[clamav-users] Detection in windows but not Linux
Steve Basford
steveb_clamav at sanesecurity.com
Sun Dec 13 11:12:16 UTC 2015
On Sun, December 13, 2015 2:25 am, Kurt Fitzner wrote:
>
> The file is definitely malware - it was injected through a WordPress
> vulnerability. I have a virus scan that runs hourly on my wordpress folder
> just for that reason, but this one slipped through the cracks. I want to
> find out what support is missing so it can be reported to the Debian
> ClamAv package maintainers.
Hi Kurt,
It does look like an old signature and is located in main.ndb, so
not easily corrected.
Hopefully a modified version can be added to daily.ndb.
In the mean time, here's a version to test...
http://pastebin.com/cYw39kdp
Just copy to test.ndb and re-scan....
Cheers,
Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
More information about the clamav-users
mailing list