Nov 09, 2017 JS:Miner-CTrj consumes all the available resources of the system making the performance dull. Methods to remove JS:Miner-CTrj from the computer. If you have JS:Miner-CTrj virus dropped inside, then your computer might also be infected with other spyware and potentially unwanted programs. You can try removing those manually, but manual.
This article has been created in order to help explain what is the JS:MINER [Trj] miner malware and how to detect and remove it from your computer system.
A new miner malware, detected to be spread via the web browsers of the victims, using JavaScript has been reported to be existing and spreading and multiple different virus variants. The infection is a Trojan horse, infecting via JavaScript, hence it’s detection name JS:MINER [Trj] by major antivirus companies, like AVG and Avast. In the event that your computer has experienced the JS:MINER malware infection, recommendations are to read this article in order to learn how to fully erase this malware and prevent it from mining cryptocurrencies, like BitCoin or Monero on your computer.
Threat Summary
| Name | JS:MINER |
| Type | CryptoCurrency Miner |
| Short Description | Aims to mine for various cryptocurrencies on your computer system(one or more), using it’s resources. |
| Symptoms | Your computer is heavily overloaded and you may experience cooling fan noises, system performance slow-downs and interruptions. |
| Distribution Method | Via malicious software, previously infected your PC, fake setups and malicious executables, disguised as legitimate ones. Macro infections are also a possibility. |
| Detection Tool | See If Your System Has Been Affected by JS:MINER Malware Removal Tool |
| User Experience | Join Our Forum to Discuss JS:MINER. |
JS:MINER Malware – How Does It Spread
A new cryptocurrency miner trojan was recently detected to mine various different types of cryptocurrencies via JavaScript. The malware has been dtected by several major antivirus companies t perofrm significatn miner activities via comrpomised software or websites.
In order to infect your computer, the malware primarily uses malicious websites. Such websites may be introduced on your computer as a result of having a Trojan horse or other type of malware or unwanted software previously infected your computer. In addition to this, the JS:MINER malware may also cause an infection by you having to click on a web link believing to be legitimate. Such web links may be concealed in malicious websites as download buttons or sent to you via e-mail, pretending to be legitimate messages with the link, disguised as a “button”, like the malicious e-mail, cleverly disguised as a legitimate Dropbox e-mail.
One of the main infection methods used to infect computers with JS:Miner:C is likely conducted via a Trojan horse, which may land on your computer as a result of a malicious e-mail attachment sent to you via e-mail, like the following.
Another particular infection source of this virus is related to a web link, according to researchers who have reported it on Avast forums.
JS:MINER Malware – Activity
Once it has infected your computer, the JS:MINER malware may come in several different variants, like:
- JS:MINER-A
- JS:MINER-B
- JS:MINER-C
- JS:MINER-D
- JS:MINER-E
- JS:MINER-F
- JS:MINER-G
- JS:MINER-H
- JS:MINER-I
Those are the variants of the malware that have so far been detected, the most prominent of which is the C version of the malware. When it infects your computer, this miner may also drop payload files directly on your computer, since it is classified as a Trojan Horse infection in general:
- %AppData%
- %Local%
- %LocalLow%
- %Roaming%
- %Temp%
- %Windows%
After the files of the virus are already on your computer, the malware may begin to perform different activities that make it run processes as an administrator on your computer and schedule tasks for automatic execution. This may result in various different activities to occur on your computer:
- It’s CPU usage may increase significantly.
- Increase in GPU utilization.
- It may freeze.
- Significant reduction of its performance.
These are side effects of this virus connecting your computer to a so-called mining pool. Such pools often aim to combine many infected computers by the JS:MINER viruses to the same mining wallet, increasing it’s mining power and hence generating more of the designated cryptocurrency the hackers behind these viruses have created. This results in them generating more cryptocurrency tokens at a smaller time frame as they infect more and more computers in time.
In addition to mining your computer for cryptocurrencies, the JS:MINER malware may also perform other activities on it, such as:
- Take screenshots of your desktop.
- Log your keystrokes.
- Obtain information about BitCoin wallets installed on your computer.
- Steal passwords and registration ID’s.
- Steal system information.
- Steal network information.
Even though it is not known for sure, the malware may do anything to remain hidden on your computer for longer periods of time and this includes updating itself plus downloading other malware or create copies of itself that are on standby in case you delete the original miner file manually. The virus may also perform activities on your computer that may result in JS:MINER mining your computer fileless, in other words by using your web browser without any files that are dropped on your PC.
JS:MINER Virus Family – How to Detect and Remove
In order to detect a JS:MINER virus, it is important that you track the utilization of your CPU and GPU. But, since these viruses are complicated and pretend to not use a significant ammount of your computer’s resources, you should download third-party software, such as CoreTemp and GPUTemp in order to check the actual temperature and usage of your PC’s components, required for mining to take place. If you detect an elevated temperature and usage, reccomendations are to remove JS:MINER from your computer by following the removal instructions down below. They are created in order to help remove JS:MINER either manually or automatically. Furthermore, experts also strongly advise to use an advanced anti-malware software in order to remove JS:MINER, since this will make sure that not only the virus is fully removed but your computer will stay protected against future threats as well.
ShowAll Questionssorted byRecent ActivityShow
- All Questions
- Unanswered Questions
sorted by
- Recent Activity
- Date Posted
- This Question
- October 19, 2017
- ·
- ·
- 0
- ·
- 0
I understand your concern. Please send us the screenshot http://avgclick.me/getscreenshot of the error message you receive. We will check the same and assist you further.
- October 19, 2017
- ·
- 0
- ·
- 0
AVG Guru
- October 19, 2017
- ·
- 0
- ·
- 0
- October 21, 2017
- ·
- 0
- ·
- 0
- October 21, 2017
- ·
- 0
- ·
- 0
It seems that you are trying to log into online banking website and then you are receiving this threat detection from AVG.
If the website is trusted one then you can add the URL to AVG's exclusion list as mentioned in this article: http://support.avg.com/SupportArticleView?urlname=How-to-make-exclusions-from-all-scans-and-shields .
Before adding it to exclusion please provide the URL to us through this link: http://www.avg.com/submit-sample for adding it to whitelist.
- October 21, 2017
- ·
- 0
- ·
- 0
- October 21, 2017
- ·
- 0
- ·
- 0
- October 21, 2017
- ·
- 0
- ·
- 0
- October 22, 2017
- ·
- 0
- ·
- 0
- October 22, 2017
- ·
- 0
- ·
- 0
I understand the inconvenience.
Are you using free, trial or paid version of AVG Antivirus program?
- October 22, 2017
- ·
- 0
- ·
- 0
It doesn't feel right AVG?
- October 26, 2017
- ·
- 0
- ·
- 0
I understand this must be annoying.
I suggest you to get in touch with our Chat Team and they will help you regarding the issue.
Here is a link to start a Live Chat Session : http://avgclick.me/AVGtechnical
- October 26, 2017
- ·
- 0
- ·
- 0
I have the same problem,
it happens with any webside, but always in relationship with chrome.exe
- November 12, 2017
- ·
- 0
- ·
- 0
Thank you for providing the screenshots. To analyze the issue further, I need to submit your concern to our senior technicians along with other diagnostic logs. I have sent you an email with steps on how to collect and upload the data required for analyzing your issue. Please check your inbox and spam/junk folder as well.
- November 12, 2017
- ·
- 0
- ·
- 0
I get notification about Coinhive every 15-30 minutes. And it doesn't matter what site I am on.
- November 17, 2017
- ·
- 0
- ·
- 0
Michal, You're using Avast!!. Have a look @ these 2 links....
[1] (https://support.avast.com/en-us)
[2] (https://forum.avast.com/)
AVG Guru
- November 17, 2017
- ·
- 0
- ·
- 0
I have this problem too. This screen show when I open firefox whatever I open any www or not.
- November 23, 2017
- ·
- 0
- ·
- 0
- November 23, 2017
- ·
- 0
- ·
- 0
Pakorn, Avast!!.. See my previous posting.
AVG Guru
- November 23, 2017
- ·
- 0
- ·
- 0
Js Miner Trojan
RUTH FERMINJs Miner Av
THE APPARENT SOLUTION IS TO BUY AN ANTIVIRUS THAT SAY THEY ARE THE ONLY THAT ELIMINATE IT MAYBE ITS CREATORS OR FORMAT THE MACHINE BUT THAT DOES NOT GUARANTEE THAT IT WILL NOT BE RETURNED TO INSTALL ... GOD WITH SO MUCH WORK TO DO
- February 1, 2018
- ·
- 0
- ·
- 0
Js Miner C Trj
Karthikeyan(Avast)I understand how difficult this is for you. Please send me the screenshot http://avgclick.me/getscreenshot of the threat message you recieve and let me know the version of AVG installed on your comptuer.
- February 1, 2018
- ·
- 0
- ·
- 0
- February 13, 2018
- ·
- 0
- ·
- 0
- March 1, 2018
- ·
- 0
- ·
- 0
- March 1, 2018
- ·
- 0
- ·
- 0
If you are a paid user of AVG, please get in touch with our technical support team ( https://support.avg.com/support_contact_form?l=en ) for further assistance regarding this issue. If you are using a free version of AVG, please start your own post so we can collect necessary information and escalate your issue to our higher level technicians.
- March 1, 2018
- ·
- 0
- ·
- 0