Friday, June 5, 2009

Never Install Personal Antivirus To Your PC!!

My sister was conned by Trojan.win32.agent.azsy that pop up to tell her that her PC is having multiple security issues that need to be handled by Personal Antivirus. So she got it installed to the PC thinking that this would help in cleanning up the threats. It also encourages her to purchase and installed licensed version of Personal Antivirus, which is a rogue anti-spyware. Infected computer exposed to outer threats by opening up illicit connections that facilitate remote access to the compromised computer and may enable further manipulation from the outside.

After the installation of Personal Antivirus, there was a continuous alert pop up saying that the PC was infected by 'Trojan.win32.agent.azsy'. So I googled 'Trojan.win32.agent.azsy' and tried to get it of threats.

Solution :
1) Download 'Spyware Doctor' from http://www.pctools.com/spyware-doctor/download/
2) Run the downloaded Software.
3) When the scan finishes, it would show all the the infected files, cookies and also entry in registry.
4) To clean it up you need to purchase the software online.
5) Opting not to purchase it, I clean it up manually.

How to clean??



All the infected files , cookies and registry entry would be shown in the scan result of Spyware Doctor Software. You just need to delete the infected files, cookies and registry entry to clean up the threat.

Delete Trojan.win32.agent.azsy corrupt files :

1) Expand all the infected files or cookies or registry entry shown in Spyware Doctor.

Ex : Let's say the infected files is in
%Documents and Settings%\\Application Data\svchosts.exe (Depends on the path that shown in Spyware Doctor Software)

2) Go to the directory and delete the files.

Delete Infected Cookies

Ex: If 'Ad.YieldManager.com.Cookie' is the infected cookies;

Open Browser of Internet Explorer (IE) Internet Explorer 7 (If you are using IE7)

From the Tools menu, or the Tools list in the upper right section, select Internet Options
Under Browsing History, click Settings

Click View Objects or View Files

Check if the Ad.YieldManager.com.Cookie cookie is present on the list by typing the cookie name in the serach field.

Select the Cookie and delete it.

Open Internet Explorer 5.x-6.x (IE5-IE6) (If you are using IE5 or IE6)

From the Tools menu, select Options or Internet Options

In the General tab, click Settings

Select View Files and search for the desired cookies name.

Select the Cookie and delete it.

Remove Trojan.win32.agent.azsy associated registry entries:

Go to Start -> Run

In the Run Windows, type 'regedit' in the 'open' files and hit enter key.

Registry Editor will open

Go to the infected entry

ex: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1

If you wish to find the the registry entry name, you can go to Edit-> Find and type the entry name in the 'Find What' field.

Then delete the infected entry.

Done....

No comments:

Post a Comment