Trojan Horse PSW.Agent.Q

  John B 14:31 31 Dec 2004

AVG found 2 copies of the above on my m/c yesterday, and moved them to the vault. After a reboot this morning it found them again (and put them in the vault).

Zone Alarm (I am a new user) has warned me today that "mcsmss.exe is trying to access the internet" A search on google seems to suggest that mcsmss.exe is (or can be) associated with various Trojan horses.

3 of the problems are given the path name C\WINDOWS\SYSTEM32\mdcms.exe, the other was found in Documents and settings....Temporary Internet Files\Content.IE5\EZJOT4XX\mdcms(1).exe

So my I please ask:

1) Has AVG solved the problem?
2) Is mcsmss.exe linked to the PSW.Agent.Q?
3) Should I allow mcsmss.exe access to the net?
4) Why did AVG find PSW.Agent.Q again the next day?

n.b I have scanned the m/c again this morning (after a reboot) and there were no problems.

Thanks in anticipation


  bremner 14:59 31 Dec 2004

You need to turn off system restore - run AVG again and then turn restore back on.

You will loose old restore points but that is the price to pay.

  John B 15:49 31 Dec 2004

Have done as you suggested. Any thoughts about letting mcsmss.exe access to the net?

  John B 16:01 31 Dec 2004

I've looked on my other XP computer and mcsmss.exe isn't there either. Is this something that I should try to delete; or should I permanently deny its access to the net in ZA?

  John B 17:43 31 Dec 2004

I'll try deleting it from ZA and see what happens!

  John B 19:14 31 Dec 2004

I've deleted it from ZA, but it's back! It seems to be trying to contact a m/c on my wireless network. I presume it should still have access denied?

  John B 23:06 03 Jan 2005

I hope this is now sorted. Please see click here

Thanks to all involved.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Google Pixel 3 review

Automatically create thousands of unique variations from one original design with this Illustrator…

iPhone XR release date, price & specs

Test : le Razer Phone 2