Jim Popovitch said: > > The javascript will run on any box, linux included. What it does > (install .exe, etc.) is only unique to MS Windows. It does this by > downloading this file: > h--p://69.50.177.102/x155/ind.php > which then proceeds to download this file: > h--p://69.50.177.102/x155/count5.htm > which then proceeds to download this file: > h--p://81.222.131.59/dl/adv737.php > > To me, the original javascript IS a virus and SHOULD be reported by > clam(d)scan. > > -Jim P.
If this is the case then adding the script to any content filter you run should be a minimum step while you're waiting for a Clamav solution. dp _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
