Click on screenshot to zoom
Danger level 9
Type: Trojans

Trojan.Busky

Trojan.Busky is the newest Trojan Downloader to be causing havoc on the internet community of late.

Also referred to as Trojan.Busky.B, Trojan.Busky.EI, Trojan.Busky.O, Trojan.Busky.EC, and Trojan.Busky.EH, is further identified as a Browser Helper Object.

Now, what is a Browser Helper object (BHO) you may wonder?
Well, A BHO, or browser helper object, is a component of Microsoft's Internet Explorer Web browser application. It is an add-in designed to provide or expand the functionality of the browser and allow developers to improve the Web browser with new features, as time goes by.

So, why are BHO's considered bad?
BHO's, in and of themselves, are not bad. But, like a lot of other features and functionality, if the BHO can be used to install additional features or functions that are useful, it can also be exploited to install features or functions that are malicious. Some applications, such as the Google or Yahoo toolbars, are examples of good BHO's. But, there are also many examples of BHO's which are used to hijack your Web browser home page, spy on your Internet activities and other malicious actions.

So, to sum it up, designed by Microsoft and intended as a legitimate component of the Internet Explorer web browser, Browser Helper Objects (BHO), have been targeted by hackers and malware authors as a means to compromise computer systems. The "feature" can be used against you by unscrupulous attackers for a variety of functions - including monitoring your web activity or substituting different banner ads as your surf the Web.

As is quite obvious, Trojan.Busky tends to enter into a computer system via dubious scripts, embedded in JavaScript or VBS, however there are other ways the infection can enter into a system, via:

* Operating system and web browser exploits
* Unsafe Internet surfing practices
* The downloading and installing of Freeware and Shareware
* The use of Peer-to-peer (P2P) applications
* Visiting questionable web sties

A clear sign that a computer system has been infiltrated by this dubious application, is the display of the following symptoms:

* PC is working very slowly
Trojan.Busky can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Trojan.Busky.

* New desktop shortcuts have appeared or the home page has changed
Trojan.Busky can tamper with your Internet settings or redirect your default home page to unwanted web sites. Trojan.Busky may even add new shortcuts to your PC desktop.

* Annoying pop-up messages keep appearing on your PC
Trojan.Busky may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

In order to remove Trojan.Busky and all its components from an infected computer system, one should remove all files, folders and registry keys and registry values associated with Trojan.Busky.

The Windows registry stores highly important system information, such as system preferences, use settings, installed programs’ details, as well as additional information about applications which automatically run on start-up of the machine. This is a huge reason why malware of all sorts target the registry files, as it adjusts its functions so that it is automatically launched every time the user starts up their PC.

Editing the registry can be quite a daunting task, especially for those users who are not computer experts. Therefore it is always recommended to perform a thorough backup of all data on the infected system, this way allowing for reinstallation if so needed.

The most important thing to remember is that Trojan.Busky should be removed from a computer system as soon as it has been detected!

To avoid any unneeded risks of damage to your computer system, it is highly recommended to make use of a reliable and legitimate anti-spyware application, to remove Trojan.Busky and all its components from the infected computer system.

Download Spyware Removal Tool to Remove* Trojan.Busky
  • Quick & tested solution for Trojan.Busky removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Busky

Files associated with Trojan.Busky infection:

lfjetzkp.exe
lcvoesmy.exe
ejasaqnj.exe
upuxytob.exe
qnedwvwh.exe
fczebcjo.dll
bovujipu.dll
qbytsfql.exe
opihsdgp.exe
AHYLULCP.EXE
cjyrsroh.exe
ojihshiz.exe
olwdixyr.exe
lytuncdo.exe
hsfglwra.exe
ninudoty.exe
sdqpkhyv.exe
fwvwbofs.exe
sdofsvot.exe
itavqjuf.exe
hijchodc.exe
lqbuxkvw.exe
cxmrexgr.exe
SVIHIRWH.EXE
etypohid.exe
lmtqbybg.exe
ypyrszot.exe
qvktwhcl.exe
tanavylq.exe
sjqlkpup.exe
lqtcpynk.exe
sdejidwn.exe
mnqvczez.exe
benybqta.exe
hmbmbepy.exe
svgfopqd.exe
sxcfobyd.exe
rsporqrk.exe
ohefifqn.exe
jsdujczc.exe
dungnqjq.exe
tujstirs.exe
ryvcrwby.exe
qtszsfsz.exe
ojyvmrmz.exe
ilkzixgr.exe
jwzedeja.exe
gjwxebix.exe
qbkfofml.exe
zmnezipg.exe
gxgtevkn.exe
jyjuforg.exe
zubaxgvg.exe
uvkbwfwv.exe
idqlcxsj.exe
lohkxans.exe
cxknudah.exe
fwnepapc.exe
oxejuzal.exe
rebuzwfe.exe
rwhqnedk.exe
nilsbozi.exe
fofsnipq.exe
anibgzgh.exe
ayuhdjxq.exe
vqrwxqno.exe
spaxiroz.exe
info.exe
hnujvpc.dll
kehRbnCT.dll
pchtls32.exe
fWhz1bkT.dll
kpwzqnoj.exe
jwxojvpj.exe
kzefajuh.exe
bidmbuvc.exe
nynwvqlu.exe
dlnrzokt.dll
gngxajur.dll
rsvopedk.dll
pqpwvunu.exe
dkhudsby.exe
vitwbudk.exe
fofibgdq.exe
ujojubkn.exe
kfwnsnwt.exe
mzuxglul.exe
gbynmhad.exe
xmhehmxu.exe
fmlufoji.exe
dahqbcnw.exe
anapaloz.exe
hknufaru.exe
ehqpglot.exe
bwzuxqdw.exe
sbafczel.exe
qhgrkxyv.exe
opchixkh.exe
qjahqvsv.exe
gtqnonyh.exe
nslqnilg.exe
wdsjshad.exe
kpupwtmd.exe
bilqfmps.exe
nynurkfa.exe
dshmhefs.exe
otczolgp.exe
ibszwtwv.exe
hkxqdwbq.exe
mharsxyt.exe
revkxadi.exe
fqjetcxm.exe
nctqlyds.exe
rgbchirk.exe
sjelcvad.exe
tqnknmfw.exe
efkpgpyf.exe
inudylen.exe
ofctitup.exe
pqrspmlq.exe
jojmrgdu.exe
wjalwrgl.exe
vmtmhuhc.exe
uhybkxen.exe
pgrabiva.exe
gjctitkx.exe
ejyjmlwr.exe
tejcxabw.exe
pchyjqtw.exe
nsdsnajk.exe
zojipsfi.exe
epajslul.exe
zmlonwlu.exe
repsrylq.exe

Trojan.Busky DLL's to remove:

fczebcjo.dll
bovujipu.dll
hnujvpc.dll
kehRbnCT.dll
fWhz1bkT.dll
dlnrzokt.dll
gngxajur.dll
rsvopedk.dll

Trojan.Busky processes to kill:

lfjetzkp.exe
lcvoesmy.exe
ejasaqnj.exe
upuxytob.exe
qnedwvwh.exe
qbytsfql.exe
opihsdgp.exe
cjyrsroh.exe
ojihshiz.exe
olwdixyr.exe
lytuncdo.exe
hsfglwra.exe
ninudoty.exe
sdqpkhyv.exe
fwvwbofs.exe
sdofsvot.exe
itavqjuf.exe
hijchodc.exe
lqbuxkvw.exe
cxmrexgr.exe
etypohid.exe
lmtqbybg.exe
ypyrszot.exe
qvktwhcl.exe
tanavylq.exe
sjqlkpup.exe
lqtcpynk.exe
sdejidwn.exe
mnqvczez.exe
benybqta.exe
hmbmbepy.exe
svgfopqd.exe
sxcfobyd.exe
rsporqrk.exe
ohefifqn.exe
jsdujczc.exe
dungnqjq.exe
tujstirs.exe
ryvcrwby.exe
qtszsfsz.exe
ojyvmrmz.exe
ilkzixgr.exe
jwzedeja.exe
gjwxebix.exe
qbkfofml.exe
zmnezipg.exe
gxgtevkn.exe
jyjuforg.exe
zubaxgvg.exe
uvkbwfwv.exe
idqlcxsj.exe
lohkxans.exe
cxknudah.exe
fwnepapc.exe
oxejuzal.exe
rebuzwfe.exe
rwhqnedk.exe
nilsbozi.exe
fofsnipq.exe
anibgzgh.exe
ayuhdjxq.exe
vqrwxqno.exe
spaxiroz.exe
info.exe
pchtls32.exe
kpwzqnoj.exe
jwxojvpj.exe
kzefajuh.exe
bidmbuvc.exe
nynwvqlu.exe
pqpwvunu.exe
dkhudsby.exe
vitwbudk.exe
fofibgdq.exe
ujojubkn.exe
kfwnsnwt.exe
mzuxglul.exe
gbynmhad.exe
xmhehmxu.exe
fmlufoji.exe
dahqbcnw.exe
anapaloz.exe
hknufaru.exe
ehqpglot.exe
bwzuxqdw.exe
sbafczel.exe
qhgrkxyv.exe
opchixkh.exe
qjahqvsv.exe
gtqnonyh.exe
nslqnilg.exe
wdsjshad.exe
kpupwtmd.exe
bilqfmps.exe
nynurkfa.exe
dshmhefs.exe
otczolgp.exe
ibszwtwv.exe
hkxqdwbq.exe
mharsxyt.exe
revkxadi.exe
fqjetcxm.exe
nctqlyds.exe
rgbchirk.exe
sjelcvad.exe
tqnknmfw.exe
efkpgpyf.exe
inudylen.exe
ofctitup.exe
pqrspmlq.exe
jojmrgdu.exe
wjalwrgl.exe
vmtmhuhc.exe
uhybkxen.exe
pgrabiva.exe
gjctitkx.exe
ejyjmlwr.exe
tejcxabw.exe
pchyjqtw.exe
nsdsnajk.exe
zojipsfi.exe
epajslul.exe
zmlonwlu.exe
repsrylq.exe

Remove Trojan.Busky registry entries:

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 9294G80P8A
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ acsszhrg
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ahyusosq
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ceumhucw
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ DscApl
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ eorsuesa
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ffzbuwud
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ guxfajsm
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ iMqaAylh0O
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ InfoDsc
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ iuggasyw
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ jpgfwozg
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kuqwqgpo
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MonSmartWeb
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ nfjofijm
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ oaexvpxl
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ OJtGEKd5UE
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ okjlssaj
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ opglqeim
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ qzwatdti
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rhgobfqv
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ rmCdY1b4WC
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tnmjhwrf
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ UtilGenEn
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WebApl
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wrwpemtd
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wtriqqpl
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ yhibmubz
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ yvmoghns
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ywtevpnp
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ zsfrnuoh
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{737A54C3-23DF-02B7-73E9-06F2C9C6F205}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b217c7a4-1dd1-11b2-96af-e92b6a73bc19}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ef09ffa0-1dd1-11b2-a97d-d312c5dfae34}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ayuhdjxq
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ChkDsk32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ jwxojvpj
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\kpwzqnoj.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\PCHelp tools
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\pqpwvunu
RUNNING PROGRAM\AHYLULCP.EXE
RUNNING PROGRAM\benybqta.exe
RUNNING PROGRAM\bilqfmps.exe
RUNNING PROGRAM\bwzuxqdw.exe
RUNNING PROGRAM\cjyrsroh.exe
RUNNING PROGRAM\cxknudah.exe
RUNNING PROGRAM\cxmrexgr.exe
RUNNING PROGRAM\dshmhefs.exe
RUNNING PROGRAM\dungnqjq.exe
RUNNING PROGRAM\efkpgpyf.exe
RUNNING PROGRAM\ejyjmlwr.exe
RUNNING PROGRAM\epajslul.exe
RUNNING PROGRAM\etypohid.exe
RUNNING PROGRAM\explorer.exe
RUNNING PROGRAM\fqjetcxm.exe
RUNNING PROGRAM\fwvwbofs.exe
RUNNING PROGRAM\gjctitkx.exe
RUNNING PROGRAM\gjwxebix.exe
RUNNING PROGRAM\gtqnonyh.exe
RUNNING PROGRAM\gxgtevkn.exe
RUNNING PROGRAM\hijchodc.exe
RUNNING PROGRAM\hkxqdwbq.exe
RUNNING PROGRAM\hmbmbepy.exe
RUNNING PROGRAM\hsfglwra.exe
RUNNING PROGRAM\ibszwtwv.exe
RUNNING PROGRAM\idqlcxsj.exe
RUNNING PROGRAM\ilkzixgr.exe
RUNNING PROGRAM\inudylen.exe
RUNNING PROGRAM\itavqjuf.exe
RUNNING PROGRAM\jsdujczc.exe
RUNNING PROGRAM\jwzedeja.exe
RUNNING PROGRAM\jyjuforg.exe
RUNNING PROGRAM\kpupwtmd.exe
RUNNING PROGRAM\lmtqbybg.exe
RUNNING PROGRAM\lqbuxkvw.exe
RUNNING PROGRAM\lqtcpynk.exe
RUNNING PROGRAM\lytuncdo.exe
RUNNING PROGRAM\mnqvczez.exe
RUNNING PROGRAM\nilsbozi.exe
RUNNING PROGRAM\ninudoty.exe
RUNNING PROGRAM\nsdsnajk.exe
RUNNING PROGRAM\nslqnilg.exe
RUNNING PROGRAM\nynurkfa.exe
RUNNING PROGRAM\ofctitup.exe
RUNNING PROGRAM\ohefifqn.exe
RUNNING PROGRAM\ojihshiz.exe
RUNNING PROGRAM\ojyvmrmz.exe
RUNNING PROGRAM\olwdixyr.exe
RUNNING PROGRAM\opchixkh.exe
RUNNING PROGRAM\otczolgp.exe
RUNNING PROGRAM\pgrabiva.exe
RUNNING PROGRAM\pqrspmlq.exe
RUNNING PROGRAM\qhgrkxyv.exe
RUNNING PROGRAM\qjahqvsv.exe
RUNNING PROGRAM\qtszsfsz.exe
RUNNING PROGRAM\qvktwhcl.exe
RUNNING PROGRAM\repsrylq.exe
RUNNING PROGRAM\revkxadi.exe
RUNNING PROGRAM\rgbchirk.exe
RUNNING PROGRAM\rsporqrk.exe
RUNNING PROGRAM\ryvcrwby.exe
RUNNING PROGRAM\sbafczel.exe
RUNNING PROGRAM\sdejidwn.exe
RUNNING PROGRAM\sdofsvot.exe
RUNNING PROGRAM\sdqpkhyv.exe
RUNNING PROGRAM\sjelcvad.exe
RUNNING PROGRAM\sjqlkpup.exe
RUNNING PROGRAM\spaxiroz.exe
RUNNING PROGRAM\svgfopqd.exe
RUNNING PROGRAM\SVIHIRWH.EXE
RUNNING PROGRAM\sxcfobyd.exe
RUNNING PROGRAM\tanavylq.exe
RUNNING PROGRAM\tejcxabw.exe
RUNNING PROGRAM\tujstirs.exe
RUNNING PROGRAM\uhybkxen.exe
RUNNING PROGRAM\ujojubkn.exe
RUNNING PROGRAM\uvkbwfwv.exe
RUNNING PROGRAM\vmtmhuhc.exe
RUNNING PROGRAM\vqrwxqno.exe
RUNNING PROGRAM\wdsjshad.exe
RUNNING PROGRAM\wjalwrgl.exe
RUNNING PROGRAM\ypyrszot.exe
RUNNING PROGRAM\zmlonwlu.exe
RUNNING PROGRAM\zmnezipg.exe
RUNNING PROGRAM\zojipsfi.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.