So I was sent a word doc file today disguised as someone’s resume… when I opened it there was a warning about the doc file being from an older version of word and then a second one about macros disabled and I stupidly ignored both. Immediately afterward I closed the file, and a pop up came up saying that VaXon had stopped working. Amazingly google has no idea what VaXon is so I’m likely the first to fall for this. I scheduled Avast to run a boot time scan but when I restart I get a blue screen saying a problem has been detected yaddda yadda and when the system reboots the avast scan doesn’t run. Any ideas on how I can get the scan to run… though I’m not sure it’ll help if google doesn’t bring anything up with VaXon to begin with.
I’m running a full scan right now but I’m worried that with it crashing my system on shutdown or reboot Avast won’t be able to remove it. Is there a way to tell Avast to run a boot time scan from the dos prompt before windows launches? I tried running avast in safe mode but it doesn’t work there… says the UI won’t load.
Ok so as is the problem with Avast, same thing happened with malwarebytes. The program needed to reboot in order to clean the infected files which unfortunately causes a system crash and reboots my computer so the malicious files aren’t removed. I’ll post the MBAM text file. Second scan however says that there are 0 threats and 0 in quarantine which is disheartening.
I took a screen shot of the results of the scan though as it found 7 threats which I figured it wouldn’t be able to remove. Granted I’m not sure at the accuracy as it’s identifying my file format converter software for converting video and audio and itunes as threats. I wouldn’t think the malware would be able to inject itself into other files so quickly but maybe it can?
Ok so after using Malware Bytes to clean the system, I rolled back windows to the closest date and this fixed the reboot crash so it looks like my problem is solved. Thanks for the help!
If you still need help, please remove all cracked / illegal software from the system, reboot and run fresh FRST logs. Please post them and I will try to assist you. Thanks.
Ok so Malware Bytes and Avast both say that my system is clean which is why I assumed that the infection was gone. Oddly though Malware bytes keeps stopping my SvChost.exe file in the Windows/System32 folder from accessing a website both inbound and outbound which would lead me to believe that a trojan has injected itself into the file. If this is the case, why are both programs saying I’m clean? I did an Avast Boot time scan and a full Malware bytes scan.
Virus inject itself then? I read online somewhere that they can inject themselves into regular windows files. You can probably both tell that I don’t really know what I’m doing
And according to that addition.txt file I have 30+ driver errors in Device Manager that I didn’t know about. Going to see about fixing those.
