Ever heard of a computer Trojan? Just like the original decoy horse that led to the fall of Troy during the Trojan war, a PC Trojan will give hackers and cybercriminals backdoor access to your computer. They can then use this access to do all kinds of nefarious activities, including stealing your credentials, accounts, financial information and loading other malware entities on your computer.
The More_eggs Trojan has been one of the most active viruses in recent years. It is commonly used by the Cobalt Group and the F1N6 cybercriminal groups to deliver ransomware packages to their target computers. It is also sold as a Malware-as-a-Service (MaaS) in the dark web in a scheme that allows anyone to use it as long as its developers get a percentage of the profits following a successful cyberattack.
What Can the More_eggs Malware Do?
The More_eggs malware is a Trojan that allows cybercriminals to achieve various goals on an infected computer. They can delete files and startup entries, download and run portable executables, change Windows settings, and run shell commands. This is done by establishing a connection between a compromised machine and the attacker’s command and control center.
Some of the additional malware entities that are injected via the More_eggs virus include data tracking Trojans that record keystrokes, saved logins/passwords, browsing history, banking details, and other similar personal data.
Other than these capabilities, More_eggs is most often associated with other ransomware strains, with the most prominent being the PureLocker ransomware. This association with the ransomware makes perfect sense for the criminal groups behind the malware as its main goal is to earn money for its creators.
How to Remove the More_eggs Malware
More_eggs is highly sophisticated and evasive and is not easy to remove using conventional means. It is designed to remain undetected in the system for as long as possible. Some of the evasive strategies that it uses include disabling startup items, firewalls, and using harvested credentials for privilege escalation.
This all goes to say that common anti-malware solutions such as free antivirus software won’t be of any help in getting rid of the More_eggs malware from your device. What you need is a premium software such as Outbyte Anti-Malware. You also need to run your computer on Safe Mode for complete removal.
Safe Mode is a very special Windows feature that loads a minimal number of drivers, and Windows services. It does not load any unnecessary items that are set to auto start. Given that this mode supports networking, you can use it to download diagnostic tools such as an anti-malware programs as well a PC repair software.
The easiest way to boot your computer into Safe Mode with Networking is from the Windows 10 login screen. To access this screen, press the Ctrl, Alt and Delete keys to get to the Windows security options, and select Sign out. After successfully signing out, take the following steps:
- Hold the Shift key on your keyboard and click Power > Restart.
- Your device will restart and present the Choose an option screen. Next, select Troubleshoot > Advanced Options > Startup Settings > Restart.
- Once your computer restarts, you will be presented with a screen of various startup options, select Safe Mode with Networking by pressing the F5 key.
Now that you are in Safe Mode with Networking, go ahead and download Outbyte Antivirus and run it. It will do a comprehensive scan of your device and remove all malware entities and their dependencies.
From our experience with computer viruses, we have found it best to compliment the anti-malware software with a PC repair tool. The repair tool works to clear any unnecessary files, folders, and even apps that are taking too much space on your computer. Clearing junk files also eliminates many of the hiding places that the malware uses. Not to mention, the app also repairs broken or corrupt registry entries.
Windows Recovery Options
Using an anti-malware tool is just one of the steps to remove the More _eggs malware. The next stage involves using a Windows recovery tool that lets you remove any problematic apps with the option to save your files.
The first recovery option that we recommend is System Restore. It allows you to undo any changes to the Windows system files past a certain restore point. Thus, if the malware entity was able to mess with your anti-malware protections, including the Windows firewall, all that can be reversed if there is a restore point on your device.
To use the System Restore option, just take the steps outlined earlier. But instead of selecting Startup Settings, select System Restore. All you need to do after that is to select a restore point and follow the on-screen instructions.
Refresh this PC
Normally, System Restore is enough to undo any harmful changes on your computer’s settings and configuration, but it only works if you have a restore point in place. In case you don’t, there is the option to Refresh your PC without affecting your files. To do this, go to Settings > Change PC Settings > Update & Recovery. Under the option to Refresh your PC without affecting your files, select Get started. Unlike System Restore, refreshing your PC might take some time.
How to Avoid the More_eggs Malware
The More_eggs malware is mostly spread through phishing campaigns, so if you could avoid downloading attachments from suspicious emails, you will reduce your risk of infection considerably. Here are some other tips that will keep you safe:
· Scan your computer often
As the case of the More_eggs malware shows, malware entities can disable your antivirus protections. The only way to know that they are down is to constantly check them.
· Clear your computer of important data
If you can, don’t save the login credentials of your bank, workplace, or important accounts on your computer as cybercriminals will scan your computer for such data before doing anything else.
· Back up your files
Find a safe place, preferably the cloud, to store a backup of your most important files. That way, even if a malware was to delete or encrypt them, the loss will be manageable.
· Agree on a common cybersecurity strategy
Finally, if you share your computer with someone else, make sure that you are on the same page when it comes to cybersecurity. It is pointless to do everything right if you cannot trust your partner to do the same.
A Computer Engineer by degree and a writer by profession, Cathy Trimidal writes for Software Tested and Outbyte. For years now, she has contributed articles focusing on the trends in IT, VPN, web apps, SEO, and digital marketing. Although she spends most of her days living in a virtual realm, she still finds time to satisfy her infinite list of interests.