Trojan.win32.agent.azsy
Trojan.win32.agent.azsy is a false positive infection alert generated by rogue anti-virus programs. Since Trojan.win32.agent.azsy isn't a real infection, you can ignore all warnings about files being infected with Trojan.win32.agent.azsy. However, you should take steps to remove any rogue anti-virus program that creates Trojan.win32.agent.azsy warnings, since these rogue security applications will threaten various aspects of your computer, including your security applications and your web browser.
Trojan.win32.agent.azsy is a Fake Trojan Delivered by a Real One
Trojan.win32.agent.azsy is part of fake alerts created by a number of different rogue security applications, such as Personal Antivirus, Internet Antivirus Pro and General Antivirus. Here's an example of one well-known Trojan.win32.agent.azsy alert message:
"Critical System Warning!
Your system is infected with version of Trojan.Win32.Agent.azsy. This malicious program is a Trojan. It is a Windows PE EXE. Once launched, the Trojan copies its body to the current user’s Windows startup directory and attempts to steal passwords from Int [sic]"
This warning usually appears as a desktop pop-up balloon, making it appear as though the Trojan.win32.agent.azsy warning is a part of your system security. If you click this warning, though, you'll find yourself presented with a rogue security program window or redirected to the rogue security program's website.
Regardless of what name the rogue security application uses in its pretense of being a security program, it will try to convince you that the only way to cure your PC of Trojan.win32.agent.azsy problems is to purchase an activation key. Giving the criminals behind this online fraud your credit card information will only expose you to other kinds of theft and fraudulent charges.
Putting a Stop to Trojan.win32.agent.azsy Alerts
Since Trojan.win32.agent.azsy doesn't exist as a real threat to your PC, you shouldn't worry about getting rid of Trojan.win32.agent.azsy. Instead, focus on removing the rogue security programs that falsely accuse your computer of being infected by Trojan.win32.agent.azsy!
General Antivirus, Personal Antivirus and similar threats will make this difficult, since they may block applications from running with fake alerts and control which websites you can browse hijacking your web browser. These attacks can be neutered by switching to an alternative boot mode where the rogue security program responsible for Trojan.win32.agent.azsy warnings will not launch automatically. The most generally-applicable way to do this is through Safe Mode, which is used by all Windows computers.
Once securely working in Safe Mode, you can download (if necessary) and run any high-quality anti-malware scanner that you prefer to banish all Trojan.win32.agent.azsy-related malware. Removing Trojan.win32.agent.azsy-related infections shouldn't be done by just deleting the files yourself unless you have no other options, since the manual method of removal is prone to failure for all but experts.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk 2 %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus 3 %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk 4 %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk 5 %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk 6 %Program Files%\Personal Antivirus 7 %Program Files%\Personal Antivirus\activate.ico 8 %Program Files%\Personal Antivirus\db 9 %Program Files%\Personal Antivirus\db\DBInfo.ver 10 %Program Files%\Personal Antivirus\db\ia080614.db 11 %Program Files%\Personal Antivirus\db\ia080618x.db 12 %Program Files%\Personal Antivirus\Explorer.ico 13 %Program Files%\Personal Antivirus\Languages 14 %Program Files%\Personal Antivirus\Languages\IAEs.lng 15 %Program Files%\Personal Antivirus\Languages\IAFr.lng 16 %Program Files%\Personal Antivirus\Languages\IAGer.lng 17 %Program Files%\Personal Antivirus\Languages\IAIt.lng 18 %Program Files%\Personal Antivirus\PerAvir.exe 19 %Program Files%\Personal Antivirus\unins000.dat 20 %Program Files%\Personal Antivirus\uninstall.ico 21 %Program Files%\Personal Antivirus\working.log 22 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk 23 %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe 24 %UserProfile%\Application Data\Personal Antivirus 25 %UserProfile%\Application Data\Personal Antivirus\db 26 %UserProfile%\Application Data\Personal Antivirus\db\config.cfg 27 %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf 28 %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf 29 %UserProfile%\Application Data\Personal Antivirus\settings.ini 30 %UserProfile%\Application Data\Personal Antivirus\uill.ini 31 %UserProfile%\Application Data\Personal Antivirus\unins000.exe 32 %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk 33 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png 34 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png 35 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png 36 %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe 37 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt 38 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini 39 %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe 40 %WINDOWS%\system32\log.txt
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINEHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngineHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Personal Antivirus_is1
How to find my current security settings. I get a box that says I cant download
with my current security settings.
I have this trojan.win32agent.azsy in my computer, what do I need to do to get it out.
can you help
i CAN NOT DOWNLOAD THE PROGRAM MY INTERNET EXPLORER HAS BEEN INFECTED. IT DOES NOT GIVE ME ACCESS TO THE INTERNET, SO I COPIED IN A CD. BUT STILL IT DOES NOT WANT TO RUN IT FROM THE CD. SO I COPIED TO THE C:/ DRIVE AND STILL DOES NOT WANT TO RUN IT! DO YOU HAVE ANY IDEAS. ON WHAT ELSE TO DO.
I downloaded the SpyHunters Scanner and it picked up 23 Trojan type files on my computer. I tried to buy it but the program Personal Antivirus keeps coming up and blocking me from filling out the page to buy it on. Any help would be greatly appreciated. I keep getting the message that I'm infected with Trojan.Win32.Agent.azsy. Thanks
My system is infected by a Trojan virus