Trojan.WIN.32.Agent.azsy VIRUS- need help to remove asap!

Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

Use Task Manager to terminate the Trojan process.
Delete the following system registrykey:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"<rnd1>" = "<rnd2>"
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Delete the following files:
%Documents and Settings%\<user_name>\Application Data\svchosts.exe
%Documents and Settings%\<user_name>\Application Data\taskmon.exe
%Documents and Settings%\<user_name>\Application Data\rundll.exe
%Documents and Settings%\<user_name>\Application Data\service.exe
%Documents and Settings%\<user_name>\Application Data\sound.exe
%Documents and Settings%\<user_name>\Application Data\upnpsvc.exe
%Documents and Settings%\<user_name>\Application Data\lsas.exe
%Documents and Settings%\<user_name>\Application Data\logon.exe
%Documents and Settings%\<user_name>\Application Data\helper.exe
%Documents and Settings%\<user_name>\Application Data\event.exe
%Documents and Settings%\<user_name>\Application Data\dumpreport.exe
%Documents and Settings%\<user_name>\Application Data\msiexeca.exe
Delete all files from %Temporary Internet Files%.
Update your antivirus databases and perform a full scan of the computer

This malicious program is a Trojan. It is a Windows PE EXE file. It is 417792 bytes in size. It is packed using UPX. The unpacked file is approximately 439KB in size. It is written in C++.

Installation
Once launched, the Trojan copies its body to the current user’s Windows startup directory:

%Documents and Settings%\<user_name>\Main Menu\Programs\Startup\uninstall.exe
Payload

Once the victim machine has been rebooted, the Trojan extracts a file from itself. The file will have one of the names shown below:

%Documents and Settings%\<user_name>\Application Data\svchosts.exe
%Documents and Settings%\<user_name>\Application Data\taskmon.exe
%Documents and Settings%\<user_name>\Application Data\rundll.exe
%Documents and Settings%\<user_name>\Application Data\service.exe
%Documents and Settings%\<user_name>\Application Data\sound.exe
%Documents and Settings%\<user_name>\Application Data\upnpsvc.exe
%Documents and Settings%\<user_name>\Application Data\lsas.exe
%Documents and Settings%\<user_name>\Application Data\logon.exe
%Documents and Settings%\<user_name>\Application Data\helper.exe
%Documents and Settings%\<user_name>\Application Data\event.exe
%Documents and Settings%\<user_name>\Application Data\dumpreport.exe
%Documents and Settings%\<user_name>\Application Data\msiexeca.exe
This file is 404992 bytes in size. It will be detected by  Anti-Virus as Trojan-Downloader.Win32.Agent.aoth.

In order to ensure that the Trojan is launched automatically each time the system is rebooted, the Trojan places a link to the file it extracted from its body in the system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"<rnd1>" = "<rnd2>"
<rnd1> is a name chosen from the list below:
CrashDump
EventLog
Init
lsass
Regscan
RunDll
Setup
Sound
svchosts
System
TaskMon
UPNP
Windows
<rnd> is the path to the file extracted from the Trojan shown in the list above.

Once the Trojan had delivered its payload, it will delete both its body and its copy "%Documents and Settings%\\Main Menu\Programs\Startup\uninstall.exe".

This Trojan will not run on Russian versions of Windows.

https://www-secure.symantec.com/connect/blogs/live...

Hi,

Best way to remove trojan is to run sdat updated patch in cmd.

1) make one scan folder in c drive and paste sdat5620.exe and extract in your c drive itself.
1) start ur pc in safemode with command prompt.
2)go to c drive and tye following command as

C:\>cd scan

C:\scan>scan/adl/all/clean/repair/delete/analyze/program/report/scan.txt   and press enter key.

the above command will start scanning your hard drive and it will clean and delete virus.

path to download sdat patch is given below.

http://www.mcafee.com/apps/downloads/security_upda...

Thanks and Regards,

Nitin Salvi

I would suggest u to run the loadpoint utility and analyse the log and on the basis of analyzing upload the suspeciuos file to submit.symantec.com/gold