"JS/Adware.Agent.AA application" pops up when I want to enter kissanime

[FarhanTousif 0]

Dear Eset,

 

When I visit Kissanime.ru to watch anime a threat named " JS/Adware.Agent.AA application" pops up and prevents me to go to that website. This is the first time it happened to me on kissanime.

Can you do something so that I can visit that website again. 

Threat found This web page contains potentially dangerous content. Threat: JS/Adware.Agent.AA application Access to it has been blocked. Your computer is safe.

Open ESET Knowledgebase  |  www.eset.com

 

 

[Marcos 5,070]

If the alert is triggered when visiting a particular website, avoid visiting it. If it's blocked immediately when a browser is launched, disable all extensions and enable them one by one until you find the one which is triggering the alert and remove it.

[FarhanTousif 0]

When I bypass the blockage by disabling it, I sure get into the website but my chrome shutdowns whenever I enter that website. I tried several time but the same result!

[Marcos 5,070]

This is from one of the compromised websites, looks like a heavily obfuscated JS. Below is an already beautified excerpt from it :

Do not disable protection to circumvent the detection / protection or you may get infected. Not sure what the script exactly does but it doesn't look nice and I'd never want such script to be run unless provided by a highly trusted entity.

[DIAS36 1]

I have the same problem here

[seanr94 1]

I am having the same problem, though I've been using this site for a long time.

[Diddy Cool 1]

I think it's false alarm, ESET made a blunder... smart alec.

Why? Because it's say JS/Adware.Agent.AC application on my own website. So, I disabled all the ads banners.

I scanned the websites with couple scanners ... Nothing.

I scanned the F out of my computer, AdwCleaner found a few things,  nothing to do with JS/Adware.Agent.AC. Some "puppies" due to a downloader. Cleaned. And then reset my browser, after all the hassles, ESET still says JS/Adware.Agent.AC on the website. I wonder if the ads are not served, how can there be any JS/Adware.Agent.AC application?

Also, that means online scanner like Sucuri is a moron? Google is a moron? Because no one else say there's  problem except ESET.

Plus, JS/Adware.Agent.AC is not a "virus", just some ad links spammer, that has nothing to do with your computer.

Never mind, it also diallowed me to access my own website backend to remove the ads banner, even after I disabled the smart ESET. Then it keep crashing my browser. And then my computer. So, I took pain to uninstall ESET.

Problem Solved.

Now my computer runs smoothful. You tell me who's the problem.

Edited August 31, 2018 by Diddy Cool

[catmuf 1]

I'm as well. I disabled the web protection to see what would it happen, and then, my laptop started freeze. I could move my mouse and press the start menu, but when pressing any application the laptop started to paralyzed. I executed Eset's scanner, the result I obtained is clean with no infections inside my laptop. After that, I ran a secondary scanner and none.

[Vít Pokorný 0]

I have the same problem after last Eset update from 30.08.2018, for example on web www.clipconverter.cc, which I has been using since nowday.

Možná souvisí s https?

Edited August 31, 2018 by Marcos
Hyperlinks removed

[Diddy Cool 1]

UPDATE

Confirmed ESET is hallucinating.

I told you ESET wouldn't even let me use the browser after I disable their Internet s---. And everything run smoothly adter I completely uninstalled ESET.

Guess what. It happens again. I just reintalled. Same thing. It's telling a site with no ads whatsoever, no one else says there is anything wrong ... is infected with JS/Adware.Agent.AC.

So bad they crash your browser, your computer.

Is an ads links spammer really so dangerous (that no one know if it even exists) that you have to crash the browser/computer? 

C'mon ESET, be classy, admit this is your blunder. 

 

 

Edited August 31, 2018 by Diddy Cool

[Marcos 5,070]

We have double checked the detection and what has been reported to be detected. We confirm the detection is correct, only a small correction to it will be made. It detects scripts that often server malicious ads delivering PUAs and malware. There's also connection with child pornography and the JS/Chromex.Submelius malware.

[chrrykrio85 1]

I have the same problem,
ESET detected JS/Adware.Agent.AA application,
My Windows 10 crashed when I turned off WEB access protection.

When I rebooted, Chrome told me "ESET Security may cause Chrome to not work properly".

ESET has made a very serious mistake.

PS. This is from GOOGLE translation,My English isn't very good, please don't mind.

[Marcos 5,070]

5 minutes ago, chrrykrio85 said:

ESET has made a very serious mistake.

Protecting you from malicious websites and scripts is not a serious mistake but something that a security product is supposed to do and expected to do. The fact that you opened the website with Web protection disabled which subsequently caused the browser to crash is not ESET's fault. We cannot prevent users from deliberately pausing protection and subsequently opening websites containing malicious or otherwise dangerous stuff.

[chrrykrio85 1]

37 minutes ago, Marcos said:

Protecting you from malicious websites and scripts is not a serious mistake but something that a security product is supposed to do and expected to do. The fact that you opened the website with Web protection disabled which subsequently caused the browser to crash is not ESET's fault. We cannot prevent users from deliberately pausing protection and subsequently opening websites containing malicious or otherwise dangerous stuff.

I tried to tell you that the crash came from ESET, you don't believe it, you don't even want to try to find out if there are mistakes.

I tried to let ESET ignore JS / Adware.Agent.AA, unsuccessful.

If I turn off WEB protection, go to the same website again, ESET will force Chrome to close, then Win10 will collapse.

Windows 10 crashed again many times, 
I removed ESET now, and Windows 10 works very well.

PS. This is from GOOGLE translation,My English isn't very good, please don't mind.

[notimportant 5]

When " Chrome told you "ESET Security may cause Chrome to not work properly" " it doesnt mean crash was caused by ESET itself. This behavior has been answered here already: www.bleepingcomputer.com/news/google/google-chrome-showing-alerts-about-incompatible-applications/   and also here:  forum.eset.com/topic/16362-update-or-remove-incompatible-applications-in-latest-google-chrome-for-eis/

Edited August 31, 2018 by notimportant

[Diddy Cool 1]

4 hours ago, Marcos said:

We have double checked the detection and what has been reported to be detected. We confirm the detection is correct, only a small correction to it will be made. It detects scripts that often server malicious ads delivering PUAs and malware. There's also connection with child pornography and the JS/Chromex.Submelius malware.

Child porn? 

Hello. This is not your job. It's FBI. Tell you which site got child porn,  I call FBI for you.

Next, if people choose disable your flawed protection,  why does your software still want protect? Not only that, you crashed the browser , and screwed the whole computer. You said this not eset fault? Then tell me why after uninstall eset, everything run smoothly?

Also, why after I have disabled all the ads code, eset still say the same thing? Not immediately.  But half a day later still the same.

Please respect users freedom, we want to visit sites you don't like, it's our choice. After all, I have checked, the js.aware is not a real virus. It just spam links.  I can just click them away. 

If Google don't care.  Why should you.

Please, just protect our computer. The Internet is not really your business.  We appreciate you want to help people online. But you don't have right skills yet. You're blocking everyone to visit sites that use non adsense ads.... let me assure you. The ads are annoying, but they are harmless. .. so far for me. 

Be classy.  Take your hands off my favorite sites.  They are sexy, but no child porn. Pls don't . 

People, I think they just ban ads company like Exoclick. Which is actually a big company. Tgey do serve ads, but child porn. 

So, eset, pls tell me which ads source you detected malicious? Show me. I will get exoclick to shut it down.

Do it now or you see many people dumping eset for alternative.

Thank you

Edited August 31, 2018 by Diddy Cool

[Diddy Cool 1]

Another thinh to show eset is sleeping. 

I used AdwCleaner to scan my computer, they detected 3 ir 4  malware called pup-something... sounds like aware.  You know what? Eset never able to detect.  Yet a free software like AdwCleaner can detect.  

see, eset can't even handle the computer properly, they want police the Internet? 

please give us a break. Concentrate on the computer. .... if we get infected from the Web,  you help to get rid of the shits. So, what the problem ?

Pls don't block us to that extend. Also, porn is not your business,  that's why you have parental control. They are many out there marking sites as adult. ... thats not your job..

 

Edited August 31, 2018 by Diddy Cool

[Marcos 5,070]

AdwCleaner detects also benign stuff / leftovers that are not normally subject to detection. Without getting and analyzing what it detected it's impossible to tell if that stuff was supposed to be detected or whether it was a false positive by AdwCleaner. Moreover, AdwCleaner is not an antivirus and works differently than AVs.

Let's stay on topic, don't turn this topic into a A vs B discussion and keep polite tone.

[Diddy Cool 1]

Good.

I say you block the sites not because you detected a virus. You just blacklist the site.

Perhaps you detected something before, that does not mean the something is still there.  This is proven by the fact that I personally removed the ads,  meaning there is nothing. My site is protected by one of the world best defender. It's technically clean. This is further confirmed by all online scanner including google.

You shouldn't punish a site forever just because one of the ads has something fishy. Those ads are served by external sources.  The ads company will them  if they know about it. So,  perhaps you should provide information who is the culprit for the ads company to take action.

That's what Google does.  They will tell the site owner,  get it fixed and the warning will go away. If it's a small time virus, they let you visit. Only serious Trojan stuffs will they block you. Adware? They don't even care.

I am sure you can fix it. 

In case you are not aware, you are block some if most popular sites on the Internet. 

I await your solution. Trust you will fix it soon. Thanks.

 

 

[itman 1,659]

19 hours ago, FarhanTousif said:

Kissanime.ru

This thread "tweaked" my interest.

Went to above url in IE11 and didn't get any Eset alerts whatsoever. However, I did notice on the right hand side of the home page it stated "preroll ads temporarily disabled." So perhaps the issue here is not so much the web site as it is the ads that appear on it? If the ads don't appear until later such as at log on time, etc. this would be a way to "fool" the web site scanners such as Sucuri.  

[Marcos 5,070]

As itman said, the website is not blacklisted. It was a javascript that was detected and that might have been removed in the mean time by an admin of the website so it's no longer detected by ESET.

[Diddy Cool 1]

Yes and no.

From what I know, ads spamming adware won't stay on the same site forever. They typically small time scammer eg. Telling you your computer has been infected by trojan., and then ask for ransom. But they do no harm to the website. 

Sites are blacklisted usually is when they haven harmful stuffs that infect visitors device eg. Download or click that can pump an extension in your browser. If this is case, there many police out there monitoring. The site will be blacklisted by everyone from sucuri, virus total, etc. And google will warn you... like I say, Google is experienced enough not to block every problematic site outright. Usually only the infectious type. 

As for site with small time spamming adware, they may just warn the visitor, if the adware persists. But they will you visit anyway.

In other serious cases ' total blockage type. They will ask the site owner to fix the site and get a blockage lift off.

So I am not sure if it's good idea for eset to do what Google is already doing. ... in this case , eset blacklist the site altogether without any solution for the siteowner. ... I hope not forever. That will a disaster.

 

 

 

[Marcos 5,070]

Again, the website was not blacklisted but it was a dodgy javascript that was detected there. Removing the script allowed users to visit the website without the html code being detected and blocked.

[Diddy Cool 1]

Hi Macros, 

I reinstalled Eset and again disabled all the ads for you to test. 

Here is a sample suite: hxxp://scandalshack.com/

Result: Same thing "JS/Adware.Agent.AA application" !

Now, do you mind to scan the sample site and tell me what malicious code is running?

Everyone says the site is safe and clean, except not child friendly.

https://www.virustotal.com/#/url/f0c3151991e65283120dabd7e38e36465d4efd0e72b0f60963db13b603d2e2c1/detection

Take your time.

Thanks.

[Marcos 5,070]