At 11:11 AM +0200 6/3/09, Andre Hübner wrote:
Hello, last weeks some of my users are local hacked and ftp upload was abused.In .html Files some javascripts were added. i do not really know what it does but my local scanner (avg) is alerting and this case was also reported from external users. I use clamav and some sanesecurity-signatures but this javascripts are not included. Is there a special DB for clamav which i can use to stop this javascripts? Or ist it possible to upload samples? I already did some signatures on my own (directmailer etc) but i would prefer professional sig-makers.
Andre,I'll take a look. I am sure Steve would like to also. Why don't you zip/gzip up the html and post a url for us to access.
Tom