Attempted malware removal (important find), still uncertain if my system is secure now

BCAdmin

Dealing with Malware: My Journey to Quelling “Great Discover” Trojan

In the realm of cybersecurity, encountering malware is an experience no one wants to face. Recently, I had my encounter with a troublesome trojan known as “Great Discover.” It’s been years since I last dealt with malware, and the landscape has evolved tremendously since then. With this blog post, I aim to share my experience and steps taken in hopes that it may guide others facing similar challenges.

The Encounter with Great Discover

This morning, I was caught off guard when a strange program appeared in my system tray. Upon clicking it, a pop-up appeared with instructions on how to uninstall it. However, the process was thwarted by an impossibly tricky captcha—the first sign of its malevolent nature. After a quick search, I learned that this trojan is known for mining cryptocurrency—something I had never encountered before.

Taking Action: My Step-by-Step Approach

  1. Browser Cleanup: The first course of action was to clean my browser. I cleared my entire browser history and reset the settings to default. I also navigated to the extensions tab to eliminate any unfamiliar add-ons that may have sneaked in alongside the malware.

  2. File Removal: Next, I dug deeper into my system files. I explored both C:\Program Files and C:\Program Files (x86) to remove suspicious folders that I did not install myself, including some that had been around for months.

  3. Uninstalling Programs: I headed over to the Control Panel and accessed Programs and Features, where I meticulously scanned for unknown applications and uninstalled anything that raised a red flag.

  4. Comprehensive Scans: To ensure I was free from lingering threats, I downloaded Malwarebytes and performed a thorough scan, which flagged a single threat that I subsequently quarantined and removed. Feeling uncertain, I followed this up with a scan using Kaspersky’s virus removal tool, which returned clean results.

  5. System Check: I opened the Task Manager to check for unusually high resource usage and found no abnormalities. While the initial program had been removed, I noticed some startup programs that had been enabled without my consent.

  6. Investigating Potential Compromise: To further ensure my system’s integrity, I executed a command to analyze my hosts file. Comparing the output with online resources confirmed that my PC had not been compromised

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *