thetroubleshoot
Member
I'm posting this more as a findings thread, but I am still encountering issues I could use assistance with. I do have advanced computer knowledge, yet I am still at times confounded by some of the strange viruses out there. Anyways, my story is this:
1. 7/23/12 - My computer was infected by zeroaccess.ee/zeroaccess.eh & Artemis!59A3ACA2AD50 and received notice of this by McAfee. I found myself puzzled by the continuous McAfee popups that were becoming rather overwhelming that it had removed the trojans - over and over again.. Somehow I accidentally put the computer into a indefinite boot loop and was able to run Kernel Debugger to correct that issue. When I got the computer back to normal I no longer received those messages.
2. 7/23/12 Later that day, I ran the following programs: CCleaner, MalwareBytes, McAfee Strike, SpyHunter, TDSKiller and several other "quick fix" softwares, some that were my favorites and some that were suggested by online forums for this issue. They detected nothing. However I have yet to run ComboFix due to the importance of my computer and my inability to mentally grasp proper risk-taking. NONE of those programs detected or removed the malware. I also bought an external hard drive to backup the files which worked. Since there were no more alarms and the computer was functioning, I continued to use the PC thinking I was "in the clear".
3. 7/28/12 - McAfee ran a virus scan automatically and discovered the following items:
C:\Users\Me\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7daf52-399657ca" "Exploit-CVE2012-1723" "5"
C:\Users\Me\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7daf52-399657ca" "Exploit-CVE2012-1723" "5"
C:\Windows\Installer\{68282233-bf9f-0c3e-20d1-4b8c10b6ec5e}\n" "Generic.ku" "5"
Two of those were Java exploits and the other "Generic.ku" I still have yet to find any information about. As soon as I rebooted, I found out that when McAfee removed that file it completely disabled my network and my audio (after the initial reboot). My network icon read that the Network was Unknown (showed no networks either) and the "Audio process did not start". After a few brief moments of panic, I decided to use System Restore and restored it back to the 27th (after the virus was in my computer unfortunately). Everything worked again and I decided to run the McAfee scan again to see if it would occur again. It did, it found Generic.ku again and the same errors occurred upon reboot. At this point I used system restore again and turned off McAfee's automatic virus scans to prevent further interruptions.
I decided to just let it "be this way" for now because a lot of the troubleshooting threads for these issues online were rather new and still lacked the proper solution. I read in many cases even the might ComboFix would not work. So it seemed like a 20/100 chance. Then:
8/23/12 - Decided to check back on the internet for solutions after reading that ZeroAccess is, for lack of a better term, "backdoor malware" and has a potential to steal information and allow other malware to infiltrate. While becoming computer conscious, I noticed Windows Update had not run lately. Upon attempting to open it, I discovered it had been somewhat mangled and "Could not run because the Windows Update Service is Not Running". "Windows Update" was not appearing in service.msc, which didn't give me much of an option to simply restart the service. However, I was able to restore Windows Update completely by copying the "wuauserv" file from the registry of another working Vista into the problem computer and resolved that issue.
I decided to post my experience here because Vistax64 has always been my favorite resource and appears to contain a mob of extra computer savvy technicians who should receive awards for their service.
I would ideally like to be able to restore my McAfee Auto Scan so I can ensure my computer's safety from other malicious software. I've seen others with the combined network issues and audio process problem who may have had these issues and not known about what really happened and in most cases the troubleshooter had no idea how to go about helping the person leading to unsolved mysteries. Hopefully my findings will find someone knowledgeable or someone else who is experiencing the same problems so they don't feel alone and frustrated.
1. 7/23/12 - My computer was infected by zeroaccess.ee/zeroaccess.eh & Artemis!59A3ACA2AD50 and received notice of this by McAfee. I found myself puzzled by the continuous McAfee popups that were becoming rather overwhelming that it had removed the trojans - over and over again.. Somehow I accidentally put the computer into a indefinite boot loop and was able to run Kernel Debugger to correct that issue. When I got the computer back to normal I no longer received those messages.
2. 7/23/12 Later that day, I ran the following programs: CCleaner, MalwareBytes, McAfee Strike, SpyHunter, TDSKiller and several other "quick fix" softwares, some that were my favorites and some that were suggested by online forums for this issue. They detected nothing. However I have yet to run ComboFix due to the importance of my computer and my inability to mentally grasp proper risk-taking. NONE of those programs detected or removed the malware. I also bought an external hard drive to backup the files which worked. Since there were no more alarms and the computer was functioning, I continued to use the PC thinking I was "in the clear".
3. 7/28/12 - McAfee ran a virus scan automatically and discovered the following items:
C:\Users\Me\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7daf52-399657ca" "Exploit-CVE2012-1723" "5"
C:\Users\Me\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\7daf52-399657ca" "Exploit-CVE2012-1723" "5"
C:\Windows\Installer\{68282233-bf9f-0c3e-20d1-4b8c10b6ec5e}\n" "Generic.ku" "5"
Two of those were Java exploits and the other "Generic.ku" I still have yet to find any information about. As soon as I rebooted, I found out that when McAfee removed that file it completely disabled my network and my audio (after the initial reboot). My network icon read that the Network was Unknown (showed no networks either) and the "Audio process did not start". After a few brief moments of panic, I decided to use System Restore and restored it back to the 27th (after the virus was in my computer unfortunately). Everything worked again and I decided to run the McAfee scan again to see if it would occur again. It did, it found Generic.ku again and the same errors occurred upon reboot. At this point I used system restore again and turned off McAfee's automatic virus scans to prevent further interruptions.
I decided to just let it "be this way" for now because a lot of the troubleshooting threads for these issues online were rather new and still lacked the proper solution. I read in many cases even the might ComboFix would not work. So it seemed like a 20/100 chance. Then:
8/23/12 - Decided to check back on the internet for solutions after reading that ZeroAccess is, for lack of a better term, "backdoor malware" and has a potential to steal information and allow other malware to infiltrate. While becoming computer conscious, I noticed Windows Update had not run lately. Upon attempting to open it, I discovered it had been somewhat mangled and "Could not run because the Windows Update Service is Not Running". "Windows Update" was not appearing in service.msc, which didn't give me much of an option to simply restart the service. However, I was able to restore Windows Update completely by copying the "wuauserv" file from the registry of another working Vista into the problem computer and resolved that issue.
I decided to post my experience here because Vistax64 has always been my favorite resource and appears to contain a mob of extra computer savvy technicians who should receive awards for their service.
I would ideally like to be able to restore my McAfee Auto Scan so I can ensure my computer's safety from other malicious software. I've seen others with the combined network issues and audio process problem who may have had these issues and not known about what really happened and in most cases the troubleshooter had no idea how to go about helping the person leading to unsolved mysteries. Hopefully my findings will find someone knowledgeable or someone else who is experiencing the same problems so they don't feel alone and frustrated.
My Computer
System One
-
- Manufacturer/Model
- Acer Aspire 5810TZ-4657
- CPU
- Genuine Intel CPU U2700 @ 1.30GHZ
- Motherboard
- ACPI x86-Based
- Memory
- 3.0 GB RAM
- Graphics card(s)
- Mobile Intel 4 Series Express
- Sound Card
- Realtek/Intel High Definition Audio HDMI
- Monitor(s) Displays
- Intel(R) 4 Series Express
- Screen Resolution
- 1366X768
- Hard Drives
- WDC WD3200BEVT-22ZCt0 - 300 GB HDD Toshiba 593500-B 3.0 750 GB HDD
- Cooling
- Thermal Laminar Cooling Wall Jets
- Mouse
- Synaptics PS/2 Port TouchPad
- Internet Speed
- 54/100 MBPS
