Solved

How can I remove Trojan.Busky?

Posted on 2006-10-26
7
2,025 Views
Last Modified: 2012-06-27
Hi Guys,

Thanks in advance for your valuable help. I have received the Trojan.Busky virus in my computer. Every time I open an Internet Explorer browser the Norton Virus window pops up with the following infected file: esmfluh.dll. Can anyone help me to remove this virus and prevent to get it every time I open the browser?

Thanks!

Joe
0
Comment
Question by:JoeSand2005
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 17817687
0
 
LVL 6

Expert Comment

by:Mnf
ID: 17821185
go to save mode and try to locate and delete the file
then do a system scan
the norton with the latest updates can remove it ..
0
 
LVL 5

Accepted Solution

by:
darrenakin earned 50 total points
ID: 17824492
Give this a go;

1. Temporarily disable System Restore (Windows Me/XP).

2. Download Free Ewido Antispyware save it to a desired location on your Hard Drive.

3. After downloading, browse where the file was saved and double click to install it.

4. After installation, connect to internet and download all necessary updates.

 

5. Download SmitfraudFix (by S!Ri) and save it to a desired location. This will be in ZIP File.

6. Extract all the files to your Desktop, it will create a folder SmitfraudFix

Note: When extracting or executing, some files might be detected as Potential Threat or Harmful Script. Please disable AntiVirus or Any Script Blocking Software temporarily. It may harm or make the Fix incomplete.

 

7. Reboot your computer in SafeMode

8. Run Ewido and do a thorough scan. Delete all infected files.

9. Close Ewido and other open Applications.

10. Browse the folder SmitfraudFix on your Desktop and double-click on smitfraudfix.cmd

11. "Enter your Choice: (1,2,3,4,L,Q):" Press no. 2 on your keyboard to select Option 2

12. Wait for the process to finish.

13. If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, as Yes

14. It will check if your wininet.dll file is damaged, if so it will ask you to Replace Infected File? Press Y as Yes and hit Enter
 

15. If it prompts you to Reboot your computer, Please do so.

16. Reboot your computer in SafeMode with Networking

17. After successful boot in SafeMode with Networking, connect to internet.


18. In order to make sure that Trojan.Busky is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.

0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:JoeSand2005
ID: 17852066
DarrenaKin,

I'm safe from that virus. Thanks so much for your help
Take Care

Joe
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852459
You are welcome
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 17852532
Joe,

The accepted answer is just an exact copy/paste of the page I linked you to more then a day earlier.
I find this a little weird and it's against EE policy. But maybe you did not notice this. Then you are forgiven.
I do find the behaviour of DarrenaKin unprofessional. And it's against several of the standing EE rules. E.g. you have to link to original content, not paste it and make it look like you created it.
Except if he also didn't notice. Then he is NOT forgiven ;-)

BTW, I'm not mentioning this for the points.

J.
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852550
Sorry PowerIT I was unaware of that rule.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now