HI, the ClamAV does'n recognize virus Exploit-IEPageSpoof on following sites: http://adserver.adreactor.com/servlet/view/window/javascript/zone?zid=23&pid=36&random=41414985&millis=1162382393328 or http://adserver.adreactor.com/servlet/view/banner/javascript/zone?zid=9&pid=36&random=88260877&millis=1162382394740 This is message from /etc/messages: Nov 1 12:59:53 otms100 SquidClamAV: Url: http://adserver.adreactor.com/servlet/view/window/javascript/zone?zid=23&pid=36&random=41414985&millis=1162382393328 Status OKAY Nov 1 12:59:55 otms100 SquidClamAV: Url: http://adserver.adreactor.com/servlet/view/banner/javascript/zone?zid=9&pid=36&random=88260877&millis=1162382394740 Status OKAY My SquidClamAV_Redirector.conf: [SquidClamAV] virusurl = http://virus.jackal-net.at/infected.php Timeout = 30 cleancache = 300 ForceProtocol = http MaxRedirection = 99 MaxRequestsize = 10Mb log_priority = LOG_INFO log_facility = LOG_LOCAL6 acceptredirects = 300 301 302 303 MIMETypes = all image/bmp image/gif image/jpeg image/png image/tiff text/html text/plain text/css ThirdPartyRedirectors = /usr/sbin/squidGuard [Debug] Infected = true Clean = true Error = true Ignored = true [Extensions] pattern = all .jpg .exe .zip .rar .ar .com .bzip .gz [Proxy] http = http://localhost:3128 https = https://localhost:3128 McAfee on Win succefully blocked this Trojan. Can anybody help me? Marek
