Solved

How can I remove Trojan.Busky?

Posted on 2006-10-26
7
2,026 Views
Last Modified: 2012-06-27
Hi Guys,

Thanks in advance for your valuable help. I have received the Trojan.Busky virus in my computer. Every time I open an Internet Explorer browser the Norton Virus window pops up with the following infected file: esmfluh.dll. Can anyone help me to remove this virus and prevent to get it every time I open the browser?

Thanks!

Joe
0
Comment
Question by:JoeSand2005
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 17817687
0
 
LVL 6

Expert Comment

by:Mnf
ID: 17821185
go to save mode and try to locate and delete the file
then do a system scan
the norton with the latest updates can remove it ..
0
 
LVL 5

Accepted Solution

by:
darrenakin earned 50 total points
ID: 17824492
Give this a go;

1. Temporarily disable System Restore (Windows Me/XP).

2. Download Free Ewido Antispyware save it to a desired location on your Hard Drive.

3. After downloading, browse where the file was saved and double click to install it.

4. After installation, connect to internet and download all necessary updates.

 

5. Download SmitfraudFix (by S!Ri) and save it to a desired location. This will be in ZIP File.

6. Extract all the files to your Desktop, it will create a folder SmitfraudFix

Note: When extracting or executing, some files might be detected as Potential Threat or Harmful Script. Please disable AntiVirus or Any Script Blocking Software temporarily. It may harm or make the Fix incomplete.

 

7. Reboot your computer in SafeMode

8. Run Ewido and do a thorough scan. Delete all infected files.

9. Close Ewido and other open Applications.

10. Browse the folder SmitfraudFix on your Desktop and double-click on smitfraudfix.cmd

11. "Enter your Choice: (1,2,3,4,L,Q):" Press no. 2 on your keyboard to select Option 2

12. Wait for the process to finish.

13. If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, as Yes

14. It will check if your wininet.dll file is damaged, if so it will ask you to Replace Infected File? Press Y as Yes and hit Enter
 

15. If it prompts you to Reboot your computer, Please do so.

16. Reboot your computer in SafeMode with Networking

17. After successful boot in SafeMode with Networking, connect to internet.


18. In order to make sure that Trojan.Busky is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.

0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:JoeSand2005
ID: 17852066
DarrenaKin,

I'm safe from that virus. Thanks so much for your help
Take Care

Joe
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852459
You are welcome
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 17852532
Joe,

The accepted answer is just an exact copy/paste of the page I linked you to more then a day earlier.
I find this a little weird and it's against EE policy. But maybe you did not notice this. Then you are forgiven.
I do find the behaviour of DarrenaKin unprofessional. And it's against several of the standing EE rules. E.g. you have to link to original content, not paste it and make it look like you created it.
Except if he also didn't notice. Then he is NOT forgiven ;-)

BTW, I'm not mentioning this for the points.

J.
0
 
LVL 5

Expert Comment

by:darrenakin
ID: 17852550
Sorry PowerIT I was unaware of that rule.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question