My Symantec Endpoint protection is occasionally showing that it blocks a JSCoinminer Download 8 script that seems to run when on random TexAg pages.

This is the details. I know it is on Texags because it happens even when I only have Texags open. And it happens on more than one computer.

Quote:

---

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
12/4/2017 12:00:30 PM,High,An intrusion attempt by www.ronpaul.com was blocked.,Blocked,No Action Required,Web Attack: JSCoinminer Download 8,No Action Required,No Action Required,"www.ronpaul.com (2400:cb00:2048:1::6818:7255, 80)",www.ronpaul.com/images/ron-paul-ronald-reagan.jpg,****edited out personal computer ID*** ",www.ronpaul.com (2400:cb00:2048:1::6818:7255),"TCP, www-http"
Network traffic from <b>www.ronpaul.com/images/ron-paul-ronald-reagan.jpg</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.

---

I've been getting the same/similar Symantec notification the past couple days. Usually says something like "JScoinminer download 6 detected". Came here to ask about it and saw your post. I haven't 100% confirmed it's TexAgs, but does seem to only occur when I've had TexAgs open. I'll be paying closer attention to see if I isolate it to TexAgs.

Anyone else having this issue? Can TexAgs confirm it's an issue with ads? Wanting to make sure my computer hasn't actually been infected with a virus.