leong 0 Posted March 3, 2018 Posted March 3, 2018 Hi,Lately I keep getting repeated warnings from my antivirus (Eset) claiming it identified a threat and removed it. The threat name is JS/adware.Revizer.B and according to the warning it was found in a file on my computer named https://s3.amazonaws.com/jscache/16a168f0afda0c3c2.js. Another message claims a web address was blocked (https://netcheckcdn.xys/log?I=error&m=invalid or un) and another reports blocking another address (hxxp://S3.amazonaws.com/jschache/16a168f0af2da0c3c) .This happens with every chrome browser window I open.In addition clicking links in different windows often causes them to crash.I read on the web that this is a complicated malware infection and have seen many suggestions for removal, some of which I tried (malwarebites, spuware serach & destroy, Crapcleaner, hitmanpro, adwcleaner, tdsskiller, zemana antimalware) but couldn't get any results. Meanwhile eset keeps sending useless warnings, windows keep crashing and the whole computer runs slow and unstable. I would expect a dignified antivirus software like ESET, purchased to protect my computer, to give me a solution but it does not. Help would be greatey appreciated.Thanks in advanceLeon
Administrators Marcos 5,725 Posted March 3, 2018 Administrators Posted March 3, 2018 Are you getting these alerts even if no browser is running? If not, does using a different browser make a difference? Did you try to run a browser without extensions?
leong 0 Posted March 3, 2018 Author Posted March 3, 2018 When no browser is running I don't get alerts. I didn't see alerts with microsoft edge - for the time being only with chrome. How do i run browser without extensions?
itman 1,920 Posted March 3, 2018 Posted March 3, 2018 (edited) You have a malicious Chome extension installed. From what I have read about this malware, best way to uninstall the extension is in safe mode using Chrome's uninstall extension mechanism. Then reset your browser's settings. Appears Eset is indeed detecting the malware upon execution and blocking it from further invading your system. Edited March 3, 2018 by itman
leong 0 Posted March 4, 2018 Author Posted March 4, 2018 I followed your advice and removed all chromes extensions in safe mode. For the time being it seems the ESET warnings stopped. Thanks
VincentGR 0 Posted April 29, 2018 Posted April 29, 2018 Same here, JS/Adware.OpenCleaner.A Although eset detects it there's no action to remove it permanently.
VincentGR 0 Posted May 4, 2018 Posted May 4, 2018 Any news about this? Even after resetting chrome and removing all data, extensions it keeps going and suddenly takes 100% cpu time .
Administrators Marcos 5,725 Posted May 4, 2018 Administrators Posted May 4, 2018 Does running the browser without extensions make a difference? Please drop me a message with fresh logs gathered with ELC.
itman 1,920 Posted May 4, 2018 Posted May 4, 2018 On 4/29/2018 at 6:33 PM, VincentGR said: Although eset detects it there's no action to remove it permanently. Even after resetting chrome and removing all data, extensions it keeps going and suddenly takes 100% cpu time . Is this occurring on just one web site? If so, just avoid going to that web site. It appears Eset is detecting Adware.OpenCleaner.A installation attempt and blocking that from occurring. However if the web site is employing coin mining software running from its web server, there is no way to stop its execution.
VincentGR 0 Posted May 4, 2018 Posted May 4, 2018 Well my first page while chrome is opening is my gmail :-/ It deletes it every time there.
itman 1,920 Posted May 4, 2018 Posted May 4, 2018 2 hours ago, VincentGR said: Well my first page while chrome is opening is my gmail :-/ Temporarily disable Chrome's protocol handler for Gmail so it doesn't auto open Gmail. If no Eset alerts and no CPU pegging activity occur thereafter, that is where the problem is. It's possible you're being redirected to another web site that is trying to install the adware and is performing coin mining activites
VincentGR 0 Posted May 4, 2018 Posted May 4, 2018 (edited) Thanks but did nothing. I left this page only and I signed out from chromes default user and logged as guest. Edited May 4, 2018 by VincentGR
leong 0 Posted May 5, 2018 Author Posted May 5, 2018 In my case removing all chrome extensions resolved the issue completely.
galaxy 11 Posted May 5, 2018 Posted May 5, 2018 Would say that you have too many plugins installed for Chrome
Recommended Posts