måndag 22 december 2008

Bediddle Removal (Ta bort)

Här följer en instruktion på engelska hur man får bort bediddle skiten. (Efter önskemål)

The removal process is as follows:

1. Download malwarebytes from an uninfected computer.

2. Put the installation file in a USB flash disk and rename the installation file into setup.exe. The rootkit has its dictionary of security products. This step is necessary to prevent the rootkit from detecting the installation file will be used to extinguish itself.

3. Turn on or reboot the infected computer in normal mode

4. Transfer the file to the infected computer and run the setup file.Note 1: Change the installation folder into something else like Malwar or Malware. Also give different name for the program folder in Start Menu. This is necessary to prevent the recognition from the rootkit dictionary.Note 2:In the last step of installation, make sure to uncheck the launch and database definition update. We will do it later

5. Go to the folder where the program is installed and rename file mbam.exe into something else like mab.exe
6. We will update the database definition of malwarebytes. Click the mab.exe then select “Update” tab. Wait until the app is updated with the latest database.

7. Restart the infected computer in safe modeNote: you can go into safe mode by pressing F8 after the first beep or before the Windows logo appears on your monitor

8. In safe mode, run mab.exe from the app folder and execute the full scan. You will need to wait for 2 or 3 hours or more, depending on the number of files in your drives. The scan should find file TDSSeoqh.dll which is the root source of the infection.

9. After scan finishes, reboot your computer in normal mode.

10. Again, run mab.exe from the app folder and execute full scan. In this step, more trojan files will be found. The removal app will ask you to restart your computer in order to remove the files. However, before you proceed, go to the app folder and rename mab.exe into its original mbam.exe.

11. After restart, you should have been cleaned from the infection. It must be a brighter day. Congrats to yourself.

---------------------------
Bör kanske tilläggas att jag inte kunde uppdatera när min dator var infekterad, men den hittade det den skulle utan uppdateringen.

Den här guiden hittade jag på:
http://tech.amikelive.com/node-144/tdss-trojan-and-bediddle-adware-removal-guide/
L2UA
Upplagd av Glosapi kl. 16:24

Inga kommentarer:

Skicka en kommentar

Prenumerera på: Kommentarer till inlägget (Atom)