Constant Coinminer.D from Coinhive

[PurpleRanarr 0]

Pretty much the only thing that my NOD32 Antivirus blocks these days is a program called JS/Coinminer.d or JS/Coinminer.f
I am fully aware of what this program is and what it does, and I am very thankful that my fantastic antivirus stops it from abusing my computer. However, the sheer amount of this bug/trojan/virus is worrying. Attached is a list of recent quarantines.
Is there any way I can permanently block this site (coinhive.com) or their unwanted applications without my antivirus having to do it for me?
Thanks in advance,
Purple.

[Marcos 5,074]

This coin mining script is loaded by other websites, usually to gain some profit instead of displaying ads to the user. You can add the logged domain to the list of blocked websites in the url management setup.

[PurpleRanarr 0]

Thank you very much for the quick response. I have now made the changes you recommended.
10/10 for response time, helpfulness and problem solving.

[yvon 0]

I added coinhive.com to my hosts file

0.0.0.0 coinhive.com

I hope this wil help

[Gpeter 0]

Is there a way for me to let this script run? Because it is blocking even on sites that are asking people to mine in exchange for some service. Currently I am disabled from using the site.

thanks

[Marcos 5,074]

5 hours ago, Gpeter said:

Is there a way for me to let this script run? Because it is blocking even on sites that are asking people to mine in exchange for some service. Currently I am disabled from using the site.

thanks

You can exclude this particular PUA from detection by its name.

[Gpeter 0]

Even If I 've disabled protection for a period of time (1 hour) the page is still blocked? how is that possible?

thanks

[Gpeter 0]

No answer to this? All tutorials are showing older versions of software

[itman 1,659]

2 hours ago, Gpeter said:

No answer to this? All tutorials are showing older versions of software

Post the URL for the web site you want to use. I need to see the alert you are receiving.

[Marcos 5,074]

If you are ok with Coinminer running on the machines, did you exclude @NAME=JS/CoinMiner.D and @NAME=JS/CoinMiner.F for whole drives, ie. with * as the path?

[itman 1,659]

Malwarebytes has an interesting way of handling this situation.

In the scan exclude list you would first add the coin miner domain you wish to exclude i.e. coinhive.com and then the IP address of URL running the script. So if hxxp://www.crapsite.com is IP address 1.1.1.1 and running Coin Hive script-wise using coinhive.com, you would add both coinhive.com and 1.1.1.1 to the exclude list. MBAM interprets this as only allow connection to coinhive.com from hxxp://www.crapsite.com.