EGDAccess Removal

[chaslang]

This procedure uses Brute Force Uninstaller (from Merijn, the creator of HijackThis) to run a script to aid in the removal of EGDAccess. Lines like the below are typical signs of this malware:

O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1064.dll,InstantAccess


Download Brute Force Uninstaller and unzip it to its own folder (like c:\BFU)

Download the attached ZIP file save it to the same folder you put the Brute Force Installer into. Then extract the EGDACCESS.bfu file from the ZIP into that folder too.

Start the Brute Force Uninstaller by doubleclicking BFU.exe

In the Scriptfile to execute: box copy and paste c:\bfu\EGDACCESS.bfu
The click the Execute button to run the script.

Wait for the Completed script execution box to popup and then press OK.
Click the Exit button to terminate the BFU program.