[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2034
  • Last Modified:

How can I remove Trojan.Busky?

Hi Guys,

Thanks in advance for your valuable help. I have received the Trojan.Busky virus in my computer. Every time I open an Internet Explorer browser the Norton Virus window pops up with the following infected file: esmfluh.dll. Can anyone help me to remove this virus and prevent to get it every time I open the browser?

Thanks!

Joe
0
JoeSand2005
Asked:
JoeSand2005
1 Solution
 
PowerITCommented:
0
 
MnfCommented:
go to save mode and try to locate and delete the file
then do a system scan
the norton with the latest updates can remove it ..
0
 
darrenakinCommented:
Give this a go;

1. Temporarily disable System Restore (Windows Me/XP).

2. Download Free Ewido Antispyware save it to a desired location on your Hard Drive.

3. After downloading, browse where the file was saved and double click to install it.

4. After installation, connect to internet and download all necessary updates.

 

5. Download SmitfraudFix (by S!Ri) and save it to a desired location. This will be in ZIP File.

6. Extract all the files to your Desktop, it will create a folder SmitfraudFix

Note: When extracting or executing, some files might be detected as Potential Threat or Harmful Script. Please disable AntiVirus or Any Script Blocking Software temporarily. It may harm or make the Fix incomplete.

 

7. Reboot your computer in SafeMode

8. Run Ewido and do a thorough scan. Delete all infected files.

9. Close Ewido and other open Applications.

10. Browse the folder SmitfraudFix on your Desktop and double-click on smitfraudfix.cmd

11. "Enter your Choice: (1,2,3,4,L,Q):" Press no. 2 on your keyboard to select Option 2

12. Wait for the process to finish.

13. If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, as Yes

14. It will check if your wininet.dll file is damaged, if so it will ask you to Replace Infected File? Press Y as Yes and hit Enter
 

15. If it prompts you to Reboot your computer, Please do so.

16. Reboot your computer in SafeMode with Networking

17. After successful boot in SafeMode with Networking, connect to internet.


18. In order to make sure that Trojan.Busky is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.

0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
JoeSand2005Author Commented:
DarrenaKin,

I'm safe from that virus. Thanks so much for your help
Take Care

Joe
0
 
darrenakinCommented:
You are welcome
0
 
PowerITCommented:
Joe,

The accepted answer is just an exact copy/paste of the page I linked you to more then a day earlier.
I find this a little weird and it's against EE policy. But maybe you did not notice this. Then you are forgiven.
I do find the behaviour of DarrenaKin unprofessional. And it's against several of the standing EE rules. E.g. you have to link to original content, not paste it and make it look like you created it.
Except if he also didn't notice. Then he is NOT forgiven ;-)

BTW, I'm not mentioning this for the points.

J.
0
 
darrenakinCommented:
Sorry PowerIT I was unaware of that rule.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now