cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 8
Report Inappropriate Content
Message 1 of 12

Repeatedly receiving alert

Event description: JavaScript or VBScript security violation detected and blocked

Threat type: Trojan

Threat name: JS/Miner.ay

 Received on ePO server: 10/31/18 13:21:09 UTC

 Target file name(s):

Script executed by scrcons.exe

IP address: 10.192.XXXXX

 This message has been created by ePO server XXXXXXXXX

 

 

I have scanned the machine still receiving these alerts, please help to fix the issue.

Labels (2)
Tags (2)
11 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 12

Re: Repeatedly receiving alert

Hi Ammit,

As a general rule if you are receiving alerts about Malware or any other matter of worth, it is true to say the condition/Malware is still active and needs attention.

I'd suggest a review of the scanner (VSE or ENS) configuration & logs to see if the named device is activity detecting/reporting the matter and action as needed with the help of the ENS/VSE team.

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Level 8
Report Inappropriate Content
Message 3 of 12

Re: Repeatedly receiving alert

Please guide with the steps, i have updated VSE, DAT, agent.

Scanner the machine, still no go.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 12

Re: Repeatedly receiving alert

Hi Ammit,

I'd suggest you call the VSE/ENS support team to speak with one of the enginers so thay can work with you and that point product.

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Level 8
Report Inappropriate Content
Message 5 of 12

Re: Repeatedly receiving alert

How can i contact the ENS team, I have the console access i am managing ePO.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 12

Re: Repeatedly receiving alert

Hi @Ammit

Those events indicate that  you are seeing a JS/Miner Malware. JS/Miner is a malware family that utilizes JavaScript (JS) either in a browser or via a standalone process (wscript.exe/cscript.exe) to mine crypto-currencies on a target user’s endpoint system. They are normally embedded within websites.

Please review the following threat advisory on this topic - it provides you with some further information on the detection and also mitigation steps: 

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/27000/PD27447/en_US/...

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Level 8
Report Inappropriate Content
Message 7 of 12

Re: Repeatedly receiving alert

How can i fix this issue with the help of ePO console or by accessing the machine.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 12

Re: Repeatedly receiving alert

Please see my response from earlier, this should help.
Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Level 8
Report Inappropriate Content
Message 9 of 12

Re: Repeatedly receiving alert

I am from the ENS team, i have the access to console, please help with the steps which i need to perform to fix this issue, its a big pain for recving alerts every now and then.

Re: Repeatedly receiving alert

Hi Ammit,

You may refer the KB article KB81095 and create access protection user defined rules, as this is a java script which can be embedded in most of the websites where is the endusers are not aware. The Access Protection user defined rules could be of much help in your scenario.

 

Venu
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community