Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Trojan Horse Dropper.agent.joc

  • Please log in to reply
1 reply to this topic

#1 carol0412


  • Members
  • 8 posts
  • Local time:10:21 AM

Posted 24 August 2008 - 04:29 AM

I have windows XP and run AVG 8.0 everyday, Malwarebytes every week and Super Antispy also once a week (all free versions). Yesterday AVG picked up 11 infections and could only delete 2. They are trojan horse Dropper.Agent.Joc. I googled this and found a lot of discussion and everyone who had this message appeared to have used AVG and all got the message over two days only, and some thought that it wasn't a problem.

This is what I got fromAVG

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP616\A0062839.exe
C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\knlwrap.exe
C:\Deckard\System Scanner\backup\DOCUME~1\Carol\LOCALS~1\Temp\1ca5b6a.msi:\Binary.ISScript.Msi:\Binary.knlwrap.exe
C:\Deckard\System Scanner\backup\DOCUME~1\Carol\LOCALS~1\Temp\1ca5b6a.msi:\Binary.ISScript.Msi:
C:\Deckard\System Scanner\backup\DOCUME~1\Carol\LOCALS~1\Temp\1ca5b6a.msi:

So only having enough knowledge to be dangerous I did the following:

Ran Malwarebytes - found 0

Ran Super Antispy - found 0

Downloaded and ran Ad-Aware - found 80 and deleted them

Switched off and

Ran Ad Aware again - found 35 and deleted them

switched off again

Ran Spybot Search and destroy - found loads of cookies

Ran AVG again and found no threats

Do you think I have a problem on this computer still and as I do all my financials on here I am worried to say the least? You were so brilliant last time I had a problem and I hope this time you will tell me that this is nothing to worry about.

Thank you once again for your time and trouble.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,749 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:21 AM

Posted 24 August 2008 - 06:49 PM

According to this discussion thread, knlwrap.exe appears to be a false detection by AVG.

Edited by quietman7, 24 August 2008 - 06:49 PM.

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users