Thanks for the response. All I know is I keep getting them, and they
are definitely unwanted. Here are a couple examples (I've renamed them):
http://sites.extremehosting.ca/temp/
On 2016-03-14 11:52 PM, Al Varnell wrote:
I don’t have any answers, but you have raised my curiosity level.
What exactly is the threat from these javascript files you are
finding? In checking the over four million virus signatures provided
in the official ClamAV database, I see there are only 440 labeled as
“.js” based and 94% of those are in the main.cvd which means they are
old. Of the 28 in daily.cvd, 22 are labeled as PUA (potentially
unwanted applications) which normally indicate low/no threat. I’d
have to conclude that either there have not been sufficient js file
samples submitted which turn out to be threats or they are somehow
low priority to the signature writers here.
Perhaps I’m just out-of-touch since I deal almost exclusively with
Apple Mac threats, but as far as I know there are no e-mail
javascript threats to OS X or it’s applications and about the worst
we see via web browsers are fake ransomeware and tech-support
pop-ups.
-Al-
On Mon, Mar 14, 2016 at 08:03 PM, Scott Galambos wrote:
I've upgraded to the latest Clamav 0.99.1 on Linux/Sendmail and it
still is not catching all these ZIP files with .js files inside
them. Is clamav suppose to stop these?
I constantly get these messages with .ZIP attachments that I would
think clamav should stop. Am I expecting too much? missing
something?=
_______________________________________________ Help us build a
comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#mlT
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
