Comments on: Update: Removing JS/Downloader.Agent virus http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/ Computer, Internet, Web, Mobile ... Thu, 06 Oct 2011 05:13:29 +0000 hourly 1 http://wordpress.org/?v=3.1 By: Chris http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-86 Chris Mon, 15 Dec 2008 14:56:49 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-86 JS/Download is a JA script that is being downloaded to your computer from infected wepages,If you edit our own a webserver or host a website on your own then more then likley the website has be compermized. What I mean is you will find the the code below has been entered into evey HTML document on yor system remote or local and has to be removed. [code]Code Removed[/code] To remove the infection use the following tool in safe mode once you have run the tool you will have to clean all html files of the script code about. http://www.precisesecurity.com/tools-resources/adware-tools/smitfraudfix/ Hope this helps Chris JS/Download is a JA script that is being downloaded to your computer from infected wepages,If you edit our own a webserver or host a website on your own then more then likley the website has be compermized.
What I mean is you will find the the code below has been entered into evey HTML document on yor system remote or local and has to be removed.
[code]Code Removed[/code]

To remove the infection use the following tool in safe mode once you have run the tool you will have to clean all html files of the script code about.
http://www.precisesecurity.com/tools-resources/adware-tools/smitfraudfix/
Hope this helps
Chris

]]> By: Dhiru http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-64 Dhiru Wed, 06 Aug 2008 02:11:04 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-64 Well, i had the same problem with my Network, but luckily my ISP provides a good antivirus as a compulsion. I had 3 infected PC's in my Network. Whenever these PC's were ON, i used to have this problem. My Solution that worked for me: 1. Whenever you get this problem, Ping to your Gateway and check Latency 2. Scan for all the PC's in the network using some third party software to determine their MAC address. Once done, note down the infected IP's MAC Address and also note down the MAC Address of your . 2. Change your IP address 3. Disable your LAN Adapter 4. Reenable your LAN Adapter 5. In the Command Prompt, type "arp -s EX: ARP -S 10.21.207.1 00-11-11-b9-57-66 6.Similarly use "ARP -S 7. Once done, type "ARP -A" to see the changes. 8. Change back your IP address and look for the Gateway Ping Latency. You can observer Relatively lower latency because all your data packets are directly reaching the Gateway instead of the Infected Computer. 9. In this way, i do it everytime i start my PC. I know the list of Infected PC's so i just assign a Static ARP Entry so that they can spoof my ARP. Hope this Helps! Well, i had the same problem with my Network, but luckily my ISP provides a good antivirus as a compulsion. I had 3 infected PC’s in my Network. Whenever these PC’s were ON, i used to have this problem.

My Solution that worked for me:
1. Whenever you get this problem, Ping to your Gateway and check Latency
2. Scan for all the PC’s in the network using some third party software to determine their MAC address. Once done, note down the infected IP’s MAC Address and also note down the MAC Address of your .
2. Change your IP address
3. Disable your LAN Adapter
4. Reenable your LAN Adapter
5. In the Command Prompt, type “arp -s
EX: ARP -S 10.21.207.1 00-11-11-b9-57-66
6.Similarly use “ARP -S
7. Once done, type “ARP -A” to see the changes.
8. Change back your IP address and look for the Gateway Ping Latency. You can observer Relatively lower latency because all your data packets are directly reaching the Gateway instead of the Infected Computer.
9. In this way, i do it everytime i start my PC. I know the list of Infected PC’s so i just assign a Static ARP Entry so that they can spoof my ARP.

Hope this Helps!

]]> By: hk.www404.cn:53/ads.js | Web Trac http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-24 hk.www404.cn:53/ads.js | Web Trac Sat, 10 May 2008 20:12:06 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-24 [...] JS/Downloader.Agent virus is keep changing it’s [...] [...] JS/Downloader.Agent virus is keep changing it’s [...]

]]> By: Nwteat http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-22 Nwteat Sat, 15 Mar 2008 09:04:10 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-22 my college lan is suffering from same problem we have isolated the comps which have the problem but how to clean them?? my college lan is suffering from same problem we have isolated the comps which have the problem but how to clean them??

]]> By: Eddy http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-21 Eddy Thu, 21 Feb 2008 22:09:33 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-21 Hi! Thank you! Your explanation was the best on the net about this virus! So, now I can stop scanning without seeing results, because clearly the trouble is not in my machine. All the best. Hi!
Thank you! Your explanation was the best on the net about this virus! So, now I can stop scanning without seeing results, because clearly the trouble is not in my machine.
All the best.

]]> By: Anil Chandra K http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-20 Anil Chandra K Thu, 21 Feb 2008 14:01:49 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-20 This problem is caused by infected PC in your network spoofing in ARP. This problem is explained at http://www.netoptima.in/arprotect/ There is a freeware tool available. You can download the tool from the above link to analyze the network and pinpoint where the problem is originated. Anil Chandra K This problem is caused by infected PC in your network spoofing in ARP.

This problem is explained at http://www.netoptima.in/arprotect/

There is a freeware tool available. You can download the tool from the above link to analyze the network and pinpoint where the problem is originated.

Anil Chandra K

]]> By: admin http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-18 admin Fri, 08 Feb 2008 15:17:21 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-18 Yes, I had the same problem, seems my cable operator is working on it. Problem is not solved 100% yet, still getting the warning occasionally. Seems there are still few infected PCs in our network. Yes, I had the same problem, seems my cable operator is working on it. Problem is not solved 100% yet, still getting the warning occasionally. Seems there are still few infected PCs in our network.

]]> By: Arun http://www.web-trac.com/update-removing-jsdownloaderagent-virus-02-02/#comment-16 Arun Fri, 08 Feb 2008 05:59:57 +0000 http://www.web-trac.com/index.php/update-removing-jsdownloaderagent-virus-02-02/#comment-16 Even I am having the sam problem ... what I have found is that when I am using ie avg keeps giving popups saying threat detected ...if you see the location [C:\Documents and Settings\Arun Sharma\Local Settings\Temporary Internet Files\content.ie5\D8ZK64XL\ads[1].js ] somehow this is only affecting i.e mozilla seems to be resilient .. what do you think ... Even I am having the sam problem … what I have found is that when I am using ie avg keeps giving popups saying threat detected …if you see the location [C:\Documents and Settings\Arun Sharma\Local Settings\Temporary Internet Files\content.ie5\D8ZK64XL\ads[1].js ]
somehow this is only affecting i.e mozilla seems to be resilient .. what do you think …

]]>