Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Trojan Crypt.AQLW

  • This topic is locked This topic is locked
2 replies to this topic

#1 javagal


  • Members
  • 36 posts
  • Local time:02:28 AM

Posted 29 February 2012 - 02:36 PM


I'm assisting a friend with a laptop that became non-responsive, with Windows not being able to load.

OS: Windows Vista.
AV: AVG 2011 Free (fully updated)
Windows Updated: not fully

I have gotten Windows to load with "last known good configuration". However, AVG warnings immediately reported - Trojan Horse BackDoor.Generic14.CCCR.

Steps I have taken, and results:
- Ran Spybot S&D (with full update and immunization applied), which only found 2 tracking cookies.
- (updated and in safemode), Ran Malwarebytes, which detected 219 objects. Selected to fix and was asked to reboot. Upon Windows reboot, received the following AVG warnings: Trojan Crypt.AQLW, as well as win32/Sirefref.ER
- Ran Combofix, which stalled at "scanning for infected files" step. I terminated scanning after it appeared it was stalled after 60 mins.
- Another attempt at running Combofix, with same results.
- overnight, Ran Malwarebytes again in safemode, which reported 219 objects. Selected to fix and was asked to reboot, and program hung without rebooting.
- Windows Update, reports 5 important updates avail, and 7 optional. I have just finished trying to apply the updates, but after 30 min. screen turned blue with "Windows encountered problem" (not sure on the exact error message), and system reboot.

Request: Can someone please tell me how to rid of these particular Trojans?

BC AdBot (Login to Remove)


#2 cryptodan


    Bleepin Madman

  • Members
  • 21,868 posts
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:28 AM

Posted 29 February 2012 - 02:45 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.

#3 Budapest


    Bleepin' Cynic

  • Moderator
  • 23,579 posts
  • Gender:Male
  • Local time:06:28 PM

Posted 01 March 2012 - 04:03 PM

Malware topic here: http://www.bleepingcomputer.com/forums/topic444716.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users