Solved Alerts from Windows Defender about "Adware:JS/InjectorAd.A" in Vivaldi's cache [Resolved]
-
I wonder if any "false positives" - if it actually is that - might be related to Chromium keeping cache files in Gzip format (maybe if they were delivered that way, as most web servers are doing these days).
It would mean they would look nearly "random", and increase the chance of an over-zealous AV finding patterns which might indicate malware.
Then again, I think Chromium (and most browsers) have been doing this for a long time now, so it's nothing new...
-
@Pathduck If an antivirus reports a virus in a file made with gz/zip/rar/etcetc (any known archive, in other words) without even unpacking it first, should be deleted immediately.
I would assume they at least check for the header to understand the file format first. -
@iAN-CooG Aye, but we're talking about Windoze Defenestrator here :face_with_stuck-out_tongue_winking_eye:
-
@Dr-Flay and @Pathduck,
As I said in the thread title and in my first post, it is about cache.-
I sent several recovered from quarantine files to Virus Total. Adware pushers detected by: Comodo, GData, Microsoft, ZoneAlarm, ESET-NOD32, Kaspersky, Tencent.
Curiously, for me, analysis results all refered to the name of the first file I submitted. Most likely because it was the same junkware.
https://www.virustotal.com/gui/file/7ef9eace63866122127e01844d36d926037b14b1c3d6e16e1057834ef1475077/details -
VT said it is a text file. Sure enough. Filealyzer saw hostname: freevideodownloader. OUCH!!!. It is related to extension, even though I said I only have AdBlockPlus and ScriptSafe. Vivaldi kept caching a useless, old (installed a year ago or more) extension which I forgot to remove and forgot I have it as one of the three icons.
-
With that crapware gone, all is quiet. Confirmed by EEK and ESETonline scans.
-
-
@ovivu Case solved then. At least now we know it was a user error, not on Vivaldi side. You can't blame Vivaldi if you install known adware-filled extensions.
Take more care next time. -
@iAN-CooG said in Alerts from Windows Defender about "Adware:JS/InjectorAd.A" in Vivaldi's cache:
@ovivu Case solved then. At least now we know it was a user error, not on Vivaldi side. You can't blame Vivaldi if you install known adware-filled extensions.
Take more care next time.- I reviewed what I wrote it this thread. At no point I blamed Vivaldi. I simply asked a question.
- You can call it user error, if you wish. If it's clean one day and not clean the next day, it's hardly a user error me thinks.
- The bad extension lived in Vivaldi for a year or two, unused. It was after I upgraded to 2.7 that Defender started complaining. Possibly a different way of caching or a timing coincidence with some Defender updates which are frequent.
- Yes, case is solved.
RESOLVED
-
@ovivu said in Alerts from Windows Defender about "Adware:JS/InjectorAd.A" in Vivaldi's cache:
Yes, case is solved.
Good new. Could you please tag as resolved.
click on the 3 dots >> edit โ add the word resolved at the bottomEdited: Image
-
@iAN-CooG Be kind. You can congratulate the user on the solution without scolding.
@ovivu Excellent that you found it. From this side, we can't tell what's on a user's machine of course, but we can be pretty sure Vivaldi downloaded directly from the site is not infected. So we just try to encourage users to dig around, unless we recognize a specific symptom from some known crapware.
-
I'm supposed to enter tag saying Resolved. I have no clue what it means to enter tag. And where am I to do it? I wrote in RESOLVED into my most recent post but I gather that's not what this forum means as shown in @lamarca post above.
-
@ovivu Ah. If you seek to edit your original post, (the one you started the thread with) then below and to the left of the text box you will see place where you can enter tags. Also, you are able to edit the title of the post to add [Resolved] if you want to do that. I usually do both.
EDIT: As of a few minutes ago (five hours after I posted this) the community manager disabled tags for users for the time being, so only Mods can apply them. I will tag this thread for you.
-
Thank you, @Ayespy
Question for the future - can we add "resolved" to the title or not? I ask just in case I post again. -
@ovivu Yes. That's still possible.
-
Hi, I just solved the same problem with the Windows Defender Alert Adware:JS/InjectorAd.A, too.
I just wanted to share my way of solving it in case somebody needs. First I tried Malware Scans with no result. Then
- I emptied the cache of vivaldi (all the files starting with "f_000")
- then vivaldi was out of date therefore, so I updated vivaldi
- then I disabled my extensions (apps) in vivaldi, turned them on one by one and found out it was the extension "Video Downloader professional" that caused the problem. I turned it off and the alert never came again!
All the best for you.
-
@UserfromAustria Thanks for the information. I really wish people would stop using those video downloader extensions, they cause all kinds of issues.
Install Youtube-DL instead, it's fast, easy to use and setup, even on Windows. And it supports a massive list of other sites that no other downloader supports.
-
I uninstalled Vivaldi and did a new clean install. That got rid of the alerts in Windows Security. I am adding the extensions back in one at a time.
-
-
-
-