JSRedir-R is responsible for more than 40% of all drive-by malicious downloads / exploits. This script is found on lot’s of legititmate websites after they have been comprimised (of course). JSRedir-R redirects you to a malicious download as soon as you access the infected webpage.
Your best defense against JSRedir-R is:
- Always installing your Windows updates (always reboot right after).
- A good antivirus with script detecting abilities (Avira Free 9).
- Browsing the internet via a sandbox (Sandboxie…32bit only).
Here is some excellent reading on JSRedir-R and how it all get’s started:
http://www.theregister.co.uk/2009/05/15/script_menace/
http://blog.unmaskparasites.com/2009/05/07/gumblar-cn-exploit-12-facts-about-this-injected-script/