Removal of JS:Cryptonight[Trj]

Hi Avinash

In response to your questions:

AVG Version details are as follows:

  • Version 17.4 (9cf9975e9ca8)
  • Virus databases: 171128-2
  • Last update: November 28, 2017

Snapshot of Threat shown below:
User-added image

It would seem that while the file JS:Cryptonight[Trj] is detected by an AVG virus scan and can be removed what is causing it to be reinstated following a power up is not being detected by an AVG virus scan.

Regards
Robert McLister

Hello, Robert.
I apologize for the inconvenience this may have caused. May I know which version of AVG program that you are using? To find out the version you can follow user manual, part 4.3. Menu in the task bar
http://files-download.avg.com/doc/AVG_AntiVirus_for_Mac/avg_avm_uma_en_ltst_03.pdf .

Please also provide us with the screenshot of the threat pop up. Click on this link https://support.apple.com/en-us/HT201361 for instructions on how to take a screenshot. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.

I have a similar issue - Macbook Pro High Sierra 10.13.1 JS:Cryptonight can be deleted using Avast but reappears after I reboot. Avast v. 12.9, virus definitions version 17112902

Hello A L,
I'm sorry for any inconvenience caused. May I know the issue if you're receiving the AVG detection while opening Chrome or is there because of any particular website and also share a screenshot of recent the AVG detection to assist you further. You can post the screenshot here on your topic. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.
Best regards,
Alok.

AL,

Thank you for reaching out to us with your concern.

As the full path of detection is not fully visible from UI, please provide me with the full path. You can copy the path by right-clicking on the detection path and pasting it here or to any text file by the standard way.

Please provide me the OS version by following this article here. Also, provide me the version of the AVG Antivirus for Mac. To find out the version you can follow User Manual, part 4.3. Menu in the taskbar.

Are you guys 100% certain it is a false positive or does it just "looks like" a false possitive but actually could be a real JS:Cryptonight spywere?

JS:Cryptonight[Trj] detected as a threat when a virus scan is run on MacBook Pro running macOS High Sierra version 10.13.1. Even although it is deleted it reappears the next time the device is switched on and a virus scan is run. How is JS:Cryptonight[Trj] removed once and for all

AL,

Thank you for reaching out to us with your concern.

As the full path of detection is not fully visible from UI, please provide me with the full path. You can copy the path by right-clicking on the detection path and pasting it here or to any text file by the standard way.

Please provide me the OS version by following this article here. Also, provide me the version of the AVG Antivirus for Mac. To find out the version you can follow User Manual, part 4.3. Menu in the taskbar.

A L,

Thank you for providing the screenshots and providing the details. 
I have forwarded the case to the senior team for getting a suggestion.
You will get a reply soon via email from them. 

Please note the Case Number 05939642 for future reference.

Hello, Robert.
I apologize for the inconvenience this may have caused. May I know which version of AVG program that you are using? To find out the version you can follow user manual, part 4.3. Menu in the task bar
http://files-download.avg.com/doc/AVG_AntiVirus_for_Mac/avg_avm_uma_en_ltst_03.pdf .

Please also provide us with the screenshot of the threat pop up. Click on this link https://support.apple.com/en-us/HT201361 for instructions on how to take a screenshot. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.

Hi, 
I've been getting countless quarantine notifications regarding Cryptonight on my Macbook.  
AVG quarantine
Deleting them didn't help.  The quarantined files are in my Google Chrome cache.  I've tried clearing the cache, also to no avail.  Thanks for your help!

Hi Alok,

It occurs seemingly randomly when I have Chrome open - no pattern with websites.  However, I believe twice it occurred while using the Pinterest Chrome extension.

I don't have a screenshot of the most recent detection, but I have this earlier detection (they all look pretty much the same)

User-added image

Thank you!

Hello A L,
I'm sorry for any inconvenience caused. May I know the issue if you're receiving the AVG detection while opening Chrome or is there because of any particular website and also share a screenshot of recent the AVG detection to assist you further. You can post the screenshot here on your topic. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.
Best regards,
Alok.

I have had this exact same problem. I found out It appeared on my mac after downlading a couple of programs form 3D4Medical through the app store. I hope it is as you say a false positive and not a problem with the programs.

Thank you for your assistance!

Hello Kaye,

It would be helpful if you could provide the screenshot of the complete error message to check and assist further. Click on this link Take a screenshot on Mac - Apple Support for instructions on how to take a screenshot. Click on 'Answer' & then click on the 'Image' [mountain symbol] & follow the instructions.

I'm still getting this error.
MacOS 10.13.1
AVG:
Version 17.4 (9cf9975e9ca8)
Virus databases: 171202-2
Last update: December 2, 2017

Thank you for your helpful reply. Its reassuring that its probably a false positive and  you will fix it soon.

Hello Robert,

Thank you for being patient.
The threat detected looks like a FP and we are working on a fix which should be released soon.
We appreciate your understanding and patience in this matter.

Hello William and Peter,

I understand the inconvenience.
The threat detected looks like a False Positive and we are working on a fix which should be released soon.
We appreciate your understanding and patience in this matter.