Win32:Agent-VM[Trj] how to get rid of it?

[Gofra]

Hi folks, my first time here...

Just recently my friend asked me to help him with his PC which was behaving weird. As suspected, I found viruses, Trojans and malware. I used Avast, Ad-Aware, SpyBot SD and got rid of most. However, Win32:Agent-VM seems impossible to get rid off. Avast AV always finds it in the same place:

c:\windows:\temp
Name of the file is data.exe

I turned off system restore, ran a safe mode scan, boot scan, updated definitions, tried with other software but no go, its still here. Can you guys help me please?

I'm using a 4.7 home edition version with 0630-2 VPS file


Thank you very much!

[Lisandro]

Did you try scheduling the Boot Time Scan?

Click on the Menu button.
Choose Schedule Boot Time Scan.
Doing so displays a dialog allowing you to schedule virus scanning.
Check Archives, if you want scan all the archives.
Specify whether all the disks or just a specific folder should be scanned.
Select Advanced options for scheduling details.
Select how to automatically process infected files.
Choose how to automatically process infected system files.
Click the Schedule button to confirm the settings.

[Spiritsongs]

   Hi Gofra:

      Your friend should add an antiTROJAN program ; if the
      Operating System is Win 2000 or Win XP, use the good
      & FREE "Ewido" from www.ewido.net/en . Any other OS
      should add A-Squared FREE at :
      www.emsisoft.com/en/software/free/ .

[Gofra]

I turned off system restore, ran a safe mode scan, boot scan...

I did schedule a boot time scan - no changes tho.

Thanx for that software link, I'll try it later on!

Thank you both for helping!

[polonus]

Hi Gofra,

Consider also these technical information on this trojan:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=40053

polonus

[Gofra]

I think I did it - no signs of infections so far. Solution = EWIDO

Thanks again, I really appreaciate it - thanks for your help aswell Polonus!