I think this is a bad one

Jmunk

Estimable
Apr 18, 2015
5
0
4,510
0
I think I accidentally gave myself a pretty bad virus. Got it from a file I DL'ed and checked boxes without looking at what I was really downloading. I started getting ads playing randomly with no actual pop-ups, and could see there was 2/3 processes running that I could end to stop the ads. Immediately went got some malwarebytes going, and it removed a good chunk of stuff. However, something still wasn't right. Both malware and windows defender were acting weird (not letting me turn things on etc). Not to mention, I can't open up bitdefender after I downloaded it.

I go to my processes, and look for anything strange. I see there's one there called "msrpgdasvc". I googled that and got literally zero results. It's taking up a good chunk of my memory and CPU at almost all times. It's located in sytem32 and it says it was created today, around the exact time that I started having problems and downloaded that file. Problem is I cannot end the task or delete the file because I don't have access. What in the world do I do here?
 

darkbreeze

Honorable
Moderator
There are two ways to create the media, and if one doesn't work the either generally does. Some folks HAVE had issues using the Windows 10 media creation tool, supposedly, but I've used it like 85 times without any issues so long as the flash drive is good then you should be fine. The other method though, using the Windows 7 DVD/USB creation tool can also be used, or at least it worked last time I tried it which was last year, so you can try that if you have troubles.

That method is here:

http://www.tomshardware.com/faq/id-2825881/cleanup-windows-upgrade-clean-install.html


You might also find some other useful information in that guide as well. I don't know how extensive your skillset is so I always assume people need to have their hand held to some extent until I know otherwise. If that's not you, I do appologize but I always like to try and not lead people into the water if they have trouble swimming.

Also, one thing to keep in mind since I don't include that in either of my tutorials is, once Windows has completely loaded the installer, if at any point it restarts and you have changed the boot drive to the USB drive, remove the USB drive during the restart or go into the bios and switch it back to the drive you are installing to in the bios boot order, so it doesn't try to boot loop. Usually I don't see this issue happen but again, some folks have said it happened to them.

Or, if you bios supports it, you can simply leave the boot order as it is and in the bios there may be an option for a ONE TIME manual change of boot priority and if you use that to start the bootstrap installer then if it tries to restart during the process it should automatically revert to the assigned regular boot order.

Other than that, just follow the tutorial step by step and it should be no problem. Otherwise, if you have a dvd burner and a blank disk you can make optical installation media too and not have to worry about the USB drive installation.
 

darkbreeze

Honorable
Moderator
http://www.tomshardware.com/faq/id-2602295/protect-remove-virus-malware-rootkit-infections-layman.html

Probably TDSS killer or Roguekiller can take care of it.

And if you are using Malwarebytes, make sure that in the options, under scanning options, you have "root kits" selected. If you don't have Malwarebytes, you need to get it. Windows defender and bitdefender don't offer the same malware protection that Malwarebytes does, but even Malwarebytes won't handle some things so you need what we call a second opinion scanner like TDSS and Rogue.
 

Jmunk

Estimable
Apr 18, 2015
5
0
4,510
0


Thanks for the quick response man. So rouge killer did it's thing and actually found 9 threats, one of those I saw as being named one of the exe's I had to close to stop the ads, so that's a good sign.

I also do have MB installed, and with the root option selected. It was showing 0 threats before I used rouge killer. Problem with this is now that I can't totally tell that everything is back to normal. There's a few things that still don't seem quite right, but maybe they were always like that and I never noticed?

1) That program is still in my processes.
2) I can't turn on web protection services on MB
3) Windows defender acts weird, I can't turn on a settings there for "periodic scanning"
4) In "recovery" when I hit "reset this PC" (I did was trying this thinking that I was gonna need a fresh windows install), nothing happens when I click get started.

Again, maybe these were acting like this before tonight, but it does seem kinda odd. Should I download the other program and/or run rouge again? What about that stray process?
 

darkbreeze

Honorable
Moderator
What version of Windows are you running?

Do you have anything on the drive that is important but can't be backed up to another drive and then copied back later?

Do you HAVE a backup of your important files and folders?
 

Jmunk

Estimable
Apr 18, 2015
5
0
4,510
0


10

Not that I can think of.

No, but I could copy everything over to a USB drive easy enough. Why, are you thinking a clean install?
 

darkbreeze

Honorable
Moderator
Exactly right. Sometimes it's simply IMPOSSIBLE to ever get the system back to normal if a serious infection has been injected throughout the system. Some viral patterns can actually hide, run away or break themselves up into different parts so that typical searches for specific patterns cannot detect them. That's an usual case scenario, but even without that sometimes it's just damn hard to find it all. Faster is to start over.

http://www.tomshardware.com/faq/id-3567655/clean-installation-windows.html
 

Jmunk

Estimable
Apr 18, 2015
5
0
4,510
0


I figured. So based on your link I'm assuming I'm kinda SOL with using the windows option for recovery, where it says reset this PC. I guess it's possible the malware or virus is blocking that somehow? So I guess my only option is to do it from a USB drive. I always feel like I having problems with windows on USB, but I guess I gotta go for it at this point.
 

darkbreeze

Honorable
Moderator
There are two ways to create the media, and if one doesn't work the either generally does. Some folks HAVE had issues using the Windows 10 media creation tool, supposedly, but I've used it like 85 times without any issues so long as the flash drive is good then you should be fine. The other method though, using the Windows 7 DVD/USB creation tool can also be used, or at least it worked last time I tried it which was last year, so you can try that if you have troubles.

That method is here:

http://www.tomshardware.com/faq/id-2825881/cleanup-windows-upgrade-clean-install.html


You might also find some other useful information in that guide as well. I don't know how extensive your skillset is so I always assume people need to have their hand held to some extent until I know otherwise. If that's not you, I do appologize but I always like to try and not lead people into the water if they have trouble swimming.

Also, one thing to keep in mind since I don't include that in either of my tutorials is, once Windows has completely loaded the installer, if at any point it restarts and you have changed the boot drive to the USB drive, remove the USB drive during the restart or go into the bios and switch it back to the drive you are installing to in the bios boot order, so it doesn't try to boot loop. Usually I don't see this issue happen but again, some folks have said it happened to them.

Or, if you bios supports it, you can simply leave the boot order as it is and in the bios there may be an option for a ONE TIME manual change of boot priority and if you use that to start the bootstrap installer then if it tries to restart during the process it should automatically revert to the assigned regular boot order.

Other than that, just follow the tutorial step by step and it should be no problem. Otherwise, if you have a dvd burner and a blank disk you can make optical installation media too and not have to worry about the USB drive installation.
 

ASK THE COMMUNITY

TRENDING THREADS