Solved

How can I remove Trojan.Busky?

Posted on 2006-10-26
7
2,024 Views
Last Modified: 2012-06-27
Hi Guys,

Thanks in advance for your valuable help. I have received the Trojan.Busky virus in my computer. Every time I open an Internet Explorer browser the Norton Virus window pops up with the following infected file: esmfluh.dll. Can anyone help me to remove this virus and prevent to get it every time I open the browser?

Thanks!

Joe
0
Comment
Question by:JoeSand2005
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 17817687
0
 
LVL 6

Expert Comment

by:Mnf
ID: 17821185
go to save mode and try to locate and delete the file
then do a system scan
the norton with the latest updates can remove it ..
0
 
LVL 5

Accepted Solution

by:
darrenakin earned 50 total points
ID: 17824492
Give this a go;

1. Temporarily disable System Restore (Windows Me/XP).

2. Download Free Ewido Antispyware save it to a desired location on your Hard Drive.

3. After downloading, browse where the file was saved and double click to install it.

4. After installation, connect to internet and download all necessary updates.

 

5. Download SmitfraudFix (by S!Ri) and save it to a desired location. This will be in ZIP File.

6. Extract all the files to your Desktop, it will create a folder SmitfraudFix

Note: When extracting or executing, some files might be detected as Potential Threat or Harmful Script. Please disable AntiVirus or Any Script Blocking Software temporarily. It may harm or make the Fix incomplete.

 

7. Reboot your computer in SafeMode

8. Run Ewido and do a thorough scan. Delete all infected files.

9. Close Ewido and other open Applications.

10. Browse the folder SmitfraudFix on your Desktop and double-click on smitfraudfix.cmd

11. "Enter your Choice: (1,2,3,4,L,Q):" Press no. 2 on your keyboard to select Option 2

12. Wait for the process to finish.

13. If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, as Yes

14. It will check if your wininet.dll file is damaged, if so it will ask you to Replace Infected File? Press Y as Yes and hit Enter
 

15. If it prompts you to Reboot your computer, Please do so.

16. Reboot your computer in SafeMode with Networking

17. After successful boot in SafeMode with Networking, connect to internet.


18. In order to make sure that Trojan.Busky is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.

0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:JoeSand2005
ID: 17852066
DarrenaKin,

I'm safe from that virus. Thanks so much for your help
Take Care

Joe
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852459
You are welcome
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 17852532
Joe,

The accepted answer is just an exact copy/paste of the page I linked you to more then a day earlier.
I find this a little weird and it's against EE policy. But maybe you did not notice this. Then you are forgiven.
I do find the behaviour of DarrenaKin unprofessional. And it's against several of the standing EE rules. E.g. you have to link to original content, not paste it and make it look like you created it.
Except if he also didn't notice. Then he is NOT forgiven ;-)

BTW, I'm not mentioning this for the points.

J.
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852550
Sorry PowerIT I was unaware of that rule.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now