Our Clamav scan just reported this signature to be forund in one of my syslogarchives.

Html.Trojan.Exploit-112 FOUND

My best guess is that it is false-positive, as  this filesystem is totally isolated from any interactive user access.

But where can i find the details behind this alert ?

Google has no match on this.

 
---------------------------------------------------------------------------------------------------------------
Henrik Høg Thomsen
Senior IT Specialist - IBM - IPG
IBM Danmark ApS
Prøvensvej 1
2605 Brøndby
CVR nr.: 65305216
tlf +45 51638561 mail hht@dk.ibm.com

Medmindre andet er angivet ovenfor: / Unless Otherwise Stated Above:
IBM Danmark ApS
Prøvensvej 1
2605 Brøndby, Danmark
CVR nr.: 65305216