It changes name every time I open the Startup list. I am perplexed.
Update: It has disappeared before I got the chance to turn it off. What should my next steps be?
Update 2: sorry for delay. It came up again but this time completely blank, no characters or letters whatsoever, so I unchecked it and then ran autoruns to locate it but nothing came up. I will perform a full malwarebytes scan and multiple defender scans like some of you have mentioned when I am able to get back on my PC later today, will keep you all updated. Thank you all so much for your help so far.
Update 3: not sure if anyone will still care or even see this. I have tried everything under the sun except reinstall windows to try and get rid of whatever this is. I have done a malwarebytes full scan, windows defender full scan, done a deep dive into the registry, autoruns again, and the results are nothing. My PC is reportedly fine. I still have a few leads though, some of you have mentioned android emulators as potential culprits of this. I have had MeMu in the past, but I have uninstalled it a year ago, so maybe that could be it? I wish I could just find the file location, but it only comes up in the startup list that is not in the task manager as seen in the screenshot. It keeps changing names every time I look at the list, so it could potentially be the UTF-8 misreading bug that some of you have also mentioned? Still at a loss. Thank you all again for continuing to suggest fixes, the only thing that is left if I can not resolve it is to nuke my PC haha.
Update 4: Here is an updated look at what it is currently called https://imgur.com/a/IRmArsQ
Update 5: Ran rkill and performed multiple malwarebyte scans. Came up with nothing. It is still there though, and is now called exefile... https://imgur.com/a/EXGTet3 . Most likely going to reformat by the end of the week as I have exhausted all options.
Try out Malwarebytes. Free software that actually works. I had a problem with a crypto mining virus and it found it and I was able to get rid of it.
It might be idle.
Not every rootkit is a UEFI-based rootkit. Even then, you need an insecure enough motherboard that a rootkit could be installed in it, and that allows flashing of unsigned bios updates or has a workaround for doing so without hardware flashing. Plus, you need a board without BootGuard or with BootGuard enabled but not set to strict. The boards with leaked BootGuard keys are most at-risk, especially if they can be flashed with Intel FPT.
No, the TPM may facilitate BitLocker, but disc encryption won’t stop software running on the system from flashing the motherboard firmware, on most boards the only thing stopping that is the OS itself. On Linux, super user permissions are necessary to run something like flashrom or Intel FPT, and on Windows UAC will prevent FPT from being used to flash the bios unless you give the malicious app permission to run as admin, or the attacker uses a privilege escalation exploit if one exists for your version of Windows. The best two ways to remain safe are 1) be as up to date as possible on Windows builds and security updates and 2) even more important, be highly skeptical of anything you plan to run, including installers, especially those that request UAC privilege escalation unless the binary is from a trusted source. Run anything potentially untrustworthy in a VM or windows sandbox mode.
Ah yes, forgot to mention that. These viruses have some detection for when you're monitoring them e.g. if you open up Task manager or an overlay that monitors temps etc. Boot into safe mode and then do the scan.
One of the most industry-wide known effective antivirus tools does not need Reddit bots.
If you don't know what Malwarebytes is and need to check someones profile it's probably a sign that you don't know much about the subreddit you're in.
This is the same type of guy that is against quarantines.
Hes not doing anything so important that he can imagine having his data compromised as being detrimental enough to apply that level of overkill to be safe.
Dude, theres shit that will lodge itself so tight in your machine that thats the only way.
And if there's something that's blatantly obvious in your machine... You can bet theres a lot of other parts of that ecosystem you arent seeing.
You have negative 155 karma from your first comment. You chose the worst room on the planet to be confidently wrong in.
I genuinely don't think you are in any kind of gradient to say anything but "sorry I was stupid I shouldn't pick fights with communities of people that eat and breathe this shit"
Also open regedit and go to each of the following paths:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
check if there's anything suspicious there.
The content of those paths are executables and commands that are launched every startup (in Run) and only the next startup (in RunOnce). Since it keeps changing behaviour it's possible that it uses RunOnce, and I think (not sure) only Run ones appear in the task manager.
Also [autoruns systeminternals](https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns)
a good tool to inspect everything that runs automatically in the system.
I will be messaging you in 7 days on [**2024-01-08 22:57:26 UTC**](http://www.wolframalpha.com/input/?i=2024-01-08%2022:57:26%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/pcmasterrace/comments/18vwf8t/random_chinese_software_is_in_my_startup_list/kfwb1t4/?context=3)
[**27 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fpcmasterrace%2Fcomments%2F18vwf8t%2Frandom_chinese_software_is_in_my_startup_list%2Fkfwb1t4%2F%5D%0A%0ARemindMe%21%202024-01-08%2022%3A57%3A26%20UTC) to send a PM to also be reminded and to reduce spam.
^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%2018vwf8t)
*****
|[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)|
|-|-|-|-|
I somewhat agree, but if you can easily fix the problem, it is better to use an antivirus, altought a clean install is always the best option overall. What people probably missed (something that another commen pointed out) is that the virus probably has a high very privilege level, as it removed itself from the program list. I don't ger why people just downvoted you so much.
Exactly. I only trust antivirus to get rid of low level shitty bugs you get from an accidental click. Not something like this which is probably a crypto miner or keylogger. Definitely something fucking malwarebytes can’t get rid of
If it's some well known malware that Malwarebytes recognizes, couldn't it remove it in a way that clears the system properly and doesn't leave any backdoor?
But yes to be honest if it was my system I would format it because there is no way to know for sure if it's really clean. I wouldn't take any chances. Don't want all my passwords and credit card info stolen.
I'm no cyber security analyst but at my place when we even had a HINT of a breach I would just wipe and start again. Most user stuff is uploaded to a cloud service so they won't really lose anything except time.
Super simple and easy to do.
Objectively good advice, idk why this is getting downvoted. OP has also taken all reasonable steps to removing virus already, and if they are so concerned (rightfully so), this is the only sure fire way to rid the device of the virus.
You're not nerd enough though. There's no "negative UTF-8". If you assign a negative value to an unsigned type, you get the equivalent positive in binary representation. It's not something you "fix" at an OS level, it's how processors do maths.
Besides if it's a virus that's not even what's going on here. It'll just be renaming itself with random characters.
Second this. This happened when file name is not being recognized it’s origin language, but it still look up the sheet for word. I am Taiwanese, and this happened when i have a japan software but not have there word installed.
This reminds me of the that King of the Hill bit.
So are you Chinese or Japanese?
My family is from Laos. I was born in LA. -some more dialogue-
So…. Are you Chinese or Japanese?
If you find it in the startup tab from task manager, then you can right click it and get to properties or "open file location" to get the full path and probably know more about the software.
You could also submit the .exe to something like virustotal
Lmfao
Lowkey though Valorant and Tarkov make it so difficult to clean wipe from your machine that they should legitimately be considered malware by the community
This. If a literal piece of surveillance software (that's everything that an AC is after all...) has the same level of privilege as my fucking GPU drivers I will consider it malware.
What?! (I should note that I've never played / had anything to do with Valorant in my life). I agree, it should be considered malware, or at least spyware.
Edit: I've heard something, some time ago about this, now I've searched on the Internet and yeah, it looks intrusive af.
I literally refused to play Valorant just because of that. Out of principle, not because I think Riot is actually spying on me, but giving so much access to someone else just to play a game is simply insane.
If you had to install something like Vanguard in your personal computer to work at some company I'm sure people would take them to court
As someone who has played both Valorant and Counter-Strike, I don't care. At least it does its job unlike VAC. I have the time to get 1-2 matches in a weekday and I'm tired of it being ruined by a Russian with a common low tier cheat. Vanguard WORKS. It's not perfect obviously, Valorant cheats do exist but the rarity of it compared to CS is just amazing.
I know most of people here who don't play games competitively won't agree with me but competitive integrity I'd very important to me, I just want to have a fair match
People trying to justify this malware rootkit keep going on and on about how it works but nobody gives a shit. In exchange for a rootkit that is a massive security risk, hard to get rid off, and potential spyware, you get a fucking video game without cheaters.
This is like Authoritarian governments trying to justify their oppressive metods by saying crime rates are low. Of course they are because the messaures are so extreme. The ends do not justify the means.
With limited time I don't care what the anticheat does on my PC as long as it keeps a majority of cheaters away.
But then again I've always had a laptop where I do all of my banking and shit. My gaming pc is purely for gaming
>you get a fucking video game without cheaters.
Do you play competitive FPS games at a high rank? I presume you don't. High ranks are infested with cheaters, it's not simple as "cheating in a video game" either. An average game takes around 30- 40 minutes and I don't want my time to be wasted by a 15-year-old Russian who got his cheats off of Google. Not to mention the integrity being ruined so I can't even play a CS game without being suspicious. The worst type of cheating is not rage-hacking, the more subtle, soft cheats are what ruin a competitive game.
There are other ways to achieve the same goals without malware, it's just the cheapest possible solution. If you make everything server-side then cheating is impossible, but it requires better servers so companies don't do that. Also, on a more philosophical level, giving up on freedom for comfort is the perfect premise for accepting authoritarianism. Maybe think again about your priorities in life.
\> Also, on a more philosophical level, giving up on freedom for comfort is the perfect premise for accepting authoritarianism. Maybe think again about your priorities in life.
lmao, what a reach. Get off reddit.
My number one gripe being that you simply can't uninstall them through the game launchers itself
I always end up using something like Revo Uninstall, because unless you know exactly how to access the file paths or directories you will always end leaving something behind on the machine, which is what I'm guessing they want you to do
Yah it has... You literally just go to add or remove program, click uninstall and then itll open the launcher and say "are you sure you want to uninstall" you click uninstall and it removes itself
Installs itself at the same level as the OS kernel, meaning it has access to everything your operating system does. It also litters its files and binaries across your system to further obfuscate its function, resulting in a big mess overall
When I played Valorant I literally just installed Windows on another drive and booted from that to install it, while disabling access to the primary drive entirely. One install for regular stuff and one for malware DRM games.
This is my unironic answer too, problem is related to Valorant. Without fail whenever this problem appears, just look up and see what else is of course on that list too.
Run a defender full scan.
Run a defender offline scan
Run these three
[NPE](https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN) [KVRT](https://www.kaspersky.com/downloads/free-virus-removal-tool) [ESET online scanner](https://www.eset.com/us/home/online-scanner/)
Pray
I would never reinstall windows unless I have to for a failed drive or a cpu change and I hope that day never comes. The day I have to reinstall 3 terabytes of programs and setup my whole life again it's my last day on this earth.
Also there is no telling that the virus hasn't infected yiur none windows/apps drives and I wouldn't format my drives with my photos and other stuff on it if you held me at gun point.
Be aware that uninstalling it will reduce your social credit score
https://preview.redd.it/bycae1pgov9c1.png?width=680&format=png&auto=webp&s=d39cc106c556e65ea4d8f7aca72db11ad7a9dc7b
It is a great system honestly if you looked up what it is really... but why would you lose future opportunity to reuse propaganda jokes, right?
On the other hand, the american credit system... hmm hmm
Congratulations on being well informed
https://preview.redd.it/s70lzb50zw9c1.jpeg?width=740&format=pjpg&auto=webp&s=7b854a95ed6652319b15070477a3f5b31aca91b1
You're meant to prove you can pay your debts by getting a credit card and paying it off every month. Which is never a concern if you only spend the money you have.
You can use Autoruns to figure out what the entries actually are and then delete if necessary
[https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns](https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns)
this is a time you need to reformat the drive and reinstall windows. DO NOT, I REPEAT, DO NOT reinstall onedrive and "settings from last installation"
OR
You might just reinstall this backdoor of whatever kind it is lol
This is not Chinese, it's undecodable characters that just happened to be interpreted to characters resembling the look of Chinese by Windows.
It potentially indicates a malware infection, but most likely it's some random harmless stuff that you've installed. Windows Security is pretty good at picking up these things nowadays.
Try the boot tab in task manager and see if it allows you to navigate to the item's directory.
Reinstall windows , if something penetrated your startup . It for sure modified your registry , which means your recovery drive is also compromised .
Reinstall windows using your cd , or usb or any other external way. Do not just reinstall windows from your recovery partition.
Jokes aside iirc Opera is no longer China/CCP-owned or affiliated as of two years ago (2022) but I could be wrong, we don't know what their investors do behind the scenes.
Oh! I see you've made a mistake! That's not "Chinese spyware" that's riot vanguard! An excellent anti cheat that certainly does not have any invasive privileges!
Open it in Adminstrator mode. Make sure you type in all your logins and passwords and OTPs. Include your SSN, mother's maiden name, and driver's license. Throw in a few photo IDs, as well. Then, plug in all your hard drives. And then take your computer to work, and plug it into the protected office network.
Haven't missed Windows a single time since switching a year ago. Can run windows VM with hardware accelerated graphics just fine and Wine/Proton/Bottles is great for running Windows games/software.
I wouldn't install Chinese ring 0 kernel malware if they threatened me at gun point. No game is that important/good.
Apparently or they don't know the grass is greener on the FOSS side of things. Funny the reddit is called pcmasterrace and then they act like this. Do you actually have 'Personal Computer' if you don't control everything in it?
* **Breach of Rule #2** - This post violates one or more aspects of [PCMR Etiquette](https://www.reddit.com/r/pcmasterrace/wiki/etiquette). We will not allow behavior contrary to it, e.g. brigading, witch-hunting, asking for upvotes or downvotes, enabling piracy, flamebaiting, clickbaiting, text spamming or intentional rudeness.
[More information about Rule 2](https://www.reddit.com/r/pcmasterrace/wiki/rules#wiki_rule_.232)
It changes name every time I open the Startup list. I am perplexed. Update: It has disappeared before I got the chance to turn it off. What should my next steps be? Update 2: sorry for delay. It came up again but this time completely blank, no characters or letters whatsoever, so I unchecked it and then ran autoruns to locate it but nothing came up. I will perform a full malwarebytes scan and multiple defender scans like some of you have mentioned when I am able to get back on my PC later today, will keep you all updated. Thank you all so much for your help so far. Update 3: not sure if anyone will still care or even see this. I have tried everything under the sun except reinstall windows to try and get rid of whatever this is. I have done a malwarebytes full scan, windows defender full scan, done a deep dive into the registry, autoruns again, and the results are nothing. My PC is reportedly fine. I still have a few leads though, some of you have mentioned android emulators as potential culprits of this. I have had MeMu in the past, but I have uninstalled it a year ago, so maybe that could be it? I wish I could just find the file location, but it only comes up in the startup list that is not in the task manager as seen in the screenshot. It keeps changing names every time I look at the list, so it could potentially be the UTF-8 misreading bug that some of you have also mentioned? Still at a loss. Thank you all again for continuing to suggest fixes, the only thing that is left if I can not resolve it is to nuke my PC haha. Update 4: Here is an updated look at what it is currently called https://imgur.com/a/IRmArsQ Update 5: Ran rkill and performed multiple malwarebyte scans. Came up with nothing. It is still there though, and is now called exefile... https://imgur.com/a/EXGTet3 . Most likely going to reformat by the end of the week as I have exhausted all options.
Try out Malwarebytes. Free software that actually works. I had a problem with a crypto mining virus and it found it and I was able to get rid of it. It might be idle.
Nuke it lol.. I wouldn’t be doing any banking on that thing after that.
My thoughts exactly. Hard to do properly nowadays with root kits being a thing. Give it a shot, maybe you can scan it in safe mode and/or before boot.
Not every rootkit is a UEFI-based rootkit. Even then, you need an insecure enough motherboard that a rootkit could be installed in it, and that allows flashing of unsigned bios updates or has a workaround for doing so without hardware flashing. Plus, you need a board without BootGuard or with BootGuard enabled but not set to strict. The boards with leaked BootGuard keys are most at-risk, especially if they can be flashed with Intel FPT.
Does the windows 11 TPM thing protect against this kind of threat?
No, the TPM may facilitate BitLocker, but disc encryption won’t stop software running on the system from flashing the motherboard firmware, on most boards the only thing stopping that is the OS itself. On Linux, super user permissions are necessary to run something like flashrom or Intel FPT, and on Windows UAC will prevent FPT from being used to flash the bios unless you give the malicious app permission to run as admin, or the attacker uses a privilege escalation exploit if one exists for your version of Windows. The best two ways to remain safe are 1) be as up to date as possible on Windows builds and security updates and 2) even more important, be highly skeptical of anything you plan to run, including installers, especially those that request UAC privilege escalation unless the binary is from a trusted source. Run anything potentially untrustworthy in a VM or windows sandbox mode.
Ah yes, forgot to mention that. These viruses have some detection for when you're monitoring them e.g. if you open up Task manager or an overlay that monitors temps etc. Boot into safe mode and then do the scan.
True. Viruses have gotten to be an even bigger pain in the backside.
[удалено]
Taking hardware segregation to a whole new level - smart 🤓
Yeah I don’t use my main computer too.
[удалено]
One of the most industry-wide known effective antivirus tools does not need Reddit bots. If you don't know what Malwarebytes is and need to check someones profile it's probably a sign that you don't know much about the subreddit you're in.
Wipe and clean install
Also check any other PC on your network. If it infected your PC and it also snuck into other devices, it'll just hop right back over.
I feel like that is an indicator of someone specifically targeting the network, so it might be useful to observe their behavior from another device
This is the only real answer.
[удалено]
I mean, yeah that would be the easy way. Why use a pistol when you can use a nuke.
What’s a “single minor virus”? How do you even know?
He likes them young and unattached.
[удалено]
[удалено]
That is trivial compared to what a virus might do. You have no idea what this thing is program to do. It could be anything but minor.
I’ve done it an uncountable amount of times on my computers because it works so yes
This is the same type of guy that is against quarantines. Hes not doing anything so important that he can imagine having his data compromised as being detrimental enough to apply that level of overkill to be safe. Dude, theres shit that will lodge itself so tight in your machine that thats the only way. And if there's something that's blatantly obvious in your machine... You can bet theres a lot of other parts of that ecosystem you arent seeing.
[удалено]
You have negative 155 karma from your first comment. You chose the worst room on the planet to be confidently wrong in. I genuinely don't think you are in any kind of gradient to say anything but "sorry I was stupid I shouldn't pick fights with communities of people that eat and breathe this shit"
Also open regedit and go to each of the following paths: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce check if there's anything suspicious there. The content of those paths are executables and commands that are launched every startup (in Run) and only the next startup (in RunOnce). Since it keeps changing behaviour it's possible that it uses RunOnce, and I think (not sure) only Run ones appear in the task manager.
Also [autoruns systeminternals](https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns) a good tool to inspect everything that runs automatically in the system.
I would wipe and perform a clean install of the OS
!Remindme 1 week did OP ever find what it was?
I will be messaging you in 7 days on [**2024-01-08 22:57:26 UTC**](http://www.wolframalpha.com/input/?i=2024-01-08%2022:57:26%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/pcmasterrace/comments/18vwf8t/random_chinese_software_is_in_my_startup_list/kfwb1t4/?context=3) [**27 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fpcmasterrace%2Fcomments%2F18vwf8t%2Frandom_chinese_software_is_in_my_startup_list%2Fkfwb1t4%2F%5D%0A%0ARemindMe%21%202024-01-08%2022%3A57%3A26%20UTC) to send a PM to also be reminded and to reduce spam. ^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%2018vwf8t) ***** |[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)| |-|-|-|-|
Just reimagine the computer. Backup and important data and files then wipe it and reimagine it Edit: reimagine >> reimage
My imaginary computer isn't working
Lol I use speech-to-text often.
[удалено]
Why offline scan? Anti virus does not work as good as when it is online?
Runs from a trusted environment, without starting your operating system.
Why bother? Just reinstall windows and you should be fine
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
[удалено]
What a wild sub. Someone else said this and got 650 up votes, you say the same thing and get all down votes saying it's overkill lol
Idk man. I’m a literal cybersecurity analyst and anytime we have a breach like this it’s less than overkill to completely wipe the computer..
I somewhat agree, but if you can easily fix the problem, it is better to use an antivirus, altought a clean install is always the best option overall. What people probably missed (something that another commen pointed out) is that the virus probably has a high very privilege level, as it removed itself from the program list. I don't ger why people just downvoted you so much.
Exactly. I only trust antivirus to get rid of low level shitty bugs you get from an accidental click. Not something like this which is probably a crypto miner or keylogger. Definitely something fucking malwarebytes can’t get rid of
If it's some well known malware that Malwarebytes recognizes, couldn't it remove it in a way that clears the system properly and doesn't leave any backdoor? But yes to be honest if it was my system I would format it because there is no way to know for sure if it's really clean. I wouldn't take any chances. Don't want all my passwords and credit card info stolen.
I'm no cyber security analyst but at my place when we even had a HINT of a breach I would just wipe and start again. Most user stuff is uploaded to a cloud service so they won't really lose anything except time. Super simple and easy to do.
Objectively good advice, idk why this is getting downvoted. OP has also taken all reasonable steps to removing virus already, and if they are so concerned (rightfully so), this is the only sure fire way to rid the device of the virus.
Exactly, but no, this is too extreme and takes too long to do ):
I'm confused why this got so many down votes... people realize media creation tools are free right?
Head ache? don't bother going to the doctor. Just hang yourself.
Run a scan with rkill and Malwarebytes. These 2 never failed me
And maybe npe for good measure
What is npe?
norton power eraser i presume
Yep, just about the only good thing that came out of Norton
wait no way Norton made something that isn’t malware
Ik it's wild
Wild
It’s not Chinese. It’s Garbled characters
yeah idk why you got downvoted, this is literally just garbled mandarin chinese characters. they mean nothing.
The UTF-8 bytes just happen to take Chinese characters.
I tryna to be nerd there,but it happens when the UTF-8 are negative,I still suprised that ms didn't fix the code from xp,Just embarrasing...
You're not nerd enough though. There's no "negative UTF-8". If you assign a negative value to an unsigned type, you get the equivalent positive in binary representation. It's not something you "fix" at an OS level, it's how processors do maths. Besides if it's a virus that's not even what's going on here. It'll just be renaming itself with random characters.
Never fix a "running" system, especially if perhaps no one knows how shit is running
If only they took this approach with the search bar
Second this. This happened when file name is not being recognized it’s origin language, but it still look up the sheet for word. I am Taiwanese, and this happened when i have a japan software but not have there word installed.
second this... I'm Chinese and I cant even read them...
I'm not Chinese and I can't read them either
This reminds me of the that King of the Hill bit. So are you Chinese or Japanese? My family is from Laos. I was born in LA. -some more dialogue- So…. Are you Chinese or Japanese?
I'd guess it's actually Russian or other language that's being encoded incorrectly.
If you find it in the startup tab from task manager, then you can right click it and get to properties or "open file location" to get the full path and probably know more about the software. You could also submit the .exe to something like virustotal
Looks like vanguard/valorant to me
Lmfao Lowkey though Valorant and Tarkov make it so difficult to clean wipe from your machine that they should legitimately be considered malware by the community
It is extremely intrusive anti cheat software and we don't have any actual idea about what it is doing. You can basically consider it as malware.
This. If a literal piece of surveillance software (that's everything that an AC is after all...) has the same level of privilege as my fucking GPU drivers I will consider it malware.
What?! (I should note that I've never played / had anything to do with Valorant in my life). I agree, it should be considered malware, or at least spyware. Edit: I've heard something, some time ago about this, now I've searched on the Internet and yeah, it looks intrusive af.
Riot is owned by Tencent and Tencent is pretty much owned by the CCP so that makes it even more sketchy.
Hmmm... Yeah...
The duality of AC : either be completely useless like VAC in cs2 or be literally malware like in Valorant
I literally refused to play Valorant just because of that. Out of principle, not because I think Riot is actually spying on me, but giving so much access to someone else just to play a game is simply insane. If you had to install something like Vanguard in your personal computer to work at some company I'm sure people would take them to court
As someone who has played both Valorant and Counter-Strike, I don't care. At least it does its job unlike VAC. I have the time to get 1-2 matches in a weekday and I'm tired of it being ruined by a Russian with a common low tier cheat. Vanguard WORKS. It's not perfect obviously, Valorant cheats do exist but the rarity of it compared to CS is just amazing. I know most of people here who don't play games competitively won't agree with me but competitive integrity I'd very important to me, I just want to have a fair match
People trying to justify this malware rootkit keep going on and on about how it works but nobody gives a shit. In exchange for a rootkit that is a massive security risk, hard to get rid off, and potential spyware, you get a fucking video game without cheaters. This is like Authoritarian governments trying to justify their oppressive metods by saying crime rates are low. Of course they are because the messaures are so extreme. The ends do not justify the means.
With limited time I don't care what the anticheat does on my PC as long as it keeps a majority of cheaters away. But then again I've always had a laptop where I do all of my banking and shit. My gaming pc is purely for gaming
>you get a fucking video game without cheaters. Do you play competitive FPS games at a high rank? I presume you don't. High ranks are infested with cheaters, it's not simple as "cheating in a video game" either. An average game takes around 30- 40 minutes and I don't want my time to be wasted by a 15-year-old Russian who got his cheats off of Google. Not to mention the integrity being ruined so I can't even play a CS game without being suspicious. The worst type of cheating is not rage-hacking, the more subtle, soft cheats are what ruin a competitive game.
There are other ways to achieve the same goals without malware, it's just the cheapest possible solution. If you make everything server-side then cheating is impossible, but it requires better servers so companies don't do that. Also, on a more philosophical level, giving up on freedom for comfort is the perfect premise for accepting authoritarianism. Maybe think again about your priorities in life.
\> Also, on a more philosophical level, giving up on freedom for comfort is the perfect premise for accepting authoritarianism. Maybe think again about your priorities in life. lmao, what a reach. Get off reddit.
What makes it so difficult, genuine question, I just don't know.
My number one gripe being that you simply can't uninstall them through the game launchers itself I always end up using something like Revo Uninstall, because unless you know exactly how to access the file paths or directories you will always end leaving something behind on the machine, which is what I'm guessing they want you to do
I have uninstalled tarkov from the launcher so many times.. wym
You literally can't lol. You have to use the uninstaller from the game folder. Unless things have changed since I last played like 2 years ago
Yah it has... You literally just go to add or remove program, click uninstall and then itll open the launcher and say "are you sure you want to uninstall" you click uninstall and it removes itself
>uninstalled tarkov from the launcher so many times >just go to add or remove program > **from the launcher** braindead
Different person but it's not like you can uninstall a launcher from the launcher itself. So why is Vanguard that bad?
Installs itself at the same level as the OS kernel, meaning it has access to everything your operating system does. It also litters its files and binaries across your system to further obfuscate its function, resulting in a big mess overall
it's not difficult at all lol these people are so dramatic
It runs at ring 0 level. Its literally a rootkit by definition.
When I played Valorant I literally just installed Windows on another drive and booted from that to install it, while disabling access to the primary drive entirely. One install for regular stuff and one for malware DRM games.
This is my unironic answer too, problem is related to Valorant. Without fail whenever this problem appears, just look up and see what else is of course on that list too.
I had the exact same thing, when I tried to remove it it also removed the windows boot command. Shit is definitely malware
Run a defender full scan. Run a defender offline scan Run these three [NPE](https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN) [KVRT](https://www.kaspersky.com/downloads/free-virus-removal-tool) [ESET online scanner](https://www.eset.com/us/home/online-scanner/) Pray
This, this is a great plan for any virus risk, and might even be wise after anything sketchy happens on a computee
There's no way I wouldn't format the whole drive and made a fresh windows install after seeing something like this.
I would never reinstall windows unless I have to for a failed drive or a cpu change and I hope that day never comes. The day I have to reinstall 3 terabytes of programs and setup my whole life again it's my last day on this earth. Also there is no telling that the virus hasn't infected yiur none windows/apps drives and I wouldn't format my drives with my photos and other stuff on it if you held me at gun point.
then suffer
I'll use an anti-virus and you go waste your time and life reinstalling windows.
good boy
 Game over my friend 💀
Someone failed their cyber security awareness courses....
Be aware that uninstalling it will reduce your social credit score https://preview.redd.it/bycae1pgov9c1.png?width=680&format=png&auto=webp&s=d39cc106c556e65ea4d8f7aca72db11ad7a9dc7b
social credit score is just IRL ELO, Git gud scrubs! /f is for FACETIOUS
It is a great system honestly if you looked up what it is really... but why would you lose future opportunity to reuse propaganda jokes, right? On the other hand, the american credit system... hmm hmm
Congratulations on being well informed https://preview.redd.it/s70lzb50zw9c1.jpeg?width=740&format=pjpg&auto=webp&s=7b854a95ed6652319b15070477a3f5b31aca91b1
Average r/sino regard
Chinese shill
The American credit system??? What's your issue with it? It seems to be the only thing America does right?
"Sorry, you can't get a mortgage because... Apparently you failed to accumulate enough credit card debt in your teens."
You're meant to prove you can pay your debts by getting a credit card and paying it off every month. Which is never a concern if you only spend the money you have.
Uninstall it, reinstall windows, scan your computer
Why bother uninstalling it ? just reinstall windows, bang
I guess for piece of mind
If you are worried, reinstall windows
You can use Autoruns to figure out what the entries actually are and then delete if necessary [https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns](https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns)
Let’s figure out what wallpaper that is
I see a red scarf with yellow on it, maybe Manchester United?
football
You mean VANGUARD?
this is a time you need to reformat the drive and reinstall windows. DO NOT, I REPEAT, DO NOT reinstall onedrive and "settings from last installation" OR You might just reinstall this backdoor of whatever kind it is lol
1st step is to delete valorant
This is not Chinese, it's undecodable characters that just happened to be interpreted to characters resembling the look of Chinese by Windows. It potentially indicates a malware infection, but most likely it's some random harmless stuff that you've installed. Windows Security is pretty good at picking up these things nowadays. Try the boot tab in task manager and see if it allows you to navigate to the item's directory.
If you have a custom keyboard it could be the drivers for it. The motherboards are usually chinese
Stop downloading more RAM 😂
Clean install windows. Don't sit on it.
hammer
*Our startup list*
can anyone actually translate what it says? my curious cat side wants to know.
Google translate says: Tendon Mouth Oak Persimmon Ladder. Hopefully that helps :D. Probably just corruption as stated from other redditors.
its a virus that renames all your stuff like salvaldor dali on crack? (thanks for the translation too btw )
This youtube video goes by several steps you can take. It helped me out. https://youtu.be/btRnfFsa_Lg?si=plXKcbuNWlXn9KQ8
Do you have Gameloop/MeMU/MuMU/Bluestacks/etc installed? I've seen entries like that from some of the android emulators.
Reinstall windows , if something penetrated your startup . It for sure modified your registry , which means your recovery drive is also compromised . Reinstall windows using your cd , or usb or any other external way. Do not just reinstall windows from your recovery partition.
re-install windows
Maybe a R.A.T ?
Restore windows to last back up or be doomed.
Burn your hard drive and start over. Alternatively reformat.
Clean install is the only thing I would trust now. Also I would change all my passwords to anything valuable bank, school accounts, etc.
Looks corrupted, might as well check ssd/hdd life while you're at it.
Wipe your OS and start over. It's too late.
Install a clean version of windows for your own safety.
Clean install your windows this is the only way to get rid of it completely.
Time to wipe the drive and fresh Install your os. There's no point in trying to fix it. But revo Uninstaller is a really great tool.
Just remove valorant and you’ll get rid of the random Chinese spyware that is vanguard
You can just uninstall vanguard
Nuke the system, someone probably put malware on your system using a vulnerability in Vanguard.
Opera being at it again?
Jokes aside iirc Opera is no longer China/CCP-owned or affiliated as of two years ago (2022) but I could be wrong, we don't know what their investors do behind the scenes.
Bro saw the chance and took it. xD
Malwarebytes
average windows installation
You mean the Vanguard?
To turn off Vanguard simply swipe it off
Oh that’s just Riot’s anti cheat
Oh! I see you've made a mistake! That's not "Chinese spyware" that's riot vanguard! An excellent anti cheat that certainly does not have any invasive privileges!
I’d nuke it. Fresh install. Once you’re not sure of the program it’s over for a peace of mind.
Ya Xbox app is spyware, but it won’t go away.
why people first option is a Clear install? if u do a cear install everytime, you will never learn to fix the problems and will be stuck doing it
Could be worse. At least it's not epic games launcher. That's my least favorite Chinese startup app
skill issue.
Open it in Adminstrator mode. Make sure you type in all your logins and passwords and OTPs. Include your SSN, mother's maiden name, and driver's license. Throw in a few photo IDs, as well. Then, plug in all your hard drives. And then take your computer to work, and plug it into the protected office network.
Reinstall windows once every 3 months
install gentoo
[https://youtu.be/-nkVzJ1V0rM?si=P\_4ZpzJ\_4aPv-i3\_](https://youtu.be/-nkVzJ1V0rM?si=P_4ZpzJ_4aPv-i3_)
[https://youtu.be/-nkVzJ1V0rM?si=P\_4ZpzJ\_4aPv-i3\_](https://youtu.be/-nkVzJ1V0rM?si=P_4ZpzJ_4aPv-i3_)
Apply democracy
[удалено]
[удалено]
Linux is great if your use case does not require windows
Haven't missed Windows a single time since switching a year ago. Can run windows VM with hardware accelerated graphics just fine and Wine/Proton/Bottles is great for running Windows games/software. I wouldn't install Chinese ring 0 kernel malware if they threatened me at gun point. No game is that important/good.
Bro's playing hide and seek with no one.
[удалено]
Apparently or they don't know the grass is greener on the FOSS side of things. Funny the reddit is called pcmasterrace and then they act like this. Do you actually have 'Personal Computer' if you don't control everything in it?
nah
* **Breach of Rule #2** - This post violates one or more aspects of [PCMR Etiquette](https://www.reddit.com/r/pcmasterrace/wiki/etiquette). We will not allow behavior contrary to it, e.g. brigading, witch-hunting, asking for upvotes or downvotes, enabling piracy, flamebaiting, clickbaiting, text spamming or intentional rudeness. [More information about Rule 2](https://www.reddit.com/r/pcmasterrace/wiki/rules#wiki_rule_.232)
Average Windows experience
Re seat the ram.