Computer Virus - Windows won't Load

Status
Not open for further replies.

deadyteddy

New Member
Apr 25, 2021
2
Hi all,

Note- I'm typing this from my 2nd computer as the 1st one is not working.

Last night I was working on installing a wallet for Monero from getmonero.org and my antivirus kept blocking the download (Avast free version). I disabled it for a few minutes and downloaded the zip. I ran another program that I believe was infected. My computer instantly slowed down and sound randomly started playing like an add, then I had a weather app pop up in my system tray. I immediately tried to close it and noticed a few other issues. I went to the task manager and had about 6 processes running called something like marley.exe. I closed all of those and noticed that the same program was part of the Windows startup. I ran the avast antivirus and malwarebytes. They both found a number of malware issues. Malwarebytes asked me to restart, so I did so and now I'm receiving a BSOD that says SYSTEM SERVICE EXCEPTION. What can I do to help boot Windows?

On a side note, I had a text 2fa text from Stripe at 2am and one from BofA with someone trying to log in to my account. I've gone in and changed passwords on all of my accounts. What information can be gained given that the malware was running for about 10 minutes on my computer?

Thank you, I appreciate the help!
 
  • Like
Reactions: Nevi

nasdaq

Moderator
Verified
Staff member
Nov 5, 2019
567
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Read this topic.


If you boot to Safe Mode with networking as mentioned in the page and the BOSD message refers to a system file check for drivers.

If that fails to start the computer normally download and run this program while in Safe Mode with Networking.

Nothing will be removed it will on scan the computer and create 2 logs.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]

Attach the file(s). A 2 Steps process.
Reply to this topic.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.

Please post the logs for my review.

Let me know what problems persists.

Wait for further instructions

p.s.
The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
====

one move thing.
If the Networking is not working on the compromised computer you can download the Farbar program to the working computer.
Then copy the downloaded file to the DESKTOP of the compromised computer to scan it.

p.s.
You may have the possibility to Restore your system to a previous date. This is an option you can try later.
 

nasdaq

Moderator
Verified
Staff member
Nov 5, 2019
567
Hi,

This is not my forte.
I suggest you start a new topic in the Windows 10 forum.
@

An expert should be able to help you restore your system.

I will leave this topic open for 6 days.
 
Status
Not open for further replies.
Top