> A: Sounds like the same "take over" virus that has hit a LOT of Unix based > website servers over the past few months. EXPL_DHTML.gen is it's name and it > downloads itself to steal passwords and credit card numbers. I found no less > than 25 attempted drops of this peckerwood in my XP machine from people my > wife gets email from. (it actually hides in the HTML of an email and isn't > an attachment) I finally tracked it down to www.smartbargains(1).com cookies > in all their machines. EXPL_DHTML is not a virus, it's a trojan horse. It does not spread through email like virii that infect Windoze boxes, and if it did, it wouldn't affect Unix web servers. That's not how Unix works. The EXPL_DHTML.A proof-of-concept had to be installed intensionally by the admin of a malicious web site. The EXPL_DHTML.gen has never been seen in the wild, and checks for it have produced a LOT of false positives, according to Trend Micro. TM has since removed this definition from their dictionary because it was causing too many problems. Your wife should update her virus definitions. And yes, the server misconfiguration has become very annoying. ObAMCContent: Like Greg, I also want to install the TFI upgrade soon on my '77 Wag's 401. I'm only getting about 7.5 mpg lately. It needs attention. I'm glad it's not my daily driver. -- Obi-Wan '95.5 YJ, '77 Wag, '78 Wag, '87 GW -- Ben "Obi-Wan" Hollingsworth obiwan@xxxxxxxx The stuff of earth competes for the allegiance I owe only to the Giver of all good things, so if I stand, let me stand on the promise that You will pull me through. -- Rich Mullins