cancel
Showing results for 
Search instead for 
Did you mean: 
svt
Level 7
Report Inappropriate Content
Message 1 of 8

Heuristic.BehavesLike.JS.Suspicious - how to detect source

Users are getting Heuristic.BehavesLike.JS.Suspicious warning from McAfee when browsing our website. I'm sure this is not virus on server, but we use lot of tracking scripts inside our website (like tracking clicks).

How to detect, what script is causing this Malware warning?

Is there way to add website to white list, so users do not receive warnings?

7 Replies
exbrit
Level 21
Report Inappropriate Content
Message 2 of 8

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

Website URL?

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

Hi, today our website (server) has the same problem - Our Users(visitors)  getting warning malware - Heuristic.BehavesLike.JS.Suspicious.A  on our website   http://www.sitelement.sk or our subdomain http://ad.sitelement.sk  - we are biggest media representative in Slovak republic. So can you solve it out because we are not aware any security problem on our servers.

Thank you

F.Hecko


Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

Hi

We request to please capture and send us the sample, steps provided in below KB Article

https://kc.mcafee.com/corporate/index?page=content&id=KB62662

Let us know the Analysis ID you recieve, so that we can further check the file and whitelist it

Regards

Neha C

McAfee SME

svt
Level 7
Report Inappropriate Content
Message 5 of 8

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

www.snaptotes.com

exbrit
Level 21
Report Inappropriate Content
Message 6 of 8

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

For me no problems at all in Firefox 4 but I got this in IE9: 'We currently do not support IE 9.  Please use another browser or call us at 866-707-3186 if you need help with this issue."

Siteadvisor says your site is OK but WOT has no opinion yet.

Haven't tried other browser security apps.

Perhaps these people are using out of date machines?

Sorry I'm not an expert in Corporate applications so hopefully someone will spot this and contribute.

Meanwhile perhaps I should move this to the section where most of the SiteAdvisor Enterprise questions reside, what do you think?

That would be here: https://community.mcafee.com/community/business/other


Message was edited by: Ex_Brit on 20/04/11 7:19:53 EDT AM
svt
Level 7
Report Inappropriate Content
Message 7 of 8

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

Ex_Brit, thanks for your reply!

Yes, we do not support IE9 because of some 3rd party tools, that have not released patches for IE 9 yet, and therefore some pages are not working correctly.

As for virus warnings, here is full complaint from user:

I would like to let you know that our current web filter from McAfee (MXLogic) is blocking the website www.snaptotes.com with a Malware warning:Heuristic.BehavesLike.JS.Suspicious.APlease let you website host know this, I will inform McAfee of this issue and see if it is something they can fix.


exbrit
Level 21
Report Inappropriate Content
Message 8 of 8

Re: Heuristic.BehavesLike.JS.Suspicious - how to detect source

OK then I can't help with that as I don't have MXLogic.  They should be perhaps querying their support as to why it's happening, maybe a false positive.

I got no warnings whatsoever here, but I'm not in an Enterprise environment.