Trojan.Proxy-Bunitu

Trojan.Proxy-Bunitu is the code name used by security scanners to specify a family of Trojans that are used to deliver other threats through proxies. Trojan.Proxy-Bunitu variants may be used to deliver threats such as Ukash, Limitail and Neabolsa. The Trojan.Proxy-Bunitu variants use the file HUJIOHU.DLL often and are known to set it for execution on startup via a registry key in Windows. Trojan.Proxy-Bunitu is a relatively old family that could have been compromising systems as far back as Windows 98 and Windows 2000. Variants of Trojan.Proxy-Bunitu may be deployed as attached files to spam, fake pictures and document viewers. Once on your PC, the Trojan.Proxy-Bunitu would create an exception in your Windows Firewall to enable its communication with Command and Control servers. Additionally, the corrupted DLL of Trojan.Proxy-Bunitu may have a random name and may be found to inhabit the hidden AppData folder that stores user-specific program settings to avoid raising suspicion. An interesting trait of the Trojan.Proxy-Bunitu family is that many of them may read your Registry values and delete Registry keys associated with security products to obstruct detection and automated AV mechanisms. Also, as its name suggests, Trojan.Proxy-Bunitu may be used by hackers to connect to the Internet using your PC as a proxy and hide their activities. The Trojan.Proxy-Bunitu malware may cause a decreased system performance, place mutexes to prevent more than one copy from running on your PC and a corrupted SYS file in your Windows installation folder. Therefore, computer users need to incorporate a reputable anti-malware solution in their OS to counter representatives of the Trojan.Proxy-Bunitu family.