Trojan Horse Crypt

budmick
budmick used Ask the Experts™
on
I get constant AVG Threat Detected alerts stating threat name "Trojan Horse Crypt.AQLW" I move them to the vault and remove them each time, but constantly popping up new ones.
How can I remove this threat?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Possibly re-infecting from either System Restore or an infeccted USB stick.
I would try booting to one of the many System Recue Boot CDs avaialbable.  AVG has one, I like Microsofts Stndalone System Sweeper.  However you will need a clean computer to create that CD.
MS is at:
http://www.microsoft.com/security/scanner/en-us/default.aspx
AVG is at:
http://www.avg.com/us-en/avg-rescue-cd
Technical Designer
Commented:
@budmick,

I would recommend to scan the system with the tools mentioned below and in the sequence they are mentioned:
1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

IF YOU CAN'T RUN .EXES IN AN INFECTED SYSTEM - TheKiller
http://www.experts-exchange.com/A_1995.html

I hope that would help.

Sudeep

Author

Commented:
Thanks for the help. Finally "killed" this pest!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial