojan.Win32.Buzus [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Brazil	44
	Slovenia	43
	Germany	35
	Sweden	18
	China	15
	Russian Federation	12
	Spain	10
	Switzerland	10
	Canada	5
	United Kingdom	5
	Belgium	4
	Taiwan	4
	France	3
	Italy	3
	Netherlands	3
	Croatia	1
	Egypt	1
	Indonesia	1
	Israel	1
	Japan	1
	Saudi Arabia	1

Trojan.Win32.Buzus [Ikarus] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\iexplorer.exe

%AppData%\kf8ze.exe

%AppData%\microsoft\svchost.exe

%AppData%\microsoft\windows\lsass.exe

%AppData%\pfrbde.exe

%AppData%\shieldmanager.exe

%AppData%\systemproc\lsass.exe

%CommonPrograms%\startup\livemessenger.scr

%DesktopDir%\manager.exe

%DesktopDir%\setup_ver1.1402.1.exe

%DesktopDir%\setup_ver1.1585.2.exe

%DesktopDir%\vc_crypted.exe

%MyDocuments%\winupdater09.exe

%ProgramFiles%\bifrost\lol2.exe

%ProgramFiles%\bifrost\server.exe

%ProgramFiles%\bifrost\serveur.exe

%ProgramFiles%\common files\system\supersoft.exe

%ProgramFiles%\common files\system\svchost.exe

%ProgramFiles%\exchain\exchain.exe

%ProgramFiles%\explorer\explorer.exe

%ProgramFiles%\microsoft common\svchost.exe

%ProgramFiles%\neocheat\landslide\landslide.exe

%ProgramFiles%\neocheat\lasersight\lasersight.exe

%ProgramFiles%\neocheat\mastermind\mastermind.exe

%ProgramFiles%\user\ser.exe

%System%\bifrost\server.exe

%System%\bootvid.exe

%System%\calculate.exe

%System%\cjbiid.exe

%System%\dispexs32.dll

%System%\dllcache\csrss.exe

%System%\drivers\bslbt.exe

%System%\drivers\bsmbt.exe

%System%\drivers\bsobt.exe

%System%\drivers\csgf.exe

%System%\edf\win.exe

%System%\file.exe

%System%\firefox.exe

%System%\flash.exe

%System%\fs4.exe

%System%\gastkp.exe

%System%\iexplore.exe

%System%\iexplorer.exe

%System%\iexy.exe

%System%\inf\xccefb090131.scr

%System%\javacon.exe

%System%\javacpl.exe

%System%\javacq.exe

%System%\javacypt.exe

%System%\javafxs.exe

%System%\javale.exe

%System%\javaload.exe

%System%\javap3.exe

%System%\javaup500.exe

%System%\javawt.exe

%System%\javawx.exe

%System%\jhm.exe

%System%\jqsched.exe

%System%\jrsched.exe

%System%\jshed.exe

%System%\jucshed.exe

%System%\jushed.exe

%System%\kwrtqpblf.exe

%System%\live.exe

%System%\mrtmoons.exe

%System%\msmsgs.exe

%System%\msngrs.exe

%System%\msnmgnr.exe

%System%\mssrv32.exe

%System%\msupdate.exe

%System%\net\netset.sys

%System%\qczhkqsrt.exe

%System%\qttaskmgr.exe

%System%\rst.exe

%System%\scliteh17ruxavx21sept.exe

%System%\sdra64.exe

%System%\servises.exe

%System%\setup_ver1.1567.14.exe

%System%\spooisv.exe

%System%\syst\syst.exe

%System%\system.exe

%System%\tasklist32.exe

%System%\usrmgr.exe

%System%\wbem\svchost.exe

%System%\wfmngr.exe

%System%\win32\win32.exe

%System%\windows live\messengr.exe

%System%\winulty.exe

%System%\winupd.exe

%System%\wmimngr.exe

%System%\wpmgr.exe

%System%\wupmgr.exe

%System%\xmlprovs32.exe

%Temp%\00ase.exe

%Temp%\090522-1-0.exe

%Temp%\4_pinnew.exe

%Temp%\7zipsfx.000\nfuninstall.exe

%Temp%\cqooinstall.dll

%Temp%\crack.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).