Threat Search: 

ThreatExpert's Statistics for Troj/Buzus-W [Sophos]:

Troj/Buzus-W [Sophos] is also known as:
Threat AliasNumber of Incidents
VirTool:Win32/Delfsnif.gen [Microsoft]14
Win32.SuspectCrc [Ikarus]13
Backdoor.Graybird [Symantec]9
Generic.dx [McAfee]7
Trojan Horse [Symantec]5
Win-Trojan/Buzus.580608.B [AhnLab]5
Generic PUP.x [McAfee]4
Suspicious.MH690 [Symantec]3
Virus.Win32.Buzus [Ikarus]3
IRC Trojan [Symantec]2
Trojan.Buzus!sd6 [PC Tools]2
Trojan.Buzus.iij [Ikarus]2
Trojan.Win32.Buzus.ckfl [Kaspersky Lab]2
Trojan.Win32.Buzus.ryf [Kaspersky Lab]2
Worm:Win32/Pushbot.gen [Microsoft]2
Backdoor.Bifrose [Symantec]1
Backdoor:Win32/Bifrose.EY [Microsoft]1
Backdoor:Win32/Poisonivy.E [Microsoft]1
Constructor:Win32/Bifrose.A [Microsoft]1
Downloader [Symantec]1
Net-Worm.Kolab!ct [PC Tools]1
Net-Worm.Win32.Kolab.up [Kaspersky Lab]1
TROJ_AGENT.AFBG [Trend Micro]1
Trojan.Buzus [PC Tools]1
Trojan.Inject.A!ct [PC Tools]1
Trojan.Win32.Buzus.alox [Kaspersky Lab]1
Trojan.Win32.Buzus.alvh [Kaspersky Lab]1
Trojan.Win32.Buzus.alvk [Kaspersky Lab]1
Trojan.Win32.Buzus.amdd [Kaspersky Lab]1
Trojan.Win32.Buzus.amdu [Kaspersky Lab]1
Trojan.Win32.Buzus.amdy [Kaspersky Lab]1
Trojan.Win32.Buzus.amdz [Kaspersky Lab]1
Trojan.Win32.Buzus.ameh [Kaspersky Lab]1
Trojan.Win32.Buzus.amgs [Kaspersky Lab]1
Trojan.Win32.Buzus.amje [Kaspersky Lab]1
Trojan.Win32.Buzus.baba [Kaspersky Lab]1
Trojan.Win32.Buzus.nem [Kaspersky Lab]1
Trojan.Win32.Buzus.pzs [Kaspersky Lab]1
Trojan.Win32.Buzus.rwt [Kaspersky Lab]1
Trojan.Win32.Inject.muj [Kaspersky Lab]1
Trojan-Dropper.Win32.Agent.vpp [Kaspersky Lab]1
VirTool.DelfInject.ART [PC Tools]1
VirTool.Win32.DelfInject [Ikarus]1
VirTool:Win32/DelfInject.gen!AC [Microsoft]1
VirTool:Win32/DelfInject.gen!J [Microsoft]1
VirTool:Win32/DelfInject.gen!L [Microsoft]1
VirTool:Win32/DelfInject.gen!X [Microsoft]1
Virus.Win32.Delf.BQR [Ikarus]1
W32.IRCBot [Symantec]1
W32.Koobface.B [Symantec]1
W32/Autorun.worm.gen [McAfee]1
W32/Checkout [McAfee]1
Win32/IRCBot.worm.variant [AhnLab]1
Win-Trojan/Agent.376400 [AhnLab]1
Win-Trojan/Bifrose.518477 [AhnLab]1
Win-Trojan/Buzus.681984.D [AhnLab]1
Win-Trojan/Buzus.720896.D [AhnLab]1
Win-Trojan/Injector.17408.B [AhnLab]1
Worm.Win32.AutoRun.rwr [Kaspersky Lab]1

Troj/Buzus-W [Sophos] is known to be created as:
%System%\bifrost\svchost.exe
%System%\drivers\ntndis.exe
%System%\splm\ncsjapi32.exe
%Temp%\x_6.exe
%Windir%\hccutils32.exe
%Windir%\service.exe
%Windir%\wciactrl.exe
%Windir%\wmiapsrv.exe
c:\techload.dll
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.