Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Js/downloader.agent In My System

  • Please log in to reply
1 reply to this topic

#1 coongoola


  • Members
  • 4 posts
  • Local time:12:52 PM

Posted 02 February 2008 - 10:19 PM

Sorry guys, original posted in the wrong forum !

Hi from sunny Australia. ( again ! )

Last week my system started getting the above mentioned virus/script when connecting with MS Int Explorer.

AVG Free keeps on detecting it and sends it to the vault. I've tried emptying the vault and deleting Temp Internet files & cookies etc but to no avail. I've scanned with AVG in safe mode... no good.

Tried a program called Trojan Remover and it found a file as follows...

Trojan Remover forced a System Restart by terminating WINLOGON.EXE.
The Cleanup Utility was used to remove locked registry keys.
Unable to rename kdrpg.exe to kdrpg.exe.vir
(kdrpg.exe does not appear to exist)

I ran Hijack this and have attached the log here.

I'd appreciate any assistance

Regards from down under

Attached File  hijackthis.log   5.88KB   9 downloads
Pat Robinson
Mid North Coast
NSW Australia

BC AdBot (Login to Remove)


#2 Falu


  • Security Colleague
  • 3,001 posts
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:52 PM

Posted 13 February 2008 - 05:11 AM

Hi coongoola, :thumbsup:

If you still need help please post a new HijackThis log as a reply (not an attachment) to this topic. Before posting the log, please make sure you follow all the steps found in this topic: Preparation Guide for use before posting a HijackThis Log , and I'll be happy to look at it for you.

Thanks for your patience. :blink:

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users