A Journey to Remove Malware: My Experience with “Great Discover”

Navigating the world of malware can be daunting, especially for those of us who haven’t faced such challenges in years. Today, I want to share my recent experience in dealing with a particularly stubborn malware called “Great Discover.” This post is lengthy, but I hope it provides valuable insights for others in similar situations.

Discovery of Malware

Earlier this morning, I realized my computer was infected with malware. The program that had infiltrated my system was new and unfamiliar, showing up in my system tray. Clicking on it prompted a pop-up with instructions to uninstall it, but to my dismay, it required solving a captcha that was impossible to complete. A quick online search confirmed my fears: this was indeed malware, and specifically, a trojan allegedly used for cryptocurrency mining—something I had little understanding of.

Initial Response

My first course of action was to protect my browser, which started suggesting suspicious extensions. I thoroughly cleared my browser history and reset its settings to default. After cleaning the browser, I navigated to the directories C:\Program Files and C:\Program Files (x86) and manually deleted several random folders I hadn’t created. These included folders purportedly added months prior, which added to my confusion.

Next, I opened the Control Panel and examined the Programs and Features section for unfamiliar software, uninstalling anything that appeared suspicious.

Scanning for Additional Threats

In light of potential additional viruses accompanying the malware, I installed Malwarebytes to perform a full scan of my computer. The initial scan returned one result, which I quarantined and subsequently removed. Running a second scan, I was relieved to find my system clear. However, to further reassure myself, I utilized Kaspersky’s virus removal tool, which also confirmed that my system was safe.

Investigation and Cleanup

After completing these processes, I turned my attention to the task manager to identify any resource-heavy programs running in the background. Fortunately, I didn’t notice anything amiss. Although the initial malware program had vanished, I encountered a minor issue: upon rebooting, applications like Discord and Spotify were launching automatically, despite that setting being disabled.

To ensure better security, I checked the hosts file by entering a specific command in the Run dialog, cross-referencing it with a screenshot to confirm no compromises were present.

Simultaneously, I watched a helpful video tutorial by a YouTuber named