Add this to hosts file

[samvicky26]

miner.cryptobara.com , found it when opening firefox dev edition with some extensions, avast always popup with this message saying it blocked js-miner(trj) on miner.cryptobara.com, even on default page. Tried to find which extension is secretly mining,unfortunately unable to find. Switched to chrome.

[smed79]

when opening firefox dev edition with some extensions

@vigneshsam Do you have some examples?

@hoshsadiq find http://miner.cryptobara.com/client/deepMiner.js here http://biciklo.xyz/

/deepMiner.js
||cryptobara.com^$third-party

0.0.0.0 miner.cryptobara.com

[ZeroDot1]

Don't forget:

http://digger.cryptobara.com/client/deepMiner.js
http://digger.cryptobara.com/client/worker.js
LIB_URL: "http://digger.cryptobara.com/client/lib/",
WEBSOCKET_SHARDS: [["ws://digger.cryptobara.com:7777/"]],
CAPTCHA_URL: "http://digger.cryptobara.com/client/captcha/",
MINER_URL: "http://digger.cryptobara.com/client/media/miner.html"

https://github.com/ZeroDot1/CoinBlockerLists/commit/bc7bc5b809119a0765dded606136f8523476ee08

[Asciicodeplus]

I found this pop up hiding minimized and my cpu at 100%:

http://www.reservedoffers.club/s/?utm_source=admaven&utm_campaign=admaven-v2-shopping-topgeos-d-windowsMacosx_top-popunder-WL&utm_medium=64582&utm_content=salefiles.com&utm_term=676105&cpv=0.00046

seems to be calling a script to mine ethereum for the host of the add, in this case salefiles.com, an online file storage

[smed79]

I found this pop up

@Asciicodeplus which is the website that open this popup?

[Asciicodeplus]

@smed79

http://salefiles.com/

When someone shares a file stored there when you click "download" it will pop up that

[hoshsadiq]

Added both. Thanks @mapx-
@Asciicodeplus if you can, in the future, open new tickets for new filters :)