This is on one of my laptops, it is a Lenovo Thinkpad Twist.

A week ago, i must have accidentally clicked on a scam ad instead of the real download button while downloading something that I forgot what I intended to.

So basically, it spawns a file named UH_HACK.exe in C:\Windows which contains the malware. I have tried MalwareBytes and Avast, and both are able to detect it and remove it, but it will come back randomly the next day. I can't figure out where it is coming from. And as usual with most malware files, it will list the file origin as from administrator, so there's no way I can find out where it is coming back from.

So basically, it spawns adware, browser hijackers, and some worms that do derpy things such as changing my computer's font, desktop backgrounds, Windows themes, etc.

Is there a way to figure out where a malware/virus is coming from that keeps coming back?

https://www.pcworld.com/article/243818/security/how-to-remove-malware-from-your-windows-pc.html

Have you tried that website with tips? Sorry if i'm of no help :(

mmm. Maybe you'd want to boot and perform cleanup under 'safe mode' instead of normal mode of Windows - this can help.

Second, I'd temporarily disconnect the computer from Internet. Unplug any ethernet cable, and shut down the wifi.

Don't forget to check your browser. I'd suggest using firefox or chromium, with ublock origin and privacy badger enabled.

mmm. Maybe you'd want to boot and perform cleanup under 'safe mode' instead of normal mode of Windows - this can help.

Second, I'd temporarily disconnect the computer from Internet. Unplug any ethernet cable, and shut down the wifi.

Don't forget to check your browser. I'd suggest using firefox or chromium, with ublock origin and privacy badger enabled.

Thanks, I never thought about disconnecting from WiFi. I tried disconnecting from WiFi for a day to see what happens, and it doesn't come back so clearly the malware is being downloaded from internet.

I just recently considered the fact that because it is coming back every day, I checked Task Scheduler. And I found it and got rid of it. Now it is never coming back, at least I hope so.

Great! Glad that you found a way out! Don't forget to make a system backup/recovery usb key, so that if you run into trouble again, you have a safer escape route. I got burned myself once, I know how much hassle it can be!

When in a pinch, I usually tell people to download and use the NOD32 Online scanner (https://www.eset.com/us/home/online-scanner/). It is free and doesn't need to be installed to run.
It looks like you have it solved, but figured I'd post this for the many others who get to have fun with viruses.

I use malwarebytes on my computer. It works great but you need the pay version. The free version will search and delete things but the pay version runs continuous so it blocks those things from running in the first place.

I agree with Ashley that Malwarebytes is a great tool to keeping your computer clean. I also use CCleaner and periodically run the cleaner to get rid of any crap that may have uploaded that I was unaware of that could have slowed my hard drive down and could eventually crash it.

Just delete the original system partition or install a new hard drive ... and copy one of the last backup images of your system before downloading that malware. But usually Malbytes and Avast etc should stop the download already before malware is stored on the hard disk. At least that's what both do on my computers.