Skip to content


Reply
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

[ Edited ]

Did u disinfect or delete whenever AVP Asked?

 

OK.can u run the manual disinfection process and upload the zip file to www.mediafire.com

 

Then post sharing link on next reply.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
BCnow
Posts: 23
Registered: ‎02-21-2012

Re: Need help, TROJ_ZACCESS.CQJ

I was choosing disinfect but all of them were saying it could not be done and I was unsure what had to be done and I was deleting.

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

thats fine.just run manual disinfection and upload the zip file to www.mediafire.com and post the sharing link on next reply.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
BCnow
Posts: 23
Registered: ‎02-21-2012

Re: Need help, TROJ_ZACCESS.CQJ

[ Edited ]

Heres link to log

mediafire

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

 

  • Re-run AVPTool 
  • Select the Manual Disinfection tab and press Script execution tab
  • Where it states  Insert text  script in the following box copy/paste the below script and press Run script
    Copy from Begin until End
begin
RegKeyIntParamWrite('HKEY_LOCAL_MACHINE', 'System\CurrentControlSet\Services\CDROM','AutoRun', 0);
SetServiceStart('SSDPSRV', 4);
SetServiceStart('TlntSvr', 4);
SetServiceStart('TermService', 4);
SetServiceStart('RemoteRegistry', 4);
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 DeleteFile('C:\Documents and Settings\Administrator\Local Settings\temp\_uninst_25531443.bat');
 DeleteFile('C:\WINDOWS\system32\DRIVERS\2845243drv.sys');
 DeleteFile('\SystemRoot\system32\DRIVERS\2845243drv.sys');
RebootWindows(true);
end.

 

  • Your system will reboot on completion, if it does not please do so yourself   
  • On completion please run another analysis scan and attach the zip file   

 

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
BCnow
Posts: 23
Registered: ‎02-21-2012

Re: Need help, TROJ_ZACCESS.CQJ

I still haven't closed AVP program since it finished running the other scan, do I close the program and re open to do the script execution you told me or it doesnt matter?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

Doesnt matter at all...Better to re run

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
BCnow
Posts: 23
Registered: ‎02-21-2012

Re: Need help, TROJ_ZACCESS.CQJ

[ Edited ]

Link to log, By the way Thank you so much for the time you are dedicating to my problem :smileywink:

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

Monitoring..will be back in 5 minutes.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,967
Registered: ‎08-08-2011

Re: Need help, TROJ_ZACCESS.CQJ

 

  • Re-run AVPTool 
  • Select the Manual Disinfection tab and press Script execution tab
  • Where it states  Insert text  script in the following box copy/paste the below script and press Run script
    Copy from Begin until End
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 DeleteFile('C:\Documents and Settings\Administrator\Local Settings\temp\_uninst_01428593.bat');
 DeleteFile('\SystemRoot\system32\DRIVERS\2845243drv.sys');
 DeleteFile('C:\WINDOWS\system32\DRIVERS\2845243drv.sys');
end.
  • Your system will reboot on completion, if it does not please do so yourself   
  • On completion please run another analysis scan and attach the zip file   

NEXT

 

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

 

NEXT

 

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the  button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on  to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the  icon on your desktop.

•Check 
•Click the  button.
•Accept any security warnings from your browser.
•Check 
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push 
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the  button.
•Push 
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt 


—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.