Trojan.Buzus
Posted: February 15, 2008
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 10,654 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | October 4, 2024 |
| OS(es) Affected: | Windows |
Trojan.Buzus is a Trojan infection designed to steal various personal information such as credit card and banking account numbers. Trojan.Buzus also has the ability to compromise the security settings of your system leaving your computer vulnerable to outside attacks or remote users. Trojan.Buzus has been proven to be difficult to manually remove from any infected machine.
Aliases
SHeur4.QZD [AVG]Backdoor.Gen3 [Ikarus]TR/Crypt.ZPACK.Gen2 [AntiVir]Mal/Autorun-AS [Sophos]Trojan.Generic.7235059 [BitDefender]Trojan.Win32.Jorik.IRCbot.hmp [Kaspersky]a variant of Win32/Kryptik.AAZY [NOD32]Artemis!2D9C4AD32F50 [McAfee]Worm/Generic2.BEEF [AVG]W32/Jorik_IRCbot.CEE!tr [Fortinet]Backdoor/Win32.IRCBot.gen [Antiy-AVL]TR/Crypt.ZPACK.Gen [AntiVir]Worm.Generic.358674 [BitDefender]Trojan.Win32.Jorik.IRCbot.fah [Kaspersky]Win32.TRCrypt.ZPACK [eSafe]
More aliases (1420)
More aliases (1420)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Users\<username>\AppData\Roaming\Uninstall.exe
File name: Uninstall.exeSize: 135.27 KB (135276 bytes)
MD5: 9c1abef6be60b1d8572681c9475b9077
Detection count: 6,153
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Roaming\Uninstall.exe
Group: Malware file
Last Updated: May 14, 2022
%APPDATA%\ohydy.exe
File name: ohydy.exeSize: 111.61 KB (111616 bytes)
MD5: 474d68a1647482c7772e96bc4dff0cdb
Detection count: 773
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: September 15, 2010
%WINDIR%\system\iexplorer.exe
File name: iexplorer.exeSize: 52.39 KB (52399 bytes)
MD5: 771a2e39198c5fec9b8481d5abf263b6
Detection count: 84
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system
Group: Malware file
Last Updated: October 6, 2010
cndrive32.exe
File name: cndrive32.exeSize: 78.33 KB (78336 bytes)
MD5: 3cba73a7092605d59b1d4aeef2f6db11
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: August 12, 2010
file.exe
File name: file.exeSize: 475.64 KB (475648 bytes)
MD5: baf89a5874bed991c8572cf79df3e1a7
Detection count: 66
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 2, 2017
%APPDATA%\SystemProc\lsass.exe
File name: lsass.exeSize: 202.24 KB (202240 bytes)
MD5: 591e67063e00e1b7c41663dd3c01ac44
Detection count: 64
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\SystemProc
Group: Malware file
Last Updated: October 26, 2010
%WINDIR%\cidrive32.exe
File name: cidrive32.exeSize: 94.2 KB (94208 bytes)
MD5: 6e9316b84a7ef9cc4c9e55b272bc4b66
Detection count: 37
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: December 8, 2010
winsys.exe
File name: winsys.exeSize: 195.63 KB (195630 bytes)
MD5: b3ecc3e3bf63acc2ed7c3b13a8999c92
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: May 3, 2010
C:\Users\<username>\AppData\Roaming\1919.tmp
File name: 1919.tmpSize: 86.01 KB (86016 bytes)
MD5: 4daa0dccda1d0e9d80632021d18da11d
Detection count: 21
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\<username>\AppData\Roaming\1919.tmp
Group: Malware file
Last Updated: August 27, 2022
C:\Users\<username>\AppData\Roaming\1EAD.tmp
File name: 1EAD.tmpSize: 118.78 KB (118784 bytes)
MD5: be1938b65c7a608056458fcf3e87a086
Detection count: 19
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\<username>\AppData\Roaming\1EAD.tmp
Group: Malware file
Last Updated: January 20, 2022
%APPDATA%\bbizd.exe
File name: bbizd.exeSize: 134.14 KB (134144 bytes)
MD5: 96cb7d650a4805b002d9035fbf59a99d
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: October 28, 2010
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fredg.exe
File name: fredg.exeSize: 45.05 KB (45056 bytes)
MD5: da4d85481494b94d4d0fa5f98a064795
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455
Group: Malware file
Last Updated: October 28, 2010
%PUBLIC%\winsvcn.exe
File name: winsvcn.exeSize: 81.4 KB (81408 bytes)
MD5: 5ac73655e80160556f0c672c3c8a3a3e
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PUBLIC%
Group: Malware file
Last Updated: November 2, 2010
%WINDIR%\system32\config\svchost.exe  Â
File name: svchost.exe  ÂSize: 315.82 KB (315821 bytes)
MD5: d4a4a090abada68f954785d32c02d194
Detection count: 14
Mime Type: unknown/exe  Â
Path: %WINDIR%\system32\config
Group: Malware file
Last Updated: October 28, 2010
C:\Users\<username>\AppData\Roaming\1834.tmp
File name: 1834.tmpSize: 86.01 KB (86016 bytes)
MD5: ce335ecc5b36b8faf8d1d301b9d550a4
Detection count: 12
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\<username>\AppData\Roaming\1834.tmp
Group: Malware file
Last Updated: August 27, 2022
C:\Users\<username>\AppData\Roaming\47AD.tmp
File name: 47AD.tmpSize: 86.01 KB (86016 bytes)
MD5: e3236f731a60a4fa2ab6d51b41280bad
Detection count: 12
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\<username>\AppData\Roaming\47AD.tmp
Group: Malware file
Last Updated: August 27, 2022
C:\RECYCLER\S-1-5-21-6136269465-0102912693-024135967-8091\rundll32.exe
File name: rundll32.exeSize: 119.8 KB (119808 bytes)
MD5: 3707d63b76c646a53b82f058b0fb05eb
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: C:\RECYCLER\S-1-5-21-6136269465-0102912693-024135967-8091
Group: Malware file
Last Updated: November 2, 2010
%APPDATA%\Microsoft\svchost.exe
File name: svchost.exeSize: 217.08 KB (217088 bytes)
MD5: 385b3a4acfe96309252ad9c5229610d3
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft
Group: Malware file
Last Updated: November 3, 2010
%WINDIR%\system32\msvmiode.exe
File name: msvmiode.exeSize: 131.07 KB (131072 bytes)
MD5: e5dcb2d8939cce433abd79688fb30527
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 7, 2010
%WINDIR%\aadrive32.exe
File name: aadrive32.exeSize: 49.15 KB (49152 bytes)
MD5: 2d9c4ad32f509c44cd31e4f63e827cc7
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: March 6, 2012
%APPDATA%\oreaw.exe
File name: oreaw.exeSize: 86.24 KB (86242 bytes)
MD5: ceaec92b6230c4973ed293228bdfc2f3
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 7, 2010
C:\Users\<username>\AppData\Roaming\D941.tmp
File name: D941.tmpSize: 86.01 KB (86016 bytes)
MD5: 8fd13283ab7be9feda213f1046c894a1
Detection count: 5
File type: Temporary File
Mime Type: unknown/tmp
Path: C:\Users\<username>\AppData\Roaming\D941.tmp
Group: Malware file
Last Updated: August 27, 2022
More files
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%WINDIR%\winsvc32.exe
Regexp file mask%WINDIR%\winsvc32.exe
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.