Jump to content

"Recommended Update" Virus: I CAN"T KILL IT

iamdarkyoshi
By iamdarkyoshi
in Windows
 Share
Posted

~~~~~~INSTALLING A FRESH WINDOWS COPY ISN'T AN OPTION RIGHT NOW~~~~~~~~~~~~

 

 

This little cUUUUUUUUUUUUUUUnt

ruv.PNG.f3b783a8e3135d7fcfba507e8767e57a.PNG

 

 

What I've done: Update to the latest windows version (Didn't do anything)

 

Run windows defender (Didn't find anything, massive surprise there)

 

Install Malwarebytes (Came back after a month)

 

Install ADWCleaner (Came back after a month)

 

Browse to the EXE responsible for it in task manager (seems to be a windows system program)

ruv2.PNG.74a102772567a7cff9222b7af1267499.PNG

ruv3.PNG.b90d2107735a7829af311d8727193407.PNG

 

I literally haven't installed any software on this laptop other than steam, VLC, chrome, etc. Its been about 4 months since I installed software, but like 2 months since I've been having this fucking popup

 

 

 

There is nothing odd in the program list.

 

 

 

 

I just had it come back in a game of rocket league, and it keeps minimizing the game to open itself. How the hell do I blast its ass off my laptop? I don't visit sketchy sites, I don't spam 'next' when installing programs, and this is the first issue I've had since I built my first PC 5 years ago.

Donate your unused computer resources for cancer and other research. For Zinsey ❤

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Try Avira. 

PSU Nerd | PC Parts Flipper | Cable Management Guru

Helpful Links: PSU Tier List | Why not group reg? | Avoid the EVGA G3

Helios EVO (Main Desktop) Intel Core™ i9-10900KF | 32GB DDR4-3000 | GIGABYTE Z590 AORUS ELITE | GeForce RTX 3060 Ti | NZXT H510 | EVGA G5 650W

 

Delta (Laptop) | Galaxy S21 Ultra | Pacific Spirit XT (Server)

Full Specs

Spoiler

 

Helios EVO (Main):

Intel Core™ i9-10900KF | 32GB G.Skill Ripjaws V / Team T-Force DDR4-3000 | GIGABYTE Z590 AORUS ELITE | MSI GAMING X GeForce RTX 3060 Ti 8GB GPU | NZXT H510 | EVGA G5 650W | MasterLiquid ML240L | 2x 2TB HDD | 256GB SX6000 Pro SSD | 3x Corsair SP120 RGB | Fractal Design Venturi HF-14

 

Pacific Spirit XT - Server

Intel Core™ i7-8700K (Won at LTX, signed by Dennis) | GIGABYTE Z370 AORUS GAMING 5 | 16GB Team Vulcan DDR4-3000 | Intel UrfpsgonHD 630 | Define C TG | Corsair CX450M

 

Delta - Laptop

ASUS TUF Dash F15 - Intel Core™ i7-11370H | 16GB DDR4 | RTX 3060 | 500GB NVMe SSD | 200W Brick | 65W USB-PD Charger

 


 

Intel is bringing DDR4 to the mainstream with the Intel® Core™ i5 6600K and i7 6700K processors. Learn more by clicking the link in the description below.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hey! I actually had the exact (almost) same popup on my laptop. The way to kill it is through task manager. But then it reappears everytime I boot it up.

It's gone now and the answer to the problem is something you wouldn't like but expect: reset Windows

 

btw reinstall and reset isn't the same thing

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

kill it in task manager find it in (Run:msconfig) and disable it then (Run: regedit) find the registry files under user about the app and delete it and install Sophos home scan your computer and it should detect its residue 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, iamdarkyoshi said:

~~~~~~INSTALLING A FRESH WINDOWS COPY ISN'T AN OPTION RIGHT NOW~~~~~~~~~~~~

 

 

This little cUUUUUUUUUUUUUUUnt

ruv.PNG.f3b783a8e3135d7fcfba507e8767e57a.PNG

 

 

What I've done: Update to the latest windows version (Didn't do anything)

 

Run windows defender (Didn't find anything, massive surprise there)

 

Install Malwarebytes (Came back after a month)

 

Install ADWCleaner (Came back after a month)

 

Browse to the EXE responsible for it in task manager (seems to be a windows system program)

ruv2.PNG.74a102772567a7cff9222b7af1267499.PNG

ruv3.PNG.b90d2107735a7829af311d8727193407.PNG

 

I literally haven't installed any software on this laptop other than steam, VLC, chrome, etc. Its been about 4 months since I installed software, but like 2 months since I've been having this fucking popup

 

 

 

There is nothing odd in the program list.

 

 

 

 

I just had it come back in a game of rocket league, and it keeps minimizing the game to open itself. How the hell do I blast its ass off my laptop? I don't visit sketchy sites, I don't spam 'next' when installing programs, and this is the first issue I've had since I built my first PC 5 years ago.

This may sound stupid, but if you have any extensions on your Chrome, linked to your account, and you've been logging in with the same account each time, there may be something attached to the account itself. Check your extensions, and make sure there isn't anything there. I had a similar problem myself once before, and by deleting the extension, it all went away. I also fixed a friend's computer which had the same issue, so it isn't totally unheard of.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
21 minutes ago, iamdarkyoshi said:

~~~~~~INSTALLING A FRESH WINDOWS COPY ISN'T AN OPTION RIGHT NOW~~~~~~~~~~~~

 

 

This little cUUUUUUUUUUUUUUUnt

ruv.PNG.f3b783a8e3135d7fcfba507e8767e57a.PNG

 

 

What I've done: Update to the latest windows version (Didn't do anything)

 

Run windows defender (Didn't find anything, massive surprise there)

 

Install Malwarebytes (Came back after a month)

 

Install ADWCleaner (Came back after a month)

 

Browse to the EXE responsible for it in task manager (seems to be a windows system program)

ruv2.PNG.74a102772567a7cff9222b7af1267499.PNG

ruv3.PNG.b90d2107735a7829af311d8727193407.PNG

 

I literally haven't installed any software on this laptop other than steam, VLC, chrome, etc. Its been about 4 months since I installed software, but like 2 months since I've been having this fucking popup

 

 

 

There is nothing odd in the program list.

 

 

 

 

I just had it come back in a game of rocket league, and it keeps minimizing the game to open itself. How the hell do I blast its ass off my laptop? I don't visit sketchy sites, I don't spam 'next' when installing programs, and this is the first issue I've had since I built my first PC 5 years ago.

if you can find the file and are having problems deleting install file assassin from Malwarebytes 

Victor F. 

My hobbies include: machining, electronics, radiation, and guns

DESKTOP: CPU: Ryzen 5 3600  Motherboard: Asus ROG B550-I RAM: Corsair Vegenence DDR4-3000 SSD: Samsung 970 Pro GPU: MSI GTX1070 Ti Titanium CASE: NZXT H1

LAPTOP: Apple MacBook Pro i7, 16gb ram, 256gb ssd. (2018 model) 

CAMERA: Panasonic Lumix G85

PHONE: iPhone 7 

DRONE: Dji Mavic Pro

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
20 minutes ago, iamdarkyoshi said:

What I've done: Update to the latest windows version (Didn't do anything)

 

Run windows defender (Didn't find anything, massive surprise there)

 

Install Malwarebytes (Came back after a month)

 

Install ADWCleaner (Came back after a month)

 

Browse to the EXE responsible for it in task manager (seems to be a windows system program)

Try this https://technet.microsoft.com/en-us/sysinternals/bb896653

 

Then any of these two [here and here], or if you want you can try Norton Power Eraser (might lead to false positives though). You can also try to Reset your PC without removing your files:

 

Start>Settings>Update and Security>Recovery>Advanced Startup

 

If those still doesn't work, you might need to reformat your PC.

 

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
22 minutes ago, Thatruriddler said:

This may sound stupid, but if you have any extensions on your Chrome, linked to your account, and you've been logging in with the same account each time, there may be something attached to the account itself. Check your extensions, and make sure there isn't anything there. I had a similar problem myself once before, and by deleting the extension, it all went away. I also fixed a friend's computer which had the same issue, so it isn't totally unheard of.

ADW CLEANER TO THE RESCUE! 

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Cleans out all the crap stuff from your browser, registries, shortcuts, and much more! : D

 

Want to know which mobo to get?

Spoiler

Choose whatever you need. Any more, you're wasting your money. Any less, and you don't get the features you need.

 

Only you know what you need to do with your computer, so nobody's really qualified to answer this question except for you.

 

chEcK iNsidE sPoilEr fOr a tREat!

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

something could be sitting in your services. even if you uninstall it, delete it, rename it, the service probably starts up with windows and redownloads the virus. you might have to delete the service entry from the registry so it'll go away from the services list. probably sitting somewhere in %appdata% as well, look for any suspicious folders in there and delete them, probably in safe mode.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I'd suggest getting rid of it with the programs that did detect it and also either disable or wipe out all the system restore points since it might be that it's hiding in there and restoring itself a while (also it's likely that it's using that process (which is a legit program) is being used by the virus to generate the window).

 

If all things fail, then the only thing you can do is break out the tactical formatting nuke and starting from scratch with a clean OS plate.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If it returned after being removed, there's probably something else in your PC.  Deleting it MAY help with some viruses, but often it can come back or something else could still be lingering in there and collecting your passwords or keystrokes. 

That's why with a virus there is only one correct action : format the PC and restore your data from backups.  Rolling back to an earlier restore point or refreshing Windows may not help.  If Windows doesn't recognize the malware or if it is outside the usual locations, it often ignores it during the rollback which means it persists. 

 

Don't bother wasting your time on keeping this install rolling, just wipe it.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×