Results 1 to 6 of 6

Thread: How to remove Trojan Crypt.AQLW malware

  1. #1
    Join Date
    Apr 2012

    How to remove Trojan Crypt.AQLW malware

    Few days ago my computer stopped connecting to the internet. It was set to connect automatically right away the computer boot up but due to some reason it won’t connect at all. So I looked into the internet settings and it was changed without my concern. So this time I manually connected to the internet and opened the browser. But whatever page I try to open, it first loads for few seconds and then shows error message saying that website cannot load. Below I get an option to diagnose network connection. If I click on that, it starts diagnosing but after a minute it closes automatically. I am using a Windows XP computer. My friend then suggested installing QuickHeal antivirus. I installed it and ran a full scan on safe mode. It shows that computer is infected by a Trojan. I quarantined it and rebooted the system. Again ran the scan in normal mode but this time also it detected the same Crypt.AQLW Trojan but on different location. The problem is this malware is showing up during every reboot. How can I completely remove it without formatting my HDD?

  2. #2
    Join Date
    Mar 2011

    Re: How to remove Trojan Crypt.AQLW malware

    I have also heard alot about the Trojan Crypt.AQLW. It is not really a big virus like TDS or Flashbot but it can damage more untill it is removed quickly from your computer. Whenever your computer is infected with a Trojan, it will first launch an attack on internet browser in order to create a backdoor so that its creator or admin can access the infected system. It will open some ports which cannot be easily scanned or detected by the Antivirus program. Sometime you will see strange things over browser’s toolbar which you had never seen before. The homepage will be changed to something different and favorites will be modified automatically. When you try to open any page or search engine, it will re-direct the URL to something strange. You will also see bulk of unknown or strange processes running in the background in task manager. Due to hefty of process, the system starts to work slow and finally crashes. Antivirus also would not have the capability to remove this malware completely because it knows how to trick a security software by copying itself to multiple files with multiple name. So it is always necessary to remove it manually and the efficient way is:

    • Launch the Windows Task Manager and look for Trojan Crypt.AQLW processes in processes tab. Stop all the processes one by one which are actually not the part of Windows and other trusted apps.
    • The Trojan Crypt.AQLW will store its registries with the name of Windows Pro Rescuer. You have to open Registry editor and remove all those related entries.
    • Last thing is, files associated to Windows Pro Rescuer. You may find it in both Windows folder as well as Programs Files folder. Delete all those files completely. Sometimes to do this tasks you might need to boot in safe mode.

  3. #3
    Join Date
    May 2011

    Re: How to remove Trojan Crypt.AQLW malware

    Crypt.AQLW is really a terrible Trojan and it will compromise your entire computer. You won’t get to know about it since it is working in the background. It can install backdoor on any Windows related apps like Web browser, Office programs or sometimes Instant messengers. It will also create registry entries in order to make the program as genuine. An application which registers on Windows registry cannot be detected as Scam apps or programs by some antivirus. So it is too hard to find these malicious things. It modifies both system files as well as Windows services. It will also help other hackers to install their backdoor and malicious things easily on the infected computer. There are plenty of removal tools and apps but none of them actually help because whenever they start cleaning, they will corrupt Windows registries and OS related files causing the system to crash.

  4. #4
    Join Date
    May 2011

    Re: How to remove Trojan Crypt.AQLW malware

    You have to remove the Trojan Horse Crypt.AQLW otherwise you will be into lot of problems. It may steal all you important data and passwords. If your computer is really infected with this malware, do not connect to the internet until it gets removed completely. If you connect to the internet, a backdoor will be opened and any hacker can access your computer and take control over it for further usage like for DDOS attack or something similar. There is a Trojan Horse Crypt.AQLW removal tool, that you can download by searching on google, which will help you to detect and remove the infections from the HDD and from any removable media. You can also search for other rogue apps and process.

  5. #5
    Join Date
    Jun 2011

    Re: How to remove Trojan Crypt.AQLW malware

    I have an efficient way to completely remove Crypt.AQLW Trojan but you will need enough time and enough patience for that because it is not a simple process. You have to do everything manually here by keeping an eye on every file or every registry entry you are going to delete. Incorrect removal will cause the system failure or some other issues.

    • First using the task manager, kill the Crypt.AQLW process
    • Now you have to manually delete malicious files created by Crypt.AQLW
      • %UserProfile%\Application Data\Microsoft\[random numbers].exe
      • %System Root%\Samples
      • %User Profile%\Local Settings\Temp
      • %Program Files%\Trojan Horse Crypt.AQLW
      • C:\ProgramData\[random numbers]\
      • %Documents and Settings%\All Users\Start Menu\Programs\Trojan Horse Crypt.AQLW
      • %Documents and Settings%\All Users\Application Data\Trojan Horse Crypt.AQLW
      • doguzeri.dll
      • 3948550101.exe
      • 3948550101.cfg
    • Delete the registry entries made by Crypt.AQLW.

  6. #6
    Join Date
    Aug 2011

    Re: How to remove Trojan Crypt.AQLW malware

    I don’t think that you really need to reformat the Hard drive and reinstall the OS. There are other few options which works fine. First you can look for either online removal tool or for a manual removal procedure. However the infections of this Trojan horse are as follows:

    • It will redirect your Google and Yahoo search results to some scam pages.
    • It will automatically change the browser settings as well as Internet settings.
    • It slows down the computer considerably. Accessing data, opening programs and connecting to internet will be very slow.
    • It will throw unwanted pop ups on the screen. You will also see some fake security warnings.
    • Starts to block Windows applications.
    • Antivirus will detect this infections as a key-logger and shows that System information security is at risk but they are actually fake.

Similar Threads

  1. how to remove Trojan Agent/Gen-Crypt
    By Megatruck in forum Networking & Security
    Replies: 5
    Last Post: 25-06-2011, 06:45 AM
  2. Unable to remove the trojan malware MS Removal Tool
    By rasnam in forum Networking & Security
    Replies: 5
    Last Post: 05-05-2011, 10:56 AM
  3. Remove Whitesmoke trojan/malware(Hijack log)
    By $Jaganmohini$ in forum Networking & Security
    Replies: 3
    Last Post: 01-02-2011, 01:55 PM
  4. Solution to avoid Trojan.Crypt.AntiSig.c
    By Paisley007 in forum Networking & Security
    Replies: 5
    Last Post: 19-03-2010, 04:00 AM
  5. How to remove Trojan Horse Crypt.NWP
    By Carmine in forum Networking & Security
    Replies: 5
    Last Post: 11-02-2010, 11:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts