JS/Downloader.Agent

JS/Downloader.Agent is a detection for JavaScript files that may have malicious intent to download and execute additional malware onto the computer. When it enters the computer, JS/Downloader.Agent will inject itself on Internet Explorer that may lead to web browser redirection. This Trojan also reduces overall system performance of the PC when running its own processes. Other activity includes excessive pop-up advertisement and constant communication to remote IP address. JS/Downloader.Agent is similarly utilized to spread rogue security software. In these cases, the Trojan will disguise as legitimate software update.

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Windows Vista

Characteristics
When executed, JS/Downloader.Agent will inject harmful code on certain running processes. This gives the Trojan to run on itself when the infected process starts. It works its way to communicate to a distant host to download additional threats. JS/Downloader.Agent will also attempt to update configuration files and performs malicious activities on the infected computer.

  • Steal sensitive information like computer name and password
  • Gather FTP credentials including address, user name, and password
  • Access web files through FTP accounts of the infected computer user
  • Inject malicious code into header of .PHP, .HTML, .HTM and other web file formats that may result the whole web site to be compromised.

When user visits infected web sites, the injected script will trigger certain harmful actions including the following.

  • Drop malware on visitor’s computer
  • Download and install rogue security software
  • Redirect search result to predefined web sites
  • Display pop-up alerts and advertisements
  • Disable security applications including anti-virus and firewall

Distribution
This Trojan will spread through the Internet in a variety of ways. Because the Trojan has so many variants, each type has its own usual way of distribution process. Infected web sites are the main channel to propagate JS/Downloader.Agent. Others are sent as an attached file to spam email messages or link contained within a message of instant messenger programs.

How to Remove JS/Downloader.Agent

You will find below a simple removal guide to delete JS/Downloader.Agent virus from an infected computer. Please follow the steps carefully.

Clearing Java Cache

It is identified that JS/Downloader.Agent is associated to malicious Java Script file, so it is important that you clear the Java Plug-in cache.

1. Click on Start > Control Panel.
2. Click on Programs.
3. Click on Java icon. The Java Control Panel will appear.

Java Control Panel Icon

4. On General tab, please click on Settings under Temporary Internet Files area.

Java Settings

5. You will now see Temporary Files Settings.
6. Click on Delete Files.
7. It will prompt for types of files you want to delete. Check both Applications and Applets and Trace and Log Files. Then, click on OK.

Delete Java Files

8. You may now exit the Java Control Panel.

Note: This procedure will delete all Java downloaded applications and Applets from your cache. To delete specific types of applications and applets, instead of Settings (Step 4), choose View. It will open a Java Cache Viewer window where you can delete individual entries.

View Java Applications

JS/Downloader.Agent Removal Tool

1. Download Malwarebytes’ Anti-Malware. Save the file on your Desktop or any desired location as long as it is accessible to you.

2. When download completes, double-click on the file to install the program.

3. Follow the prompts and install the program using the “default” settings.

4. Update the program when installation completes.

5. Click on Finish. The program will run automatically. Once it prompts for update, please proceed before running a virus scan. This update is necessary in having the latest database to detect and remove JS/Downloader.Agent.

6. Scan your computer totally. Make sure that it inspects all files, folders and registry entries for possible infection.

7. When the scan is finished, click on Show Results.

8. Make sure that all detected threats are marked with check. Please click on Remove Selected.

9. After removing all items associated with JS/Downloader.Agent, it will prompt you to restart the computer. Click Yes. This will reboot the system in order to complete the cleaning process.

10. When computer starts, open the tool once more. Go to the tab with label Quarantine. Click on Delete All to remove all malicious items in your PC.

Note: Virus action may prevent you from downloading the recommended tool. If this happens, please download the program from a different computer. Rename it before running on infected system.

Alternative Removal Method for JS/Downloader.Agent

Option 1 : Use Windows System Restore to return Windows to previous state

If JS/Downloader.Agent enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before JS/Downloader.Agent infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.