On Tue, 2005-05-31 at 09:28 -0700, Dennis Peterson wrote: > Jim Popovitch said: > > > > > The javascript will run on any box, linux included. What it does > > (install .exe, etc.) is only unique to MS Windows. It does this by > > downloading this file: > > h--p://69.50.177.102/x155/ind.php > > which then proceeds to download this file: > > h--p://69.50.177.102/x155/count5.htm > > which then proceeds to download this file: > > h--p://81.222.131.59/dl/adv737.php > > > > To me, the original javascript IS a virus and SHOULD be reported by > > clam(d)scan. > > > > -Jim P. > > If this is the case then adding the script to any content filter you run > should be a minimum step while you're waiting for a Clamav solution.
<argh>! That is not the reason I am posting to clamav. If I wanted to block it myself, I would have (and have) long ago. The reason for the post is to A) Alert others B) find out if others think this is something that clamav guru's should be paying attention to. I can solve the problem on my own, I just thought that this was something clamav should be doing for the masses. I'll shutup now since it is all too apparent that ppl think I came here to get individual assistance in solving a problem rather than to identify a potential oversight in clamav. -Jim P. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
