cancel
Showing results for 
Search instead for 
Did you mean: 

Malware Detected ?! No Problem

Anyone else get Malware error trying to get into this site?

http://www.secourisme.info

First page loads, but once I click on the flag I get the Malware Detected message.

URL: http://www.secourisme.info

Media Type: text/html

Virus Name: MGW: Heuristic.BehavesLike.JS.CodeUnfolding.C

Thank

0 Kudos
1 Reply
asabban
Level 17

Re: Malware Detected ?! No Problem

Hello,

I can replicate the issue. The problem is the Javascript that is used to hide the eMail address from being caught by bots or spammers. The script uses "String.fromCharCode" to generate the eMail address from - more or less - garbage data, and prints the result on the web site.

This is a similar technology that is used to inject malware into websites. Since MWG (at the moment) cannot execute javascript it is not possible for it to see that the response is a (harmless) eMail address. For MWG this is a code fragment that - once executed - turns into different code. It could be an eMail address or a malicious bit of code.

Therefore this bit of javascript is detected by the heuristics, if configured so.

I have several recommendations to mitigate this:

1 - Reconfigure the MWG to be less restrictive on heuristics (not preferred)

2 - If only this specific page needs to work, add a whitelist entry

Since from your username it may be possible that you run the web site I would recommend to remove the code fragment. Instead of building the eMail address from javascript you could offer your visitors a form to contact you via eMail.

I hope this helps.

Best,

Andre

0 Kudos