Attempted malware removal (major breakthrough), still uncertain about my security status

BCAdmin1 Comment on Attempted malware removal (major breakthrough), still uncertain about my security status

Battling Malware: My Journey to Remove the “Great Discover” Trojan

Dealing with malware can be a daunting experience, especially when it comes unexpectedly, as it did for me this morning. While it’s been seven years since I last faced a malware issue, I found myself grappling with a trojan called “Great Discover” today. I thought I would share my experience in detail, hoping to provide insights for those who may find themselves in a similar predicament.

First Steps: Recognizing the Threat

My day began with the unsettling discovery of an unfamiliar program running in my system tray. Upon clicking it, I was met with a pop-up providing instructions for removal, which unfortunately queued me into a perplexing captcha challenge that I could not solve. A quick online search revealed that I was indeed confronting a trojan, specifically one used for cryptocurrency mining, a term I was only vaguely familiar with.

Cleaning Up: Initial Measures

Understanding the urgency, I rolled up my sleeves and got to work on a few immediate steps:

  1. Browser Reset: The first thing I did was clear my browser history completely and restore its default settings. I then checked the extensions tab and removed any unfamiliar add-ons that might have come along for the ride.

  2. File Deletion: Next, I delved into the files on my computer’s hard drive, scouring the C:\Program Files and C:\Program Files (x86) directories for folders with random names—potential remnants of the malware.

  3. Uninstalling Suspicious Programs: I then accessed the Control Panel’s Programs and Features section to remove any applications that I couldn’t recall installing.

Scanning for Residual Threats

To cover my bases, I installed Malwarebytes, a reputable antivirus tool, and immediately conducted a scan. It flagged one threat, which I promptly quarantined and deleted. Recalling the need for thoroughness, I ran a secondary scan, which returned a clean slate. For added security, I employed Kaspersky’s virus removal tool for a comprehensive examination, which similarly concluded that my system was clear.

Further Investigations and Verification

Despite the encouraging scan results, I wanted absolute certainty of my system’s health. I opened the Task Manager to check for unusual resource usage and found nothing amiss. While the troublesome program had disappeared, I noted an oddity: post-reboot, apps like Discord and Spotify were launching automatically—something I hadn’t enabled.

To

Share this content:

Related Posts

One Comment

  1. It’s great to hear that you successfully identified and removed the malware. To ensure your system remains secure, consider performing a few additional steps:

    • Run a full system scan with multiple reputable antivirus and anti-malware tools, such as Malwarebytes, Kaspersky, and Windows Defender, for comprehensive coverage.
    • Check your startup programs via Task Manager (Startup tab) or msconfig to disable any unfamiliar applications launching at boot.
    • Verify your browser extensions and reset browser settings again if needed to remove any residual malicious add-ons.
    • Change all important passwords, especially if you suspect malware may have captured credentials, and enable two-factor authentication where possible.
    • Keep your operating system and all software up to date with the latest security patches.
    • Consider setting up regular backups and using a reliable firewall to prevent future infections.

    If suspicious activity continues or you notice unauthorized access, it may be worth consulting with a cybersecurity professional to conduct a thorough system review.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *