I accidentally downloaded and ran a game bypass tool for Ubisoft and Rockstar from GitHub. It worked for the game, but then Windows Defender detected some threats. After clicking 'Start actions' to remove them, I ran a full scan with Malwarebytes, which reported no threats. Yet, I noticed a weird startup item in Task Manager with a suspicious path that's still there even after I tried to delete it and reset my PC twice using the 'Remove everything' and 'Cloud download' options. Now the same startup item reappears! Plus, I've got an issue where my PIN is unavailable and Wi-Fi disappears until a restart. I only backed up my pictures before the resets – no executable files or installers. My scans are clean yet I'm really worried about this persistent startup entry. Is it malware or a rootkit? How can it survive full resets? Can I safely restore my pictures? Should I consider a full wipe with a USB installer? Any advice would be appreciated!
2 Answers
It sounds like a tricky situation. Just remember that resetting your PC doesn’t format your drive, so any persistent malware might still stick around after a reset. If you haven't done so already, a complete format and a fresh install of Windows would be the safest way to ensure you're completely clean. Even if it seems like a lot of work, it beats risking your data. Be cautious restoring anything if you're not sure about the malware!
That startup entry sounds suspicious for sure! Tools like the one you downloaded can sometimes trigger false positives, but they can also hide real threats. If Malwarebytes and Defender aren’t catching anything, it might be worth looking deeper with a specialized tool like ADwCleaner or FRST. If those don’t help, a fresh install is probably your best bet.
What if I can't back up everything? Do I still need to format?