ThreatExpert's Statistics for Trojan:Win32/Orsam!rts [Microsoft]:

Trojan:Win32/Orsam!rts [Microsoft] is also known as:

Threat Alias	Number of Incidents
Mal/Generic-A [Sophos]	133
Trojan Horse [Symantec]	126
Trojan.Generic [PC Tools]	71
Trojan.Win32.MustHave.a [Kaspersky Lab]	55
Mal/EncPk-GF [Sophos]	42
Win32.SuspectCrc [Ikarus]	41
Generic.dx [McAfee]	38
Trojan.Peed [Ikarus]	35
Win-Trojan/Xema.variant [AhnLab]	32
Generic.dx!feu [McAfee]	30
Trojan.Win32.MustHave [Ikarus]	30
Win-Trojan/Musthave.17693 [AhnLab]	20
Generic.dx!ev [McAfee]	12
Generic.dx!fv [McAfee]	12
Win-Trojan/Peed.61440.AS [AhnLab]	12
Trojan.UserGet [Ikarus]	10
Trojan.Win32.Agent [Ikarus]	9
Suspicious.MH690 [Symantec]	8
Generic.dx!t [McAfee]	7
Mal/Dorf-F [Sophos]	6
Mal/Packer [Sophos]	6
Trojan.Win32.Agent.cppg [Kaspersky Lab]	6
Trojan-Downloader.Win32.Small [Ikarus]	6
Trojan-Dropper.Agent [Ikarus]	6
Generic.dx!ffy [McAfee]	5
Generic.dx!biz [McAfee]	4
Generic.dx!zi [McAfee]	4
Packed/Upack [AhnLab]	4
Trojan.Generic [Ikarus]	4
Win-Trojan/Agent.348160.AL [AhnLab]	4
Constructor/Slhback.19566 [AhnLab]	3
Gen.Trojan [Ikarus]	3
Mal/Behav-004, Mal/EncPk-GF [Sophos]	3
Mal/EncPk-NB, Mal/EncPk-GF, Mal/EncPk-GF [Sophos]	3
Virus.Win32.Trojan [Ikarus]	3
Vundo.gen.cg [McAfee]	3
Win-Trojan/Peed.73728.GP [AhnLab]	3
Generic StartPage!l [McAfee]	2
Generic.dx!pn [McAfee]	2
Infostealer [Symantec]	2
Mal/EncPk-BA, Mal/EncPk-BU, Mal/Packer [Sophos]	2
Mal/EncPk-MX, Mal/Behav-331, Mal/Dorf-F, Mal/FakeVirPk-A [Sophos]	2
not-a-virus.patch.AnyDVD [Ikarus]	2
Trojan.Crypt [Ikarus]	2
Trojan.FakeAV [Symantec]	2
Trojan.Fakeavalert [Symantec]	2
Trojan.Win32.BHO [Ikarus]	2
Trojan.Win32.Orsam [Ikarus]	2
Win-Trojan/Peed.73728.DI [AhnLab]	2
Win-Trojan/StartPage.67072.F [AhnLab]	2
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Poison [Ikarus]	1
Backdoor.Win32.Small.gqd [Kaspersky Lab]	1
Backdoor.Win32.Small.vy [Kaspersky Lab]	1
Backdoor.Win32.VirtualAve.r [Kaspersky Lab]	1
Constructor.Win32.SlhBack.cg [Kaspersky Lab]	1
Constructor.Win32.SlhBack.ci [Kaspersky Lab]	1
Constructor.Win32.SlhBack.cj [Kaspersky Lab]	1
FakeAlert-DA [McAfee]	1
Generic AdClicker.a [McAfee]	1
Generic BackDoor [McAfee]	1
Generic BackDoor!fj [McAfee]	1
Generic Del.x!a [McAfee]	1
Generic MSIL.a [McAfee]	1
Generic Packed [McAfee]	1
Generic.dx!ba [McAfee]	1
Generic.dx!bgl [McAfee]	1
Generic.dx!bh [McAfee]	1
Generic.dx!bjj [McAfee]	1
Generic.dx!bpe [McAfee]	1
Generic.dx!bx [McAfee]	1
Generic.dx!cc [McAfee]	1
Generic.dx!ccx [McAfee]	1
Generic.dx!czy [McAfee]	1
Generic.dx!eob [McAfee]	1
Generic.dx!etw [McAfee]	1
Generic.dx!fe [McAfee]	1
Generic.dx!fuz [McAfee]	1
Generic.dx!gaz [McAfee]	1
Generic.dx!gut [McAfee]	1
Generic.dx!ha [McAfee]	1
Generic.dx!ibn [McAfee]	1
Generic.dx!im [McAfee]	1
Generic.dx!jjs [McAfee]	1
Generic.dx!jlt [McAfee]	1
Generic.dx!k [McAfee]	1
Generic.dx!kle [McAfee]	1
Generic.dx!vm [McAfee]	1
Generic.Visel [Ikarus]	1
Hacktool.Rootkit [Symantec]	1
HackTool.Win32.Sniffer.WpePro.u [Kaspersky Lab]	1
Hacktool.WPE [Symantec]	1
Hoax.Win32.Renos [Ikarus]	1
Hoax.Win32.Renos.vcef [Kaspersky Lab]	1
Mal/Behav-035 [Sophos]	1
Mal/Behav-160, Mal/Emogen-E [Sophos]	1
Mal/Bifrose-Z [Sophos]	1
Mal/Dorf-A, Mal/Packer [Sophos]	1
Mal/EncPk-EE, Mal/EncPk-EE [Sophos]	1
Mal/EncPk-IF, Mal/EncPk-HH [Sophos]	1

Trojan:Win32/Orsam!rts [Microsoft] has the following possible countries of origin:

Origin		Number of Incidents
	China	6
	Russian Federation	5
	Japan	3
	United Kingdom	3
	France	2
	Poland	2
	Iran	1
	Netherlands	1
	Taiwan	1

Trojan:Win32/Orsam!rts [Microsoft] is known to be created as:

%ProgramFiles%\happycoin\ieservice.exe

%ProgramFiles%\happycoin\tecstll.exe

%ProgramFiles%\msn\msn.exe

%ProgramFiles%\tueagles\eaglet.dll

%ProgramFiles%\windows nt\ctfmon.exe

%System%\drivers\fyddos.sys

%System%\metus_delphi.exe

%System%\sysio.sys

%System%\systray32s.exe

%System%\win\zmwsc\firewall.exe

%System%\win\zmwsc\svchost.exe

%Temp%\10.exe

%Temp%\8.exe

%Temp%\bfile1.exe

%Temp%\cryptedfile.exe

%Temp%\ixp000.tmp\banivufs.exe

%Temp%\ixp000.tmp\keygen.exe

%Temp%\keygen.exe

%Temp%\lock.exe

%Temp%\metus_delphi.exe

%Temp%\mousehook.dll

%Temp%\nsb3.tmp\utility.dll

%Temp%\nsl3.tmp\utility.dll

%Temp%\nss6.tmp\utility.dll

%Temp%\nst6.tmp\utility.dll

%Temp%\ntdll64.dll

%Temp%\ultrasurf\u.exe

%Windir%\metus_delphi.exe

%Windir%\msn.exe

%Windir%\msn-01\win\zmwsc\firewall.exe

c:\program1\jyp\hook.dll

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.