Trojan horse Agent_r.QS

Microsoft Windows xp professional w/sp2
March 6, 2010 at 22:40:08
Specs: Windows XP
have been using norton antivirus 2009 with updates .. and pc was very slow...kept getting pop ups of intrusion alerts.. and trojans.. removed all trojans.. then used free previx 3.0 which showed more.. purchased previx to remove higher ones and well enough all gone.. however free avg scan keeps showing this one
C:\WINDOWS\system32\svchost.exe (608):\memory_001a0000 Trojan horse Agent_r.QS
C:\WINDOWS\system32\svchost.exe (608) Trojan horse Agent_r.QS
C:\WINDOWS\explorer.exe (784):\memory_001a0000 Trojan horse Agent_r.QS
C:\WINDOWS\explorer.exe (784) Trojan horse Agent_r.QS

malware bytes scans all ok and norton full scan all ok .. when i click on avg scan with right click on file directly it says its ok .but full scan with avg finds the above and sez it healed it ..but when i did a scan again right awy it still showed? ..i still get intrusion attempts from norton which have a destination path to windows/system32/svhost.exe. wondering if something still lurking there calling out to the intruder? i searched and found the ip is in asia..

See More: Trojan horse Agent_r.QS

Report •

March 7, 2010 at 08:34:58
Sound like you are still infected, run these scans and post their logs please.

Download DDS and save it to your desktop.

Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt

Save both reports to your desktop then post them please.

Please download Malwarebytes' Anti-Malware from one of these sites:



Rename the setup file, mbam-setup.exe, before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename mbam-setup.exe to tool.exe> click save.

1. Double Click tool.exe to install the application.
2. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
3. If an update is found, it will download and install the latest version.
4. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient.
5. When the scan is complete, click OK, then Show Results to view the results.
6. Make sure that everything found is checked, and click Remove Selected.
7. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
8. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
9. Copy&Paste the entire report in your next reply.

Report •
Related Solutions

Ask Question