> Can a more enlightened head explain why this seems to only happen on the
> KPLC site?
>
Possibly KPLC is cross scripting venerable and the user seeing the infection have an old /misconfugured browser that can expose them when they hit a site like KPLC?

Just a wild guess, will check it once by computer if I have a chance today
> Tony.
Muriithi
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.my.co.ke/pipermail/skunkworks/attachments/20130910/4bdc61b1/attachment.htm>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: KPLC - Career Page.png
> Type: image/png
> Size: 61333 bytes
> Desc: not available
> URL: <http://lists.my.co.ke/pipermail/skunkworks/attachments/20130910/4bdc61b1/attachment.png>
>
> ------------------------------
>
> _______________________________________________
> skunkworks mailing list
> skunkworks@lists.my.co.ke
> http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> ------------
> Skunkworks Server donations spreadsheet
> http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1fbjAwOUE&hl=en
> ------------
> Skunkworks Rules
> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> ------------
> Other services @ http://my.co.ke
>
> End of skunkworks Digest, Vol 43, Issue 65
> ******************************************