Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.BUZUS.IXVG

 

 

Name:

Trojan.Buzus.ixvg

Added:

November 1, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Malware problems?   We can help.  Free Removal Tools.

 

 

Description:

 

When Trojan.Buzus.ixvg is executed, it performs the following activities:

After execution, it drops the following files:

%Appdata%\aehost.exe
%Appdata%\behost.exe
%Appdata%\dehost.exe
%Appdata%\R07924.exe
%Appdata%\xgqag.exe
%Program Files%\LP\F019\1.tmp
%Program Files%\LP\F019\7CD.exe

It modifies/creates the following registry entries:

xgqag =  "%Appdata%\xgqag.exe /I"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

7CD.exe = "%Program Files%\LP\F019\7CD.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

The Trojan may create the following files on Removable drives.

%Rootdrive%\gieuli.exe
%Rootdrive%\subst.exe
 

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

"Thanks for everything so far. I just wrote a very strong recommendation of your product to our region's tech director mailing list. If it were up to me, I'd have the whole state running your software! You guys have been rock stars from the get-go, from installation right up to now. Please share my thanks and attaboys with the rest of your staff, and keep up the awesome work!"
-Jimmy Fisher, Winters ISD

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4